Poprpsím o preventívku

Zpráva

PureHate44 · #31 Příspěvek od **PureHate44** » 04 dub 2018 16:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Peter (administrator) on PETER-PC (04-04-2018 17:01:28)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Total Commander\TOTALCMD64.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4201464 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-02] (Spotify Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6267384 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [uTorrent] => C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2151864 2018-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198A64C8-8290-44FF-AFFC-CC0451C43693}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: o6yasy6y.default-1506712320144
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144 [2018-04-04]
FF Extension: (Adblock Plus) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-30]
FF Extension: (OkayFreedom) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\features\{2e08a3b0-d6ed-4c15-a0d5-6496e5d67df3}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2018-04-01]
CHR Extension: (Dokumenty) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-31]
CHR Extension: (Disk Google) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-31]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-31]
CHR Extension: (Tabuľky) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-31]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8521384 2018-03-24] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-11-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4854464 2016-12-12] (Disc Soft Ltd)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [358408 2018-01-29] (Steganos Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [73200 2015-03-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [70384 2017-03-27] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-12-03] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-22] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-01-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-01-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-08] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-26] (REALiX(tm))
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2016-11-26] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-12-14] (Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [131856 2017-10-05] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [144656 2017-10-05] (BigNox Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2017-06-10] (MBB)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-05] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 12:31 - 2018-04-04 12:31 - 000002952 _____ C:\Windows\System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F}
2018-04-04 12:30 - 2018-04-04 12:30 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup(1).exe
2018-04-04 12:21 - 2018-04-04 12:21 - 000000162 ____H C:\Users\Peter\Downloads\~$votopis-Peter-Preták.odt
2018-04-04 12:21 - 2018-04-04 12:21 - 000000000 ____D C:\Users\Peter\Downloads\FontCache
2018-04-02 10:47 - 2018-04-02 10:47 - 000004622 _____ C:\Users\Peter\Downloads\purehate.m3u
2018-04-01 20:26 - 2018-04-01 20:26 - 000000000 ____D C:\Windows\SysWOW64\FontCache
2018-04-01 20:24 - 2018-04-01 20:24 - 000353997 _____ C:\Users\Peter\Downloads\HomeTicket.pdf
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\Desktop\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000000000 ____D C:\Users\Peter\AppData\Roaming\uTorrent
2018-03-31 08:50 - 2018-03-31 09:29 - 000000000 ____D C:\Users\Peter\Downloads\GoogleChromePortable
2018-03-30 22:33 - 2018-03-30 22:34 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf.exe
2018-03-30 22:32 - 2018-03-30 22:32 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup.exe
2018-03-30 17:36 - 2018-03-28 10:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-30 17:36 - 2018-03-28 10:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-30 17:36 - 2018-03-28 10:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-30 17:36 - 2018-03-09 05:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-30 17:36 - 2018-03-09 05:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-30 17:36 - 2018-03-09 05:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-30 17:36 - 2018-03-09 05:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-30 17:36 - 2018-03-09 05:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-30 17:36 - 2018-03-09 05:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-30 17:36 - 2018-03-09 04:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-30 17:36 - 2018-03-09 04:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-30 17:36 - 2018-03-09 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-30 17:36 - 2018-03-09 04:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-30 17:36 - 2018-03-09 04:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-30 17:36 - 2018-03-09 04:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-30 17:36 - 2018-03-09 04:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-30 17:36 - 2018-03-09 04:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-30 17:36 - 2018-03-09 04:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-30 17:36 - 2018-03-09 04:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-30 17:36 - 2018-03-09 04:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-30 17:36 - 2018-03-09 04:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-30 17:36 - 2018-03-09 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-30 17:36 - 2018-03-09 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-30 17:36 - 2018-03-09 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:36 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-30 12:55 - 2018-03-30 12:55 - 001140252 _____ C:\Users\Peter\Downloads\netflix.rar
2018-03-30 12:53 - 2018-03-30 12:53 - 001905624 _____ C:\Users\Peter\Downloads\delphi_all_keygen_2010_-_2017_1_a1c-412___.exe
2018-03-30 11:50 - 2018-04-04 12:21 - 000000000 ____D C:\officeclient.microsoft.com
2018-03-30 11:39 - 2018-03-31 09:21 - 000000000 ____D C:\Users\Peter\Downloads\uTorrentPortable
2018-03-30 11:38 - 2018-03-30 11:38 - 002989616 _____ (PortableApps.com) C:\Users\Peter\Downloads\uTorrentPortable_3.5.3.44358_online.paf.exe
2018-03-30 11:10 - 2018-03-30 11:10 - 000000000 ____D C:\Users\Peter\Downloads\cc6466
2018-03-30 11:04 - 2018-03-30 11:09 - 038110382 _____ C:\Users\Peter\Downloads\cc6466.rar
2018-03-30 09:29 - 2018-02-01 13:21 - 000000000 ____D C:\Users\Peter\Downloads\Frontalkraft & Blitzkrieg & Confident of Victory - Wir stehen fest! (2018)
2018-03-30 09:25 - 2018-03-30 09:27 - 167593813 _____ C:\Users\Peter\Downloads\F-B-CoV-Wsf(320).rar
2018-03-29 17:52 - 2018-03-29 17:52 - 000076623 _____ C:\Users\Peter\Desktop\sfcdetails.txt
2018-03-25 20:28 - 2018-03-25 20:28 - 001129816 _____ (Google Inc.) C:\Users\Peter\Desktop\ChromeSetup.exe
2018-03-25 16:50 - 2018-03-25 16:57 - 808669525 _____ C:\Users\Peter\Downloads\Gotham.S04E14.720p.HDTV.x264-KILLERS.mkv
2018-03-24 19:43 - 2018-03-24 19:43 - 003114288 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\uTorrent (1).exe
2018-03-24 19:35 - 2018-04-01 19:15 - 000009137 _____ C:\Users\Peter\Desktop\Fixlog.txt
2018-03-23 18:45 - 2018-03-23 18:45 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-03-23 18:41 - 2018-03-23 18:41 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Downloads\adwcleaner_7.0.8.0 (1).exe
2018-03-23 18:41 - 2018-03-23 18:41 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-03-23 14:23 - 2018-03-23 14:23 - 000000000 __SHD C:\found.000
2018-03-18 14:45 - 2018-03-18 14:45 - 000383395 _____ C:\Users\Peter\Downloads\TY_KURVA_TY_KURVA_VYJEBANÁ.mp4
2018-03-18 14:16 - 2018-03-18 14:23 - 1587711659 _____ C:\Users\Peter\Downloads\03---Super-11.3.-2018.mp4
2018-03-18 13:42 - 2018-03-18 13:46 - 000009392 _____ C:\Users\Peter\Downloads\Fullwolf6unsensoredHQ.7z.004
2018-03-17 10:35 - 2017-06-21 11:18 - 000000000 ____D C:\Users\Peter\Downloads\Ibude Gold Love Lyon
2018-03-17 10:34 - 2018-03-17 10:35 - 117470601 _____ C:\Users\Peter\Downloads\zaloha_28.1_reall.rar
2018-03-17 10:26 - 2018-03-17 10:26 - 000004528 _____ C:\Users\Peter\Downloads\[CzT]RarmaRadio_Pro_v_2_71_9_CZ_SK_.torrent
2018-03-17 09:36 - 2018-03-17 09:36 - 000007270 _____ C:\Users\Peter\Desktop\Addition.zip
2018-03-17 09:32 - 2018-03-31 08:28 - 000028210 _____ C:\Users\Peter\Desktop\Addition.txt
2018-03-17 09:31 - 2018-04-04 17:03 - 000011969 _____ C:\Users\Peter\Desktop\FRST.txt
2018-03-16 21:03 - 2018-03-16 21:03 - 002364880 _____ C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_Driver_Booster_5_PRO_hub.exe
2018-03-16 21:01 - 2018-03-16 21:02 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Downloads\adwcleaner_7.0.8.0.exe
2018-03-14 20:36 - 2018-02-13 20:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 20:36 - 2018-02-13 20:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 20:36 - 2018-02-13 16:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-11 21:20 - 2018-03-11 21:26 - 1290103944 _____ C:\Users\Peter\Downloads\DCs.Legends.of.Tomorrow.S03E12.720p.HDTV.x264-AVS.mkv
2018-03-11 21:09 - 2018-03-11 21:09 - 001026464 _____ C:\Users\Peter\Downloads\IST_2000R_ukázka (1).pdf
2018-03-11 20:51 - 2018-03-11 20:51 - 001026464 _____ C:\Users\Peter\Downloads\IST_2000R_ukázka.pdf
2018-03-11 14:04 - 2018-03-11 14:18 - 000000000 ____D C:\Users\Peter\Downloads\Odpovede
2018-03-11 13:59 - 2018-03-11 13:59 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Zoner
2018-03-11 13:59 - 2018-03-11 13:59 - 000000000 ____D C:\Users\Peter\AppData\Local\Zoner
2018-03-11 13:58 - 2018-03-11 14:01 - 000002139 _____ C:\Users\Peter\Desktop\Zoner Photo Studio X.lnk
2018-03-11 13:58 - 2018-03-11 13:58 - 000002006 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-03-11 13:58 - 2018-03-11 13:58 - 000000000 ____D C:\Program Files\Zoner
2018-03-11 13:57 - 2018-02-28 15:55 - 000000000 ____D C:\Users\Peter\Downloads\Zoner Photo Studio X v19.1802.2.51 SK
2018-03-11 13:56 - 2018-03-11 13:57 - 087449662 _____ C:\Users\Peter\Downloads\kapitola236.rar
2018-03-11 13:18 - 2018-03-11 13:19 - 003114288 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\uTorrent.exe
2018-03-11 12:28 - 2018-03-11 12:28 - 008379024 _____ (McAfee, Inc.) C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_McAfee_Internet_Security_2017.exe
2018-03-11 12:27 - 2018-03-11 12:27 - 002384424 _____ C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_McAfee_Internet_Security_2017_hub.exe
2018-03-11 12:27 - 2018-03-11 12:27 - 000000000 ____D C:\SharewareOnSale Notifier
2018-03-11 11:31 - 2018-03-11 11:31 - 000000000 ____D C:\rsit
2018-03-11 11:30 - 2018-03-11 11:30 - 001222144 _____ C:\Users\Peter\Downloads\RSITx64.exe
2018-03-11 11:29 - 2018-03-11 11:29 - 000016743 _____ C:\Users\Peter\Downloads\[CzT]Spotify_Music_v_5_9_0_732_2016_EN_Android_.torrent
2018-03-11 11:26 - 2018-03-11 11:26 - 003062024 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\BitTorrent.exe
2018-03-10 14:25 - 2018-03-10 14:25 - 000000000 ____D C:\Users\Peter\Downloads\Psychotesty - k prijatiu do polície
2018-03-10 12:49 - 2018-03-10 13:03 - 1579989426 _____ C:\Users\Peter\Downloads\01x01.rar
2018-03-10 12:48 - 2018-03-10 13:01 - 1567360233 _____ C:\Users\Peter\Downloads\02 - Super (4.3. 2018).mp4
2018-03-10 11:32 - 2018-03-10 11:34 - 173457082 _____ C:\Users\Peter\Downloads\ACD.Systems.ACDSee.Photo.Studio.Ultimate.2018.v11.1.1272.x64.Incl.Keymaker-CORE.rar
2018-03-10 11:14 - 2018-03-10 11:14 - 000000000 ____D C:\ProgramData\ACD Systems
2018-03-10 11:07 - 2018-03-10 11:07 - 000000000 ____D C:\Program Files (x86)\ACD Systems
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\ProgramData\Apple
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\Program Files\Bonjour
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-03-10 10:59 - 2018-03-10 10:59 - 000966928 _____ C:\Users\Peter\Downloads\acdsee.exe
2018-03-10 10:17 - 2018-03-10 10:17 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\WINZIP_W3d70
2018-03-10 09:57 - 2018-03-10 09:57 - 000000000 ____D C:\Users\Peter\Downloads\updates
2018-03-10 09:57 - 2018-03-10 09:57 - 000000000 ____D C:\Users\Peter\Downloads\share

