Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Adw se něco nelíbí...

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
homer_cz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 04 dub 2009 12:24

Adw se něco nelíbí...

#1 Příspěvek od homer_cz »

Zdravím,při preventivním úklidu PC po návštěvě synovců mi AdwCleaner hlásí nálezy ve složce [ Services ] které nesmazal ani po opakovaném spuštění,s PC žádné problémy nemám,Kaspersky mi taky tvrdí že je vše OK...tož nevím,mám li se znepokojovat :shock: ,či zůstat ledově klidným :James008:
Log z Adw:
# AdwCleaner v6.000 - Logfile created 19/08/2016 at 11:27:31
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-19.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\adwcleaner_6.000.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****

[!] Service not deleted: {07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}
[!] Service not deleted: {43FC567C-865E-45B5-AA48-98F6D1142A5D}


***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [2931 Bytes] - [19/08/2016 11:24:08]
C:\AdwCleaner\AdwCleaner[C11].txt - [958 Bytes] - [19/08/2016 11:27:31]
C:\AdwCleaner\AdwCleaner[C1].txt - [13095 Bytes] - [19/11/2015 17:56:34]
C:\AdwCleaner\AdwCleaner[C2].txt - [4103 Bytes] - [21/11/2015 03:10:50]
C:\AdwCleaner\AdwCleaner[C3].txt - [3520 Bytes] - [24/11/2015 22:12:51]
C:\AdwCleaner\AdwCleaner[C4].txt - [845 Bytes] - [27/11/2015 17:55:43]
C:\AdwCleaner\AdwCleaner[C5].txt - [931 Bytes] - [08/12/2015 16:47:36]
C:\AdwCleaner\AdwCleaner[C6].txt - [848 Bytes] - [15/12/2015 21:52:40]
C:\AdwCleaner\AdwCleaner[C7].txt - [886 Bytes] - [05/01/2016 08:15:33]
C:\AdwCleaner\AdwCleaner[C8].txt - [843 Bytes] - [15/01/2016 07:24:19]
C:\AdwCleaner\AdwCleaner[C9].txt - [843 Bytes] - [27/01/2016 19:41:27]
C:\AdwCleaner\AdwCleaner[S10].txt - [664 Bytes] - [02/01/2016 17:02:24]
C:\AdwCleaner\AdwCleaner[S11].txt - [777 Bytes] - [05/01/2016 08:05:04]
C:\AdwCleaner\AdwCleaner[S12].txt - [664 Bytes] - [05/01/2016 17:59:17]
C:\AdwCleaner\AdwCleaner[S13].txt - [740 Bytes] - [15/01/2016 07:22:58]
C:\AdwCleaner\AdwCleaner[S14].txt - [664 Bytes] - [15/01/2016 09:24:34]
C:\AdwCleaner\AdwCleaner[S15].txt - [664 Bytes] - [26/01/2016 01:47:31]
C:\AdwCleaner\AdwCleaner[S16].txt - [740 Bytes] - [27/01/2016 19:40:32]
C:\AdwCleaner\AdwCleaner[S17].txt - [3050 Bytes] - [19/08/2016 11:22:58]
C:\AdwCleaner\AdwCleaner[S18].txt - [3198 Bytes] - [19/08/2016 11:26:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [13109 Bytes] - [19/11/2015 17:55:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [4526 Bytes] - [21/11/2015 03:09:53]
C:\AdwCleaner\AdwCleaner[S3].txt - [3984 Bytes] - [24/11/2015 22:11:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [1405 Bytes] - [27/11/2015 17:53:58]
C:\AdwCleaner\AdwCleaner[S5].txt - [3330 Bytes] - [08/12/2015 16:46:00]
C:\AdwCleaner\AdwCleaner[S6].txt - [3254 Bytes] - [15/12/2015 21:50:44]
C:\AdwCleaner\AdwCleaner[S7].txt - [3592 Bytes] - [15/12/2015 22:33:13]
C:\AdwCleaner\AdwCleaner[S8].txt - [3174 Bytes] - [24/12/2015 04:15:50]
C:\AdwCleaner\AdwCleaner[S9].txt - [663 Bytes] - [31/12/2015 12:33:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C11].txt - [2999 Bytes] ##########


Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by User (administrator) on USER-PC (20-08-2016 00:25:38)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6457960 2011-12-28] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKU\S-1-5-21-1991769118-1157689148-2223015802-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-16] (Valve Corporation)
HKU\S-1-5-21-1991769118-1157689148-2223015802-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3975232 2016-07-08] (GOG.com)
HKU\S-1-5-21-1991769118-1157689148-2223015802-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{43FC567C-865E-45B5-AA48-98F6D1142A5D}: [DhcpNameServer] 77.48.254.254 77.48.100.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1991769118-1157689148-2223015802-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1991769118-1157689148-2223015802-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1991769118-1157689148-2223015802-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-19] (AO Kaspersky Lab)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-11-19] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-19] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-11-19] (AO Kaspersky Lab)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-08-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1991769118-1157689148-2223015802-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-05-26]

