Prosím o pomoc. Kazdu chvilu sa mi nieco samostatne spusta vpozadi na zlomok sekudny. Kaspersky a spyware hunter nic nenasli.
log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Peto (administrator) on DESKTOP-MNH69NR (18-05-2017 12:27:35)
Running from C:\Users\Peto\Desktop
Loaded Profiles: Peto (Available Profiles: Peto)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5572\Agent.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net Helper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Enigma Software Group USA, LLC.) D:\Programy\SpyHunter 4.21.10.4585 Portable by wood\SpyHunter4.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(forum.viry.cz) C:\Users\Peto\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Viber] => C:\Users\Peto\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [CGFLoader] => C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe [1961984 2007-11-26] (Colorjinn)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [CalibrizeResume] => C:\Program Files (x86)\Calibrize\CalibrizeResume.exe [413696 2007-11-26] (Eberhard Werle)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [BingSvc] => C:\Users\Peto\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-19] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Steam] => D:\Steam\steam.exe [3042592 2017-05-13] (Valve Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [3229160 2017-03-24] (Blizzard Entertainment)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Discord] => C:\Users\Peto\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [GalaxyClient] => D:\games\GOG Galaxy\GalaxyClient.exe [4006464 2017-02-02] (GOG.com)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [OSDownloaderUpdate] => C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe [3635712 2015-09-18] (Opensubtitles.org)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19407360 2017-03-24] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2016-10-14]
ShortcutTarget: Universal Media Server.lnk -> D:\Program Files\Universal Media Server\UMS.exe (Universal Media Server)
Startup: C:\Users\Peto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.9u4.lnk [2015-12-09]
ShortcutTarget: FreeRapid 0.9u4.lnk -> D:\preberanie\FreeRapid-0.9u4(1)\FreeRapid-0.9u4\frd.exe (Vity)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{0109097f-622b-4b75-bd28-d540807e9844}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{75e212de-23d5-4d53-b81d-160f7e51ad3b}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1285_170201__yaie&p={searchTerms}
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-19] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-19] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: m7jw6ni2.default
FF ProfilePath: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default [2017-05-18]
FF NewTab: Mozilla\Firefox\Profiles\m7jw6ni2.default -> about:home
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\m7jw6ni2.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\m7jw6ni2.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\m7jw6ni2.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\m7jw6ni2.default -> type", 0
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (Enhanced Steam) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\jid1-YdiFiTEkQgInxA@jetpack.xpi [2017-04-14]
FF Extension: (Video DownloadHelper) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Fasterfox) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-08-07]
FF Extension: (SteamPowered Forums Browser Updated) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{d025c20b-3380-44c7-9f32-ae447fe10a5e}.xpi [2016-08-22]
FF Extension: (Adblock Plus) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Greasemonkey) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-26]
FF Extension: (Adblock Edge) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\searchplugins\yahoo-lavasoft.xml [2017-02-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-05-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-18] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Prezentácie Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-30]
CHR Extension: (Dokumenty Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-30]
CHR Extension: (Disk Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-30]
CHR Extension: (YouTube) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-30]
CHR Extension: (Tabuľky Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-31]
CHR Extension: (Steam Market Float Checker) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjcjjbacacnhoibdbghilhicllgegcf [2016-08-30]
CHR Extension: (SteamWizard) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojolejmgolbhakghocbgjemjgbmcjig [2016-09-07]
CHR Extension: (Skype) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-30]
CHR Extension: (Gmail) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-03]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-11] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S3 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [74752 2017-03-17] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [103936 2017-03-17] (Microsoft Corporation)
S3 GalaxyClientService; D:\games\GOG Galaxy\GalaxyClientService.exe [284736 2017-02-02] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-28] (GOG.com)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2718840 2016-10-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe [103168 2016-10-13] ()
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [425768 2017-05-16] (AO Kaspersky Lab)
S2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2123240 2017-03-15] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2184688 2017-03-15] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [373760 2017-03-17] (Microsoft Corporation)
S3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [266240 2017-03-17] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1034240 2017-03-17] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-10-04] (AnchorFree Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2016-03-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2016-03-23] (Windows (R) Win 7 DDK provider)
S3 esgiguard; D:\Programy\SpyHunter 4.21.10.4585 Portable by wood\esgiguard.sys [15920 2016-04-20] (Enigma Software Group USA, LLC.)