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 17:01 - 2017-11-05 09:00 - 000000000 ____D C:\FRST
2018-04-04 12:31 - 2016-11-26 17:20 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2018-04-04 12:31 - 2016-11-26 17:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-04-04 11:56 - 2018-02-17 20:42 - 000000000 ___RD C:\Users\Peter\Documents\Scanned Documents
2018-04-04 11:56 - 2016-11-26 20:50 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-04-04 11:51 - 2018-02-18 10:51 - 000000000 ____D C:\SCANOVANIE
2018-04-04 07:47 - 2017-12-12 14:33 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-04-04 05:02 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-04 05:02 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-02 22:21 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-02 22:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-02 22:16 - 2017-11-30 12:06 - 000000452 _____ C:\Windows\Tasks\Neptune.job
2018-04-02 22:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-02 16:58 - 2018-02-15 18:34 - 000000000 ____D C:\vlc
2018-04-01 07:56 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-31 11:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-03-31 09:27 - 2017-12-20 09:30 - 000117936 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-31 09:26 - 2017-12-20 09:27 - 000457624 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-31 08:52 - 2016-11-26 17:14 - 000000000 ____D C:\Users\Peter\AppData\Local\Google
2018-03-30 22:54 - 2018-02-18 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-03-30 22:54 - 2017-10-22 13:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-29 18:01 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-29 17:27 - 2018-01-05 14:00 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-29 17:03 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-25 20:45 - 2017-03-04 13:21 - 000000096 _____ C:\Users\Peter\Desktop\topovanie.txt
2018-03-25 20:29 - 2018-03-03 09:24 - 000000000 ____D C:\Program Files\CCleaner
2018-03-25 16:57 - 2017-02-24 15:14 - 000000000 ____D C:\Users\Peter\Downloads\Subs
2018-03-23 18:45 - 2017-11-05 09:03 - 002403328 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-03-23 18:41 - 2015-03-25 22:30 - 000000000 ____D C:\AdwCleaner
2018-03-18 13:34 - 2017-08-23 16:06 - 000000000 ____D C:\Users\Peter\Downloads\d160
2018-03-18 09:13 - 2016-11-26 17:09 - 000000000 ____D C:\Users\Peter
2018-03-18 09:12 - 2016-11-26 20:31 - 000000000 ____D C:\Users\Peter\AppData\Roaming\GHISLER
2018-03-18 09:11 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-18 09:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2018-03-16 18:19 - 2016-11-30 18:20 - 000000333 _____ C:\Users\Peter\Desktop\mail.txt
2018-03-16 04:22 - 2017-06-11 03:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-16 04:07 - 2016-11-26 17:30 - 000000000 ____D C:\Windows\system32\MRT
2018-03-16 04:02 - 2017-10-12 03:09 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-16 04:01 - 2016-11-26 17:30 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-13 04:05 - 2016-11-26 20:21 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-11 11:36 - 2016-11-26 20:51 - 000000000 ____D C:\Users\Peter\AppData\Local\Facebook
2018-03-11 11:23 - 2018-01-15 09:25 - 000000000 ____D C:\Program Files\Total Uninstall 6
2018-03-10 11:13 - 2017-08-23 15:44 - 000000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2018-03-10 10:28 - 2018-03-03 20:09 - 000000000 ____D C:\Users\Peter\AppData\Local\WinZip