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-11-19]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-19]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-09-10] (Kaspersky Lab ZAO)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [244800 2016-07-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6506048 2016-08-11] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-19] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-26] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-26] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-26] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-19] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-19 11:21 - 2016-08-19 11:21 - 03784256 _____ C:\Users\User\Desktop\adwcleaner_6.000.exe
2016-08-17 19:45 - 2016-08-17 19:47 - 76215606 _____ (myWOTmods.com ) C:\Users\User\Desktop\webium-WOT-0.9.15.1-modpack-installer-v9.15.1.02.exe
2016-08-17 13:11 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 13:11 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-17 13:11 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-17 13:11 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-17 13:11 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-17 13:11 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-08-17 13:11 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-17 13:11 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-08-17 13:11 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-17 13:11 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-08-17 13:11 - 2016-07-01 16:56 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-08-17 13:11 - 2016-07-01 16:56 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-08-17 13:11 - 2016-07-01 16:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-08-13 21:20 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-12 20:36 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-12 20:36 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-12 20:36 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-12 20:36 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-12 20:36 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-12 20:36 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-12 20:36 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-12 20:36 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-12 20:36 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-12 20:36 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-12 20:36 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-12 20:36 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-12 20:36 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-12 20:36 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-04 01:12 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-04 01:12 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-04 01:12 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-04 01:12 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-04 01:12 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-04 01:12 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-04 01:12 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-08-04 01:12 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-08-04 01:12 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-04 01:12 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-08-04 01:12 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-08-04 01:12 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-08-04 01:12 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-04 01:12 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-04 01:12 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-08-04 01:12 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-08-04 01:12 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-08-04 01:12 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-08-04 01:12 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-08-04 01:12 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-08-04 01:12 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-08-04 01:12 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-08-04 01:12 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-08-04 01:12 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-08-04 01:12 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-08-04 01:12 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-08-04 01:12 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-08-04 01:12 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-08-04 01:12 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-08-04 01:12 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-08-04 01:12 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-08-04 01:12 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-08-04 01:12 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-08-04 01:12 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-08-04 01:12 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-08-04 01:12 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-08-04 01:12 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-04 01:12 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-04 01:12 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-04 01:12 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-08-04 01:12 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-04 01:12 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-04 01:12 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-08-04 01:12 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-08-04 01:12 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-04 01:12 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-04 01:12 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-08-04 01:12 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-08-04 01:12 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-08-04 01:12 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-08-04 01:12 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-04 01:12 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-04 01:09 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-04 01:09 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-04 01:09 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-04 01:09 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-08-04 01:09 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-04 01:09 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-08-04 01:09 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-04 01:09 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-04 01:09 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-04 01:09 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-08-04 01:09 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-04 01:09 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 00:25 - 2015-12-08 16:59 - 00014897 _____ C:\Users\User\Desktop\FRST.txt
2016-08-20 00:25 - 2015-12-08 16:59 - 00000000 ____D C:\FRST
2016-08-19 13:36 - 2015-11-19 07:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-19 11:43 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-19 11:43 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-19 11:34 - 2011-04-12 10:34 - 09866282 _____ C:\Windows\system32\perfh005.dat
2016-08-19 11:34 - 2011-04-12 10:34 - 03276086 _____ C:\Windows\system32\perfc005.dat
2016-08-19 11:34 - 2009-07-14 07:13 - 00006268 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-19 11:28 - 2015-08-06 23:22 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-19 11:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-19 11:27 - 2015-11-19 17:55 - 00000000 ____D C:\AdwCleaner
2016-08-19 11:05 - 2016-06-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-19 00:44 - 2016-07-12 12:00 - 00000000 ____D C:\Users\User\Documents\The Witcher 3
2016-08-18 22:13 - 2016-03-13 22:21 - 00001742 _____ C:\Users\Public\Desktop\Webium's Modpack.lnk
2016-08-18 22:13 - 2016-03-13 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2016-08-18 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-17 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows
2016-08-17 13:50 - 2012-11-19 14:14 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-08-17 09:55 - 2009-07-14 06:45 - 00303672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 09:52 - 2013-09-12 05:01 - 00000000 ____D C:\Windows\system32\MRT
2016-08-17 09:48 - 2012-09-21 11:36 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-14 01:58 - 2015-08-10 22:59 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-05 12:24 - 2014-07-04 11:36 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404466604
2016-08-05 12:24 - 2012-09-25 16:21 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-04 01:19 - 2014-12-11 13:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-03 15:08 - 2015-08-10 08:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-31 14:31 - 2015-08-10 22:59 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-31 14:31 - 2015-08-10 22:59 - 00003948 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-31 14:31 - 2014-10-07 13:59 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2016-07-31 14:31 - 2012-09-29 15:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-31 14:31 - 2012-09-29 15:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-31 14:31 - 2012-09-29 15:07 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-23 05:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2013-12-23 01:24 - 2015-03-10 22:38 - 0007607 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\libeay32.dll
C:\Users\User\AppData\Local\Temp\msvcr120.dll
C:\Users\User\AppData\Local\Temp\playstv_patch.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 16:11

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Adw se něco nelíbí...

#2 Příspěvek od Rudy »

Zdravím!
Myslím, že se není čeho obávat. Jde zřejmě o nějakou akutualizaci. Tady: https://translate.google.cz/translate?h ... rev=search o tom něco je.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
homer_cz
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 04 dub 2009 12:24

Re: Adw se něco nelíbí...

#3 Příspěvek od homer_cz »

Díky za uklidnění :thumbsup: Nyní již nic nehlásí ani Adw,tak to tu můžete zamknout.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Adw se něco nelíbí...

#4 Příspěvek od Rudy »

Rádo se stalo! Zamykám. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“