R1 HssDRV6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44648 2015-09-18] (AnchorFree Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-17] (REALiX(tm))
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
S0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [206552 2017-05-16] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [522736 2017-05-16] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051360 2017-05-16] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R4 klkbdflt2; C:\WINDOWS\system32\DRIVERS\klkbdflt2.sys [48352 2016-12-21] (AO Kaspersky Lab)
S3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
U0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_arkmon_E3769B27; C:\ProgramData\Kaspersky Lab\AVP18.0.0\temp\E3769B2713E1E013FACB78E3D4369EE8\klupd_klif_arkmon.sys [229288 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-05-16] (AO Kaspersky Lab)
U0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-16] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-04-18] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [198432 2017-01-22] (AO Kaspersky Lab)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-09] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42088 2015-09-18] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VCSVADHWSer; C:\WINDOWS\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S1 eamonm; system32\DRIVERS\eamonm.sys [X]
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S1 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
S2 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
S1 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-18 12:27 - 2017-05-18 12:27 - 00026453 _____ C:\Users\Peto\Desktop\FRST.txt
2017-05-18 12:26 - 2017-05-18 12:26 - 00112640 _____ (forum.viry.cz) C:\Users\Peto\Desktop\FRSTLauncher.exe
2017-05-18 12:25 - 2017-05-18 12:27 - 00000000 ____D C:\FRST
2017-05-18 12:25 - 2017-05-18 12:25 - 02429952 _____ (Farbar) C:\Users\Peto\Desktop\FRST64.exe
2017-05-18 12:19 - 2017-05-18 12:19 - 00000226 _____ C:\Users\Peto\Desktop\RootkitRevealer.zip
2017-05-18 11:32 - 2017-05-18 11:33 - 00089912 _____ C:\TDSSKiller.3.1.0.15_18.05.2017_11.32.29_log.txt
2017-05-18 11:31 - 2017-05-18 11:32 - 04830473 _____ C:\Users\Peto\Downloads\tdsskiller.zip
2017-05-18 11:30 - 2017-05-18 11:31 - 04194304 _____ C:\Users\Peto\Downloads\tdsskiller.exe.part
2017-05-18 09:22 - 2017-05-18 09:22 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-05-16 17:12 - 2017-05-16 17:12 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-05-16 17:06 - 2017-05-18 09:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-16 17:06 - 2017-05-16 17:06 - 01051360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00522736 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00206552 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00149584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-05-16 17:06 - 2017-05-16 17:06 - 00002156 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2017-05-16 17:06 - 2017-05-16 17:06 - 00001309 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-05-16 17:06 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-05-16 16:32 - 2017-05-16 16:32 - 00000061 _____ C:\WINDOWS\wininit.ini
2017-05-16 16:25 - 2017-05-16 17:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-16 16:21 - 2017-05-16 17:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-05-16 16:17 - 2017-05-16 17:13 - 00000000 ____D C:\Program Files (x86)\TNod
2017-05-16 16:17 - 2017-05-16 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2017-05-16 05:53 - 2017-05-16 16:16 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2017-05-16 05:48 - 2017-05-16 05:48 - 06559869 _____ C:\Users\Peto\Downloads\PCHunter_free.zip
2017-05-15 15:27 - 2017-05-15 15:27 - 00000000 ____D C:\Users\Peto\AppData\Roaming\SmartSteamEmu
2017-05-15 12:37 - 2017-05-15 13:09 - 98048340 _____ C:\Users\Peto\Downloads\Prey.v1.0.Crack.V2.by.BALDMAN.rar
2017-05-13 11:16 - 2017-05-13 11:16 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-05-13 11:16 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-13 11:16 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-13 11:16 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-13 08:59 - 2017-05-17 12:33 - 00000000 ____D C:\Users\Peto\AppData\Roaming\qBittorrent
2017-05-13 08:59 - 2017-05-13 08:59 - 00000000 ____D C:\Users\Peto\AppData\Local\qBittorrent
2017-05-13 08:50 - 2017-05-13 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-05-13 08:49 - 2017-05-13 08:49 - 16846965 _____ (The qBittorrent project) C:\Users\Peto\Downloads\qbittorrent_3.3.12_setup.exe
2017-05-12 20:06 - 2017-05-12 20:07 - 45019607 _____ (KLCP ) C:\Users\Peto\Downloads\K-Lite_Codec_Pack_1316_Mega.exe
2017-05-11 17:04 - 2017-05-11 17:04 - 00000202 _____ C:\Users\Peto\Desktop\Brawlhalla.url