==================== Files in the root of some directories =======

2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Peter\AppData\Roaming\MafiaSetup.exe
2016-11-26 17:41 - 2017-02-21 18:38 - 014438400 _____ () C:\Users\Peter\AppData\Roaming\Sandra.mdb
2017-01-14 18:58 - 2017-01-20 17:37 - 000007597 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-19 17:47 - 2017-01-19 17:47 - 000000424 _____ () C:\Users\Peter\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-29 17:46

==================== End of FRST.txt ============================

PureHate44 · #32 Příspěvek od **PureHate44** » 04 dub 2018 16:05

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Peter (04-04-2018 17:03:35)
Running from C:\Users\Peter\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-26 15:09:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1762337417-2231521048-3039012980-500 - Administrator - Disabled)
Guest (S-1-5-21-1762337417-2231521048-3039012980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1762337417-2231521048-3039012980-1002 - Limited - Enabled)
Peter (S-1-5-21-1762337417-2231521048-3039012980-1000 - Administrator - Enabled) => C:\Users\Peter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
bwin Poker (HKLM-x32\...\bwincomPoker) (Version: - bwincom)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CountDown ShutDown PC (HKLM-x32\...\CountDown ShutDown PC_is1) (Version: - Velkej Chytrák)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.0.0.0540 - Disc Soft Ltd)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 7.0 - Poikosoft)
Charles 4.1.3 (HKLM\...\{81045AC5-B1C4-4B5D-8719-9BEB41167F17}) (Version: 4.1.3.5 - XK72 Ltd)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
InstaTrader (HKLM-x32\...\InstaTrader) (Version: 6.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.3 - Steganos Software GmbH)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SharewareOnSale Notifier (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
SiSoftware Sandra Lite 2015.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.32.2015.3 - SiSoftware)
Spotify (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Total Commander verze 9.12 (HKLM-x32\...\{B12BC641-C553-4138-A829-31B1A642333B}_is1) (Version: 9.12 - ©Ghisler Software GmbH)
Total Uninstall 6.21.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.21.1 - Gavrila Martau)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (01/20/2017 4.3.12) (HKLM\...\5704FF66AFA4D394842933DCC54279C2E177D380) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (01/20/2017 4.3.12) (HKLM\...\35C6212A24F5D9B7942ECD18B0255759779999C2) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24119}) (Version: 22.0.12706 - Corel Corporation)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version: - )
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_SK_is1) (Version: 19.1802.2.51 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll ()
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13BD8189-A171-49FE-9027-8C33F59C029F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {2526F98E-7DEA-4119-8FC1-7E8272BC7DA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {51866950-7186-4069-BA8F-A63C3279F21D} - System32\Tasks\{E30CA91D-AAF5-480F-A381-9FC5B3911889} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nox\bin\Nox_unload.exe" -d "C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Nox"
Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
Task: {95DB87D3-3FAD-45B7-B2F3-002C8DE0E96C} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-12-11] (WinZip)
Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
Task: {AAFE712A-7160-4544-BD91-D76BEEBDDB0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {DE6BD060-8625-4DF0-9C37-8F2B07C03ACE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {E0F94AAF-0B95-444C-A0BC-54A6A4F0404B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {E182B577-489C-40B4-8627-246BAD945241} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {F5C6E9EE-90CE-48E2-A0DE-099EB67E52CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-11-26 17:36 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-01 13:15 - 2017-09-01 13:15 - 000495872 ____N () C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
2018-01-22 11:03 - 2018-01-22 11:03 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-02-18 12:38 - 2018-03-30 22:48 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-04-01 19:14 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk => C:\Windows\pss\Facebook Gameroom.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: OKAYFREEDOM Notifier => "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
MSCONFIG\startupreg: Spotify => "C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{21AF00BC-69E4-46D0-9E2C-7BDCA808AB87}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
FirewallRules: [{49A999C8-E8ED-493A-8569-474C1C02AA67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F3E2D9C-ADDF-4688-BA9C-7498CB62CE88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF242538-1915-4CB0-9CCA-0BE42684B226}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C2B13292-FE11-4D92-8BE6-FC58126E6FE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{91562D1F-4BB8-4DE3-9061-83293C19044B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{65A90583-4A75-4A42-B53E-574948CA365F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C9F0D391-BBD5-4832-819B-8FED00D6A67B}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{62EF1DAB-D355-4394-8692-6C9DE01C8F57}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C536916A-B3E5-478E-9A3B-99FBC19BE9BF}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{E99ACC46-EB4B-4690-AF11-A6D761CE11CB}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [UDP Query User{5F003441-B584-43ED-9AC2-F4CFC62463F4}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [{7C805329-BE04-4FE2-ADBA-FE123F381327}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FD895352-A201-4520-99D3-041E934E9621}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{22D57A7F-28F1-433B-B1B8-20C30E90BED8}] => (Block) LPort=445
FirewallRules: [{287B29C8-F3BB-40DB-A7F1-CE083767A946}] => (Block) LPort=445
FirewallRules: [TCP Query User{9E74E1B7-D2A6-485D-939B-C6BDF5A46CAF}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [UDP Query User{8C4309E6-FF2E-47F3-BF23-EB0C4B101B69}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [TCP Query User{A283D731-EAFB-411F-BEFC-AD2A2B510395}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A48889D6-B34D-4693-B1B3-3CCC50F648E5}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{334F2B70-9981-4709-A053-2CBE9A891BED}] => (Allow) \Nox\bin\Nox.exe
FirewallRules: [{C8EFF610-85D7-48FF-9174-DEF031BEE7EB}] => (Allow) \Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{BFF57A19-B280-410D-B975-C97037BCA189}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B21132F8-8F3E-4BC4-ADEC-9A7249804BA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC3F5B27-B14C-4FF5-8AC0-C7D159430180}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC7FAFBE-7EB6-4B94-8D7B-3BFB5255A88E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6E760AF-CE67-405E-BBC9-46110337E7D1}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50855B08-1183-4AED-951E-018DD6B1D6F1}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8B9BB92-C8D0-4DED-81B5-7C3ADA1DDE27}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E6E9127-557D-4739-B1DC-FE44AC816735}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5C42852C-D506-4AD0-B1AE-42F3DD1E6C9B}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DB88DE23-4E74-4DD7-A823-3D35DDF6F429}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\xchat\xchat.exe] => Enabled:XChat IRC Client

==================== Restore Points =========================

01-04-2018 19:14:08 Restore Point Created by FRST
01-04-2018 19:23:10 Odinštalované pomocou Total Uninstall "Google Update Helper"
01-04-2018 19:24:10 Removed Google Update Helper
03-04-2018 10:50:58 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2018 07:46:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OkayFreedomClient.exe, verzia: 1.8.3.12287, časová značka: 0x5a6f2bfb
Názov chybového modulu: OkayFreedomClient.exe, verzia: 1.8.3.12287, časová značka: 0x5a6f2bfb
Kód výnimky: 0xc0000417
Odstup chyby: 0x003239dd
Identifikácia chybného procesu: 0x9bc
Čas spustenia chybnej aplikácie: 0x01d3cabf8425d55b
Cesta chybnej aplikácie: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
Cesta chybného modulu: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
Identifikácia hlásenia: 96f5af0b-37cb-11e8-9dcc-001e8c60ef64

Error: (04/04/2018 04:51:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x11b8
Čas spustenia chybnej aplikácie: 0x01d3cbbfdebd0b3b
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 1d56050a-37b3-11e8-9dcc-001e8c60ef64

Error: (04/04/2018 04:51:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x14e8
Čas spustenia chybnej aplikácie: 0x01d3cbbfdec91958
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 1d55b6e9-37b3-11e8-9dcc-001e8c60ef64

Error: (04/03/2018 10:46:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x1788
Čas spustenia chybnej aplikácie: 0x01d3cb283e91d23b
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 7d172164-371b-11e8-9dcc-001e8c60ef64

Error: (04/03/2018 10:46:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x12cc
Čas spustenia chybnej aplikácie: 0x01d3cb283b094752
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 7d16fa54-371b-11e8-9dcc-001e8c60ef64

Error: (04/02/2018 10:21:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/02/2018 10:21:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/02/2018 05:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

System errors:
=============
Error: (04/04/2018 08:48:55 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/04/2018 08:48:52 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/02/2018 11:05:24 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (04/02/2018 10:18:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (04/02/2018 10:18:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Error: (04/02/2018 03:32:05 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (04/02/2018 11:25:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (04/02/2018 11:25:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Windows Defender:
===================================
Date: 2018-03-29 17:53:58.309
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{126F799B-869C-440B-9062-942759E2D4AA}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.429
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.427
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.415
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-20 08:33:09.048
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-20 08:33:09.031
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 4095.12 MB
Available physical RAM: 1829.21 MB
Total Virtual: 8188.4 MB
Available Virtual: 3854.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.31 GB) (Free:36.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 08CB08CB)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

PureHate44 · #33 Příspěvek od **PureHate44** » 04 dub 2018 16:38

Akurát sa mi podarilo naištalovať portable verziu google chrome
ale tvári sa takto:

Obrázek

#34 Příspěvek od **Conder** » 06 dub 2018 22:28

Problemy s Chrome stale pretrvavaju? Ostatne programy a prehliadace (Firefox) funguju?

Ak Chrome stale nejde, postupuj takto.

V ovladacom paneli -> odinstalovat program skontroluj, ci sa tam nenachadza Chrome, pripadne iny suvisiaci program od Google; ak ano, odinstaluj ich.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe

C:\Program Files\Google
C:\Program Files (x86)\Google
C:\Users\Peter\AppData\Local\Google

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Po restartovani precisti PC cez CCleaner, vratane registrov.

Vyskusaj nainstalovat Chrome z tohoto odkazu: https://www.google.com/intl/en/chrome/b ... andalone=1

PureHate44 · #35 Příspěvek od **PureHate44** » 07 dub 2018 08:42

Tento krát pre zmenu my tam naskočilo pri inštalícií G.Ch. toto:

Obrázek

Ukazolo sa to bna 3 sekundy a potom zmizlo.. Samozrejme ani inštalačku nespusti...
Mozila, ide bez problémov

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Peter (07-04-2018 09:29:24) Run:6
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe

C:\Program Files\Google
C:\Program Files (x86)\Google
C:\Users\Peter\AppData\Local\Google

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SharewareOnSale Notifier" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66BFD9E7-B83C-4976-B2DA-4EBB7321013C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66BFD9E7-B83C-4976-B2DA-4EBB7321013C}" => removed successfully
C:\Windows\System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C}" => removed successfully
C:\Windows\System32\Tasks\Neptune => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Neptune" => removed successfully
C:\Windows\Tasks\Neptune.job => moved successfully
"C:\Program Files\Google" => not found
C:\Program Files (x86)\Google => moved successfully
C:\Users\Peter\AppData\Local\Google => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9453960 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 21700252 B
Edge => 0 B
Chrome => 0 B
Firefox => 381025155 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1584 B
Peter => 158260757 B

RecycleBin => 420544421 B
EmptyTemp: => 953.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 09:30:14 ====

#36 Příspěvek od **Conder** » 07 dub 2018 15:30

Tie aktualizacie cez Windows Update si uz nainstaloval?

Skus tam spustit este tento fixlist:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

C:\Program Files\Google
C:\Program Files (x86)\Google
C:\Users\Peter\AppData\Local\Google
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Google
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Google
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google

Hosts:
EmptyTemp:
End

PureHate44 · #37 Příspěvek od **PureHate44** » 08 dub 2018 13:48

Systém je zaktualizovaný, fixlist nepomohol.
Riešenie skúsim nájsť niekde inde

Inak PC už je čistý ?

#38 Příspěvek od **Conder** » 08 dub 2018 14:09

Vyzera to ciste, kazdopadne odporuucil by som urobit preistotu este uplny sken v MBAM.