2017-05-11 00:50 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 00:50 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 00:50 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 00:50 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 00:50 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 00:50 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 00:50 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 00:50 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 00:50 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 00:50 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 00:50 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 00:50 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 00:50 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 00:50 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 00:50 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 00:50 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 00:50 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-11 00:50 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 00:50 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-11 00:50 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 00:50 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 00:50 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-11 00:50 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 00:50 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 00:50 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 00:50 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 00:50 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 00:50 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 00:50 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 00:50 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 00:50 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 00:50 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 00:50 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 00:50 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 00:50 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 00:50 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 00:50 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 00:50 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 00:50 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 00:50 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 00:50 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 00:50 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-11 00:50 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 00:50 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-11 00:50 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 00:50 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 00:50 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 00:50 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 00:50 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 00:50 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 00:50 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-11 00:50 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 00:50 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-11 00:50 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 00:50 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 00:50 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 00:50 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 00:50 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 00:50 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-11 00:50 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 00:50 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 00:50 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 00:50 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 00:50 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 00:50 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 00:50 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 00:50 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 00:50 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-11 00:50 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 00:50 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 00:50 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-11 00:50 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-11 00:50 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 00:50 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-11 00:50 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-11 00:50 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-11 00:50 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-11 00:50 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-11 00:50 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-11 00:50 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-11 00:50 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-11 00:50 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 00:50 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-11 00:50 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-11 00:50 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 00:50 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 00:50 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 00:50 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 00:50 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 00:50 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 00:50 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 00:50 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 00:50 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 00:50 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-11 00:50 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 00:50 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-11 00:50 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-11 00:50 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-11 00:50 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-11 00:50 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-11 00:50 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 00:50 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 00:50 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 00:50 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-11 00:50 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-11 00:50 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-11 00:50 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-11 00:50 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-11 00:50 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-11 00:50 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 00:50 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-11 00:50 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-11 00:50 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 00:50 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-11 00:50 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-11 00:50 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-11 00:50 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-11 00:50 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-11 00:50 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-11 00:50 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 00:50 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-11 00:50 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-11 00:50 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 00:50 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-11 00:50 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-11 00:50 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 00:50 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 00:50 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 00:50 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-11 00:50 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-11 00:50 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 00:50 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-11 00:50 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-11 00:50 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 00:50 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-11 00:50 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-11 00:50 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-11 00:50 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 00:50 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 00:50 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 00:50 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 00:50 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-05 08:07 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-05 08:04 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-04 03:29 - 2017-05-04 03:29 - 00000000 ____D C:\Users\Peto\Downloads\Fishbot
2017-05-04 03:18 - 2017-05-04 03:18 - 02058092 _____ C:\Users\Peto\Downloads\MrFishIt-4.0.135.zip
2017-05-04 03:12 - 2017-05-04 03:12 - 00098632 _____ C:\Users\Peto\Downloads\Fishbot.zip
2017-05-03 16:24 - 2017-05-03 16:24 - 00000505 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2017-05-02 01:55 - 2017-05-02 01:59 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-05-01 19:41 - 2017-05-01 19:42 - 00408482 _____ C:\Users\Peto\Downloads\WPE PRO By BboyHacks.zip
2017-05-01 19:01 - 2017-05-01 19:04 - 00000000 ____D C:\Users\Peto\Downloads\WoWAdminPanel-master
2017-05-01 05:20 - 2017-05-01 05:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-01 05:19 - 2017-05-01 05:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Peto\Downloads\mbar-1.09.3.1001.exe
2017-05-01 05:19 - 2017-05-01 05:19 - 00000000 ____D C:\Users\Peto\Desktop\mbar
2017-04-29 21:43 - 2017-04-29 21:43 - 00010621 _____ C:\Users\Peto\Downloads\SweetFX_Settings_World of Warcraft_Clean & Simple ReShade 3.txt
2017-04-29 20:50 - 2017-04-29 19:55 - 04206080 _____ (crosire) C:\Users\Peto\Desktop\ReShade_Setup_3.0.7.exe
2017-04-29 19:55 - 2017-04-29 19:55 - 04206080 _____ (crosire) C:\Users\Peto\Downloads\ReShade_Setup_3.0.7.exe
2017-04-28 22:25 - 2017-04-28 22:44 - 00017952 _____ C:\Users\Peto\Desktop\SweetFX_settings.txt
2017-04-25 22:45 - 2017-04-29 20:15 - 00000573 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2017-04-25 22:41 - 2017-04-20 03:59 - 00513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-04-25 22:38 - 2017-04-20 03:59 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438189.dll
2017-04-25 22:38 - 2017-04-20 03:59 - 01589880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438189.dll
2017-04-25 22:17 - 2017-05-13 11:16 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-23 07:51 - 2017-01-11 11:38 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-04-23 07:51 - 2017-01-11 11:38 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-04-23 07:51 - 2017-01-11 11:38 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-04-23 07:51 - 2017-01-11 11:38 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00914016 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00768816 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00410032 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00074600 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00069920 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-04-23 07:51 - 2017-01-11 11:37 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2017-04-22 02:49 - 2017-04-22 02:49 - 00012045 _____ C:\Users\Peto\Downloads\laa_2_0_4.7z
2017-04-21 18:14 - 2017-04-21 18:14 - 06382059 _____ C:\Users\Peto\Downloads\3DSoundBack_Beta0.1.zip
2017-04-21 17:18 - 2017-04-21 17:19 - 00000000 ____D C:\Program Files (x86)\Resource Hacker