Urob v MBAM uplny sken

Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
Ignoruj skusobnu trial verziu
Otvor MBAM a vlavo klikni na "Skenovat"
Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
Klikni na Skenovat teraz a pockaj na dokoncenie
Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
Obsah tohto suboru sem skopiruj
Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868

PureHate44 · #39 Příspěvek od **PureHate44** » 09 dub 2018 02:44

Zaujímavé... NEchal som označiť aj rootkity a v logu sú zakazané.
Zatiaľ som nič nemazal

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 09.04.18
Čas skenovania: 2:58
Súbor denníka: 0c806426-3b91-11e8-aab5-001e8c60ef64.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.4.5.2467
Verzia súčastí: 1.0.342
Aktualizovať verziu balíka: 1.0.4662
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: System

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Plánovač
Výsledok: Dokončené
Preskenované objekty: 235340
Zistené hrozby: 32
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 6 min, 11 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 3
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall, Bez zásahu používateľa, [4602], [396335],1.0.4662

Súbor: 29
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE\DLLSUITE.INI, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71u.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcr71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dgl.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dum.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLibJava.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmhgfs.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vsocklib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71u.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\msvcr71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dgl.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dum.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLibJava.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmhgfs.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vsocklib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall\InnoCallback.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42751,7110374074.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42788,5345377083.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42789,5794298264.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42993,3638671296.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
Generic.Malware/Suspicious, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP, Bez zásahu používateľa, [0], [392686],1.0.4662
HackTool.HotKeysHook, C:\USERS\PETER\DESKTOP\MAFIA.EXE, Bez zásahu používateľa, [14344], [279589],1.0.4662
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8210], [393793],1.0.4662
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8210], [393793],1.0.4662
Adware.LoadMoney, C:\USERS\PETER\DOWNLOADS\DELPHI_ALL_KEYGEN_2010_-_2017_1_A1C-412___.EXE, Bez zásahu používateľa, [391], [505238],1.0.4662

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

(end)

#40 Příspěvek od **Conder** » 09 dub 2018 13:47

Toto je log iba z rychleho Threat Scan ("Vyhľadávanie hrozieb"), urobil si uplny sken tak ako som pisal?

Program DLL Suite neodporucam velmi pouzivat.

PureHate44 · #41 Příspěvek od **PureHate44** » 15 dub 2018 17:57

Teraz by to už malo byť správne

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 14.04.18
Čas skenovania: 13:12
Súbor denníka: c8af7d66-3fd4-11e8-a8da-001e8c60ef64.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.4.5.2467
Verzia súčastí: 1.0.342
Aktualizovať verziu balíka: 1.0.4732
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Peter-PC\Peter

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 478459
Zistené hrozby: 142
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 27 h, 14 min, 45 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 7
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE, Bez zásahu používateľa, [4616], [396335],1.0.4732

Súbor: 135
Adware.Elex, C:\ADWCLEANER\QUARANTINE\FILES\KAWSSFOICVICSZWUVBLWIYBVSUPVPTIG\WINSAP_UPDATE\UVCSETUP.MSI, Bez zásahu používateľa, [685], [435872],1.0.4732
Adware.Elex, C:\ADWCLEANER\QUARANTINE\FILES\KAWSSFOICVICSZWUVBLWIYBVSUPVPTIG\WINSAP_UPDATE\REGKEY.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
FraudTool.YAC, C:\ADWCLEANER\QUARANTINE\FILES\ORRCNFEQBBSWHWPDAFXSSWHQSMSKLZUC.BACK, Bez zásahu používateľa, [324], [299006],1.0.4732
FraudTool.YAC, C:\ADWCLEANER\QUARANTINE\FILES\VMZBOODNRWZGGUOKYFALGFMKDMFOXRGP.BACK, Bez zásahu používateľa, [324], [299006],1.0.4732
HackTool.HotKeyHook, C:\ADWCLEANER\QUARANTINE\FILES\XSQQXKNSLNRGOFXCRRANVAICKTEUPVBB.BACK, Bez zásahu používateľa, [10624], [34706],1.0.4732
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8236], [393793],1.0.4732
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8236], [393793],1.0.4732
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE\DLLSUITE.INI, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\FXSEXT32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjetoledb40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mswstr10.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\regedit.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\audiodev.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\compobj.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\crtdll.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ctl3d32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3d8.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dim.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dim700.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dramp.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dxof.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmband.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmcompos.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmime.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmscript.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmstyle.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dplaysvr.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dplayx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dpmodemx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dpwsockx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\explorer.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\expsrv.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\FXSXP32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\hh.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\iccvid.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\instnm.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\iprop.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir32_32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir41_qc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir41_qcx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_qc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_qcx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc40u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mscpx32r.dLL, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mscpxl32.dLL, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msexch40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msexcl40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjet40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjint40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjter40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjtes40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msltus40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msorc32r.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msorcl32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mspbde40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrd2x40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrd3x40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrepl40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mstext40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvbvm60.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcr71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcrt20.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcrt40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mswdat10.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msxbde40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mtxlegih.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ntkrnlpa.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odbcji32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odbcjt32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\oddbse32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odexl32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odfox32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odpdx32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odtext32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2disp.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2nls.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olecli32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olepro32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olesvr32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olethk32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\perfhost.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\setup16.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\setupSNK.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlunirl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlwid.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlwoa.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\storage.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\typelib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\user.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vbajet32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vdmdbg.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vfpodbc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dgl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dum.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLibJava.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmhgfs.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vsocklib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\wow32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\msvcr71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dgl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dum.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLibJava.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmhgfs.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vsocklib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall\InnoCallback.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42751,7110374074.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42788,5345377083.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42789,5794298264.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42993,3638671296.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
Generic.Malware/Suspicious, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP, Bez zásahu používateľa, [0], [392686],1.0.4732
Generic.Malware/Suspicious, C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE, Bez zásahu používateľa, [0], [392686],1.0.4732
HackTool.HotKeysHook, C:\USERS\PETER\DESKTOP\MAFIA.EXE, Bez zásahu používateľa, [14394], [279589],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH\DAEMON.TOOLS.ULTRA.V.5.0.0.0540.X32-PATCH.EXE, Bez zásahu používateľa, [8152], [281135],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH\DAEMON.TOOLS.ULTRA.V.5.0.0.0540.X64-PATCH.EXE, Bez zásahu používateľa, [8152], [281135],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH.RAR, Bez zásahu používateľa, [8152], [281135],1.0.4732
Generic.Malware/Suspicious, C:\USERS\PETER\DOWNLOADS\CC6466\CC6466\KEYMAKER_CORE.RAR, Bez zásahu používateľa, [0], [392686],1.0.4732
PUP.Optional.AdvancedSystemCare, C:\USERS\PETER\DOWNLOADS\PROGRAMS\ADVANCED-SYSTEMCARE-SETUP.EXE, Bez zásahu používateľa, [4592], [396386],1.0.4732
Adware.LoadMoney, C:\USERS\PETER\DOWNLOADS\DELPHI_ALL_KEYGEN_2010_-_2017_1_A1C-412___.EXE, Bez zásahu používateľa, [396], [505238],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE, Bez zásahu používateľa, [685], [424002],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI, Bez zásahu používateľa, [685], [435872],1.0.4732
FraudTool.YAC, C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS, Bez zásahu používateľa, [324], [299006],1.0.4732
PUP.Optional.AdvancedSystemCare, C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE, Bez zásahu používateľa, [4592], [396386],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\REGKEY.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\YACQQ.EXE, Bez zásahu používateľa, [685], [345563],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\UPDATE.DLL-201611221827.DLL.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
RiskWare.BitCoinMiner, C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE, Bez zásahu používateľa, [914], [354560],1.0.4732

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

(end)

#42 Příspěvek od **Conder** » 17 dub 2018 15:58

Odporcam odinstalovat DLL Suite. Takisto odporucam nepouzivat ziadne IObit programy, su to smejdy, ktore mozu poskodit system. Odporucam premazat zlozku so stiahnutymi subormi (C:\Users\Peter\Desktop\Downloads), hlavne tie cracky, ktore mozu mat v sebe aj nejakeho smejda.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP
VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE
VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
File: C:\USERS\PETER\DESKTOP\MAFIA.EXE
File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

C:\ADWCLEANER\QUARANTINE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE
C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE
C:\WINDOWS.OLD\WINDOWS\TEMP
C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

PureHate44 · #43 Příspěvek od **PureHate44** » 21 dub 2018 12:31

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by Peter (21-04-2018 13:03:06) Run:8
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP
VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE
VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
File: C:\USERS\PETER\DESKTOP\MAFIA.EXE
File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

C:\ADWCLEANER\QUARANTINE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE
C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE
C:\WINDOWS.OLD\WINDOWS\TEMP
C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP => (3) Error
VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE => https://www.virustotal.com/file/40fbcc4 ... 424111142/
VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS => https://www.virustotal.com/file/6597d49 ... 522908890/
VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE => https://www.virustotal.com/file/ba5ad1f ... 506534131/

========================= File: C:\USERS\PETER\DESKTOP\MAFIA.EXE ========================

C:\USERS\PETER\DESKTOP\MAFIA.EXE
File not signed
MD5: E730D53C1BD3E7ACCDCC1B61A09E6910
Creation and modification date: 2016-12-25 18:12 - 2003-06-24 13:29
Size: 000428417
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

========================= File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS ========================

C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
File is digitally signed
MD5: 9FB02FBA90F6AF59537A30C3DB9777C8
Creation and modification date: 2016-11-22 20:34 - 2016-05-19 08:42
Size: 000052392
Attributes: ----A
Company Name: Elex do Brasil Participações Ltda
Internal Name: iSafeNetFilter.sys
Original Name: iSafeNetFilter.sys
Product: YAC Security Protection
Description: iSafeNetFilter SDK WFP Driver (WPP)
File Version: 1.4.6.1 built by: WinDDK
Product Version: 1.4.6.1
Copyright: Copyright (c) 2011-2013 Elex do Brasil Participações Ltda
VirusTotal: 0

====== End of File: ======

========================= File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE ========================

C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
File not signed
MD5: 95C63E6F6B4AD5D13BF44C3D4B0C35F0
Creation and modification date: 2016-11-18 21:41 - 2016-11-18 21:41
Size: 000073216
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

C:\ADWCLEANER\QUARANTINE => moved successfully
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE => moved successfully
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE => moved successfully
C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI => moved successfully
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS => moved successfully
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE => moved successfully
C:\WINDOWS.OLD\WINDOWS\TEMP => moved successfully
C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5464689 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7894042 B
Edge => 0 B
Chrome => 0 B
Firefox => 385667028 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 1312 B
Peter => 281430793 B

RecycleBin => 256811666 B
EmptyTemp: => 901.9 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:05:19 ====

#44 Příspěvek od **Conder** » 21 dub 2018 13:07

OK, poprosim este raz nove logy z FRST. Chrome stale nejde?

PureHate44 · #45 Příspěvek od **PureHate44** » 28 dub 2018 20:00

Chrome zatiaľ nejde

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018
Ran by Peter (administrator) on PETER-PC (28-04-2018 20:57:30)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Total Commander\TOTALCMD64.EXE
(XChat-SE) C:\Users\Peter\Downloads\IRC\xchat.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4201464 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-02] (Spotify Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6267384 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [uTorrent] => C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2151864 2018-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2003688 2018-02-20] (TomTom)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2018-03-16] (TomTom)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198A64C8-8290-44FF-AFFC-CC0451C43693}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: o6yasy6y.default-1506712320144
FF ProfilePath: C:\Users\Peter\AppData\Roaming\TomTom\HOME\Profiles\iif5lsue.default [2018-04-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2018-04-14] [Legacy] [not signed]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144 [2018-04-28]
FF Extension: (Adblock Plus) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-04-22]
FF Extension: (OkayFreedom) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-11-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4854464 2016-12-12] (Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [358408 2018-01-29] (Steganos Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [73200 2015-03-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [70384 2017-03-27] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-12-03] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-22] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-01-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-01-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-08] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-26] (REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-04-23] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2016-11-26] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-12-14] (Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [131856 2017-10-05] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [144656 2017-10-05] (BigNox Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2017-06-10] (MBB)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-05] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-28 17:14 - 2018-04-28 17:24 - 965693119 _____ C:\Users\Peter\Downloads\Lucifer.S03E15.720p.HDTV.x264-KILLERS.mkv
2018-04-28 17:13 - 2018-04-28 17:23 - 933517040 _____ C:\Users\Peter\Downloads\Lucifer.S03E14.720p.HDTV.x264-BATV.mkv
2018-04-22 20:41 - 2018-04-22 20:41 - 000006244 _____ C:\Windows\SysWOW64\MSO1051.acl
2018-04-21 19:31 - 2018-04-21 19:31 - 002071992 _____ C:\Users\Peter\Downloads\Malwarebytes.AntiExploit.Premium.1.12.1.68.rar
2018-04-21 15:53 - 2018-04-21 15:54 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup.exe
2018-04-21 14:01 - 2018-04-21 14:02 - 089811021 _____ C:\Users\Peter\Downloads\Reborn - Patriot (2017) - 320kbps.7z
2018-04-21 13:58 - 2018-04-21 14:02 - 364027575 _____ C:\Users\Peter\Downloads\JANDA DALIBOR - Velky flam-Zlate album (CZ 2CD 2018)[MP3.CBR.320].rar
2018-04-21 13:51 - 2018-04-21 13:53 - 155904449 _____ C:\Users\Peter\Downloads\BFMV-Venom.rar
2018-04-21 12:24 - 2018-04-21 12:35 - 212245569 _____ C:\Users\Peter\Downloads\Moshpit - An Eternal Torch Can Light A Million (2017).7z
2018-04-15 15:21 - 2018-03-06 17:55 - 000000000 ____D C:\Users\Peter\Downloads\mma250
2018-04-15 15:17 - 2018-04-15 15:19 - 069520126 _____ C:\Users\Peter\Downloads\mma250.rar
2018-04-14 12:54 - 2018-04-14 12:54 - 000000000 ____D C:\Users\Peter\AppData\Roaming\TomTom
2018-04-14 12:53 - 2018-04-14 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2018-04-14 12:52 - 2018-04-14 12:53 - 000000000 ____D C:\Program Files (x86)\TomTom HOME 2
2018-04-14 12:48 - 2018-04-15 12:21 - 000000000 ____D C:\Users\Peter\AppData\Local\TomTom
2018-04-14 12:48 - 2018-04-14 12:48 - 000000851 _____ C:\Users\Peter\Desktop\TomTom MyDrive Connect.lnk
2018-04-14 12:48 - 2018-04-14 12:48 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom
2018-04-14 12:48 - 2018-04-14 12:48 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2018-04-14 12:31 - 2018-04-14 12:31 - 000000000 ____D C:\Windows\Mozilla
2018-04-14 12:25 - 2018-04-14 12:26 - 029424528 _____ C:\Users\Peter\Downloads\TomTomHOME2winlatest.exe
2018-04-14 12:19 - 2018-04-14 12:19 - 000000000 ____D C:\Users\Peter\AppData\Local\cache
2018-04-14 12:16 - 2018-04-14 12:16 - 068659424 _____ (TomTom International B.V.) C:\Users\Peter\Downloads\InstallTomTomMyDriveConnect.exe
2018-04-13 18:26 - 2018-03-31 04:09 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-04-13 18:26 - 2018-03-31 04:09 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-04-13 18:26 - 2018-03-31 04:09 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-04-13 18:26 - 2018-03-31 04:09 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-04-13 18:26 - 2018-03-31 04:09 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-04-13 18:26 - 2018-03-31 03:45 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-04-13 18:26 - 2018-03-31 03:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-04-13 18:26 - 2018-03-31 03:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-04-13 18:26 - 2018-03-31 03:38 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-04-13 18:26 - 2018-03-31 03:12 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-04-13 18:26 - 2018-03-31 03:06 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-04-13 18:26 - 2018-03-31 03:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-04-13 18:26 - 2018-03-31 03:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-04-13 18:26 - 2018-03-31 03:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-04-13 18:26 - 2018-03-31 03:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-04-13 18:26 - 2018-03-31 02:59 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-04-13 18:26 - 2018-03-31 02:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-04-13 18:26 - 2018-03-31 02:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-04-13 18:26 - 2018-03-28 09:30 - 003225600 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-04-13 18:26 - 2018-03-23 20:50 - 000396952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-04-13 18:26 - 2018-03-23 19:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-04-13 18:26 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-04-13 18:26 - 2018-03-22 23:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-04-13 18:26 - 2018-03-22 23:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-04-13 18:26 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-04-13 18:26 - 2018-03-22 23:19 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-04-13 18:26 - 2018-03-22 23:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-04-13 18:26 - 2018-03-22 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-04-13 18:26 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-04-13 18:26 - 2018-03-22 23:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-04-13 18:26 - 2018-03-22 23:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-04-13 18:26 - 2018-03-22 23:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-04-13 18:26 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-04-13 18:26 - 2018-03-22 23:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-04-13 18:26 - 2018-03-22 23:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-04-13 18:26 - 2018-03-22 23:05 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-04-13 18:26 - 2018-03-22 23:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-04-13 18:26 - 2018-03-22 22:58 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-04-13 18:26 - 2018-03-22 22:55 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-04-13 18:26 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-04-13 18:26 - 2018-03-22 22:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-04-13 18:26 - 2018-03-22 22:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-04-13 18:26 - 2018-03-22 22:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-04-13 18:26 - 2018-03-22 22:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-04-13 18:26 - 2018-03-22 22:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-04-13 18:26 - 2018-03-22 22:45 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-04-13 18:26 - 2018-03-22 22:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-04-13 18:26 - 2018-03-22 22:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-04-13 18:26 - 2018-03-22 22:44 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-04-13 18:26 - 2018-03-22 22:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-04-13 18:26 - 2018-03-22 22:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-04-13 18:26 - 2018-03-22 22:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-04-13 18:26 - 2018-03-22 22:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-04-13 18:26 - 2018-03-22 22:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-04-13 18:26 - 2018-03-22 22:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-13 18:26 - 2018-03-22 22:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-04-13 18:26 - 2018-03-22 22:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-04-13 18:26 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-04-13 18:26 - 2018-03-22 22:27 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-04-13 18:26 - 2018-03-22 22:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-04-13 18:26 - 2018-03-22 22:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-04-13 18:26 - 2018-03-22 22:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-04-13 18:26 - 2018-03-22 22:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-04-13 18:26 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-04-13 18:26 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-04-13 18:26 - 2018-03-22 22:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-04-13 18:26 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-04-13 18:26 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-04-13 18:26 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-04-13 18:26 - 2018-03-22 22:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-04-13 18:26 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-04-13 18:26 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-04-13 18:26 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-04-13 18:26 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-04-13 18:26 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-04-13 18:26 - 2018-03-10 19:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-04-13 18:26 - 2018-03-09 20:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-04-13 18:26 - 2018-03-09 20:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-04-13 18:26 - 2018-03-06 20:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-04-13 18:26 - 2018-03-06 20:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-04-13 18:26 - 2018-03-06 20:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-04-13 18:26 - 2018-03-06 20:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-04-13 18:26 - 2018-03-06 20:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-04-13 18:26 - 2018-03-06 20:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-04-13 18:26 - 2018-02-22 05:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-04-13 18:26 - 2018-02-22 05:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-04-13 18:26 - 2018-02-10 20:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-04-13 18:26 - 2018-02-10 20:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-04-13 18:26 - 2018-02-10 20:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-04-13 18:26 - 2018-02-10 20:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-04-13 18:26 - 2018-02-10 20:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-04-13 18:26 - 2018-02-10 20:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-04-13 18:26 - 2018-02-10 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-04-13 18:26 - 2018-02-10 19:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-04-13 18:26 - 2018-02-10 19:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-04-13 18:26 - 2018-02-10 19:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-04-13 18:26 - 2018-02-10 19:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-04-13 18:26 - 2018-02-10 19:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-04-13 18:26 - 2018-02-10 19:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-04-13 18:26 - 2018-02-10 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-04-13 18:26 - 2018-02-10 19:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-04-13 18:26 - 2018-02-02 20:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-04-13 18:26 - 2018-02-02 20:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-04-13 18:26 - 2018-02-02 20:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-04-13 18:26 - 2018-02-02 20:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-04-13 18:26 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-04-13 18:26 - 2018-02-02 20:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-04-13 18:26 - 2018-02-02 20:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-04-13 18:26 - 2018-02-02 19:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-04-13 18:26 - 2018-02-02 19:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-04-13 18:26 - 2018-01-25 16:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000019800 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-04-13 18:26 - 2018-01-12 18:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-04-13 18:26 - 2018-01-12 18:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:06 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-04-13 18:25 - 2018-03-31 03:06 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-04-13 18:25 - 2018-03-31 02:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-04-13 18:25 - 2018-03-09 20:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-04-13 18:25 - 2018-03-09 20:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-04-13 18:25 - 2018-03-09 20:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-04-13 18:25 - 2018-03-09 19:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-04-13 18:25 - 2018-01-15 21:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-04-13 18:25 - 2018-01-15 21:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-04-13 18:18 - 2018-04-13 18:18 - 000023407 _____ C:\malwarebytes.txt
2018-04-13 03:01 - 2018-03-14 19:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-13 03:01 - 2018-03-14 19:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-13 03:01 - 2018-03-14 15:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-09 03:43 - 2018-04-09 03:43 - 000006233 _____ C:\Users\Peter\Desktop\malware.txt
2018-04-08 18:36 - 2018-04-23 03:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-04-08 18:36 - 2018-04-08 18:36 - 000001867 _____ C:\Users\Peter\Desktop\Malwarebytes.lnk
2018-04-08 18:36 - 2018-04-08 18:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-08 18:36 - 2018-04-08 18:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2018-04-08 18:36 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-04-08 18:35 - 2018-04-08 18:35 - 072584760 _____ (Malwarebytes ) C:\Users\Peter\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4646.exe
2018-04-08 14:46 - 2018-04-28 20:56 - 000000000 ____D C:\Program Files (x86)\Google
2018-04-08 14:46 - 2018-04-08 14:46 - 000000000 ____D C:\Users\Peter\AppData\Local\Google
2018-04-08 13:33 - 2018-04-08 13:33 - 001207800 _____ (Adobe Systems Incorporated) C:\Users\Peter\Downloads\readerdc_sk_xa_crd_install.exe
2018-04-08 13:30 - 2018-04-08 13:30 - 000423254 _____ C:\Users\Peter\Downloads\12-010 Ziadost o prihlasenie do evidencie.pdf
2018-04-07 09:29 - 2018-04-07 09:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-04 17:44 - 2018-04-04 17:44 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf(1).exe
2018-04-04 12:21 - 2018-04-04 12:21 - 000000162 ____H C:\Users\Peter\Downloads\~$votopis-Peter-Preták.odt
2018-04-04 12:21 - 2018-04-04 12:21 - 000000000 ____D C:\Users\Peter\Downloads\FontCache
2018-04-02 10:47 - 2018-04-02 10:47 - 000004622 _____ C:\Users\Peter\Downloads\purehate.m3u
2018-04-01 20:26 - 2018-04-01 20:26 - 000000000 ____D C:\Windows\SysWOW64\FontCache
2018-04-01 20:24 - 2018-04-01 20:24 - 000353997 _____ C:\Users\Peter\Downloads\HomeTicket.pdf
2018-03-31 09:21 - 2018-04-04 17:53 - 000002615 _____ C:\Users\Peter\Desktop\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000000000 ____D C:\Users\Peter\AppData\Roaming\uTorrent
2018-03-31 08:50 - 2018-04-04 17:45 - 000000000 ____D C:\Users\Peter\Downloads\GoogleChromePortable
2018-03-30 22:33 - 2018-03-30 22:34 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf.exe
2018-03-30 17:36 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-30 12:55 - 2018-03-30 12:55 - 001140252 _____ C:\Users\Peter\Downloads\netflix.rar
2018-03-30 12:53 - 2018-03-30 12:53 - 001905624 _____ C:\Users\Peter\Downloads\delphi_all_keygen_2010_-_2017_1_a1c-412___.exe
2018-03-30 11:50 - 2018-04-22 20:41 - 000000000 ____D C:\officeclient.microsoft.com
2018-03-30 11:38 - 2018-03-30 11:38 - 002989616 _____ (PortableApps.com) C:\Users\Peter\Downloads\uTorrentPortable_3.5.3.44358_online.paf.exe
2018-03-30 11:10 - 2018-03-30 11:10 - 000000000 ____D C:\Users\Peter\Downloads\cc6466
2018-03-30 11:04 - 2018-03-30 11:09 - 038110382 _____ C:\Users\Peter\Downloads\cc6466.rar
2018-03-30 09:25 - 2018-03-30 09:27 - 167593813 _____ C:\Users\Peter\Downloads\F-B-CoV-Wsf(320).rar
2018-03-29 17:52 - 2018-03-29 17:52 - 000076623 _____ C:\Users\Peter\Desktop\sfcdetails.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-28 20:58 - 2018-03-17 09:31 - 000011277 _____ C:\Users\Peter\Desktop\FRST.txt
2018-04-28 20:57 - 2018-03-23 18:45 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-04-28 20:57 - 2017-11-05 09:03 - 002405888 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-04-28 20:57 - 2017-11-05 09:00 - 000000000 ____D C:\FRST
2018-04-28 20:40 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-28 18:56 - 2018-02-15 18:34 - 000000000 ____D C:\vlc
2018-04-28 17:25 - 2017-02-24 15:14 - 000000000 ____D C:\Users\Peter\Downloads\Subs
2018-04-28 14:23 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-28 14:23 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-28 11:11 - 2017-12-12 14:33 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-04-23 05:02 - 2016-11-26 20:50 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-04-23 03:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-22 07:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-21 14:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-04-21 13:44 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 13:05 - 2018-03-24 19:35 - 000004964 _____ C:\Users\Peter\Desktop\Fixlog.txt
2018-04-21 13:04 - 2015-03-25 22:30 - 000000000 ____D C:\AdwCleaner
2018-04-16 04:08 - 2017-10-22 13:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-14 16:21 - 2018-02-18 10:51 - 000000000 ____D C:\SCANOVANIE
2018-04-14 16:21 - 2018-02-17 20:42 - 000000000 ___RD C:\Users\Peter\Documents\Scanned Documents
2018-04-14 12:26 - 2017-08-23 15:44 - 000000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2018-04-14 12:08 - 2009-07-14 07:08 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-04-13 21:59 - 2017-12-20 09:27 - 000457624 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-13 21:55 - 2017-06-11 03:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-13 21:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-04-13 18:36 - 2016-11-26 17:30 - 000000000 ____D C:\Windows\system32\MRT
2018-04-13 18:32 - 2017-10-12 03:09 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-13 18:31 - 2016-11-26 17:30 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-08 13:33 - 2009-07-14 09:54 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-04-06 13:34 - 2016-11-26 17:09 - 000000000 ____D C:\Users\Peter
2018-04-04 17:51 - 2017-12-09 10:26 - 000000000 ____D C:\Program Files\WinZip
2018-04-04 17:04 - 2018-03-17 09:32 - 000030834 _____ C:\Users\Peter\Desktop\Addition.txt
2018-04-04 12:31 - 2016-11-26 17:20 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2018-03-31 09:27 - 2017-12-20 09:30 - 000117936 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-30 22:54 - 2018-02-18 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-03-29 18:01 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-29 17:27 - 2018-01-05 14:00 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-29 17:03 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Files in the root of some directories =======

2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Peter\AppData\Roaming\MafiaSetup.exe
2016-11-26 17:41 - 2017-02-21 18:38 - 014438400 _____ () C:\Users\Peter\AppData\Roaming\Sandra.mdb
2017-01-14 18:58 - 2017-01-20 17:37 - 000007597 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-19 17:47 - 2017-01-19 17:47 - 000000424 _____ () C:\Users\Peter\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-21 14:22

==================== End of FRST.txt ============================

VIRY.CZ

Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku

Re: Poprpsím o preventívku