2017-04-21 17:18 - 2017-04-21 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2017-04-21 17:17 - 2017-04-21 17:18 - 02919683 _____ ( ) C:\Users\Peto\Downloads\reshacker_setup.exe
2017-04-20 14:21 - 2017-04-20 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2017-04-20 14:15 - 2017-05-16 05:32 - 00000000 ____D C:\Users\Peto\AppData\Local\ESET
2017-04-20 14:14 - 2017-04-20 14:15 - 06752384 _____ (ESET spol. s r.o.) C:\Users\Peto\Downloads\ESETOnlineScanner_SKY.exe
2017-04-20 04:06 - 2017-04-13 19:47 - 00199369 _____ C:\telelist.ini
2017-04-20 02:59 - 2017-04-20 02:59 - 02058632 _____ C:\Users\Peto\Downloads\WoWAdminPanel-master.zip
2017-04-19 22:58 - 2017-04-19 22:58 - 02281595 _____ C:\Users\Peto\Downloads\adminpanel2097.zip
2017-04-19 22:10 - 2017-04-19 22:10 - 00178714 _____ C:\Users\Peto\Downloads\adminpanel.rar
2017-04-18 20:19 - 2017-04-18 20:19 - 04059353 _____ C:\Users\Peto\Downloads\SweetFX+EFX_WoW_Barni.zip
2017-04-18 14:32 - 2017-04-18 14:32 - 00136176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-04-18 14:32 - 2017-04-18 14:32 - 00050672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-18 12:27 - 2015-10-23 06:11 - 00000000 ____D C:\Users\Peto\AppData\Local\Battle.net
2017-05-18 12:25 - 2017-04-08 23:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-18 12:01 - 2016-02-21 15:05 - 00000000 ____D C:\Users\Peto\AppData\Roaming\TS3Client
2017-05-18 11:25 - 2016-11-24 21:39 - 00000000 ____D C:\Users\Peto\AppData\LocalLow\Mozilla
2017-05-18 09:22 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-18 09:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-18 09:21 - 2015-10-21 15:00 - 00000000 ____D C:\Program Files\Microsoft Office
2017-05-18 09:04 - 2017-04-08 23:23 - 00000000 ____D C:\Users\Peto
2017-05-18 09:04 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-18 09:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-18 09:01 - 2015-10-23 06:10 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-18 00:36 - 2017-04-08 23:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-16 17:13 - 2016-10-08 23:44 - 00000000 ____D C:\Users\Peto\AppData\Roaming\Resilio Sync
2017-05-16 17:13 - 2016-10-08 23:44 - 00000000 ____D C:\ProgramData\Resilio Sync
2017-05-16 17:11 - 2017-04-08 23:31 - 04813102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-16 17:11 - 2015-10-29 05:37 - 02833298 _____ C:\WINDOWS\system32\perfh01B.dat
2017-05-16 17:11 - 2015-10-29 05:37 - 00795518 _____ C:\WINDOWS\system32\perfc01B.dat
2017-05-16 17:06 - 2017-03-18 23:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-16 17:06 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 17:05 - 2017-04-08 23:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-16 17:04 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-16 16:59 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-16 16:25 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-16 16:16 - 2016-04-10 16:16 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-05-16 16:15 - 2016-02-17 21:42 - 00000000 ____D C:\ProgramData\Auslogics
2017-05-16 10:39 - 2016-08-30 17:40 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 12:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-13 11:16 - 2017-04-08 23:29 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-12 21:07 - 2017-04-08 23:29 - 00003230 _____ C:\WINDOWS\System32\Tasks\klcp_update
2017-05-12 21:07 - 2017-02-01 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-05-12 21:07 - 2015-10-21 00:57 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-05-12 20:06 - 2015-11-30 17:27 - 00000000 ____D C:\Program Files\Waterfox
2017-05-12 04:43 - 2015-11-16 13:16 - 00000000 ____D C:\Users\Peto\AppData\Local\ElevatedDiagnostics
2017-05-11 20:04 - 2015-11-26 14:45 - 00000000 ____D C:\Users\Peto\AppData\Local\Ubisoft Game Launcher
2017-05-11 18:11 - 2016-08-17 21:42 - 00000000 ____D C:\Users\Peto\BrawlhallaReplays
2017-05-11 16:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 16:08 - 2015-10-20 02:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 16:07 - 2017-04-08 23:22 - 00252384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 04:40 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-11 00:52 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-11 00:52 - 2015-10-20 04:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-11 00:50 - 2015-10-20 04:03 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-11 00:43 - 2015-10-20 02:39 - 00000000 ____D C:\Users\Peto\AppData\Local\Packages
2017-05-09 20:28 - 2017-04-08 23:29 - 00004550 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-09 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-05 16:54 - 2015-11-25 17:11 - 00000000 ____D C:\Users\Peto\AppData\Local\CrashDumps
2017-05-05 08:07 - 2016-03-12 17:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 08:07 - 2016-02-17 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-03 22:21 - 2017-04-06 22:35 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-03 22:21 - 2017-04-06 22:22 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2016-12-14 04:27 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2016-12-20 07:32 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 17:41 - 2017-04-08 23:23 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-02 00:59 - 2015-11-11 22:20 - 00000000 ____D C:\Users\Peto\Desktop\wpepro09mod
2017-05-02 00:38 - 2017-04-06 22:35 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-02 00:38 - 2017-04-06 22:35 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-02 00:38 - 2017-04-06 22:35 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-01 22:51 - 2017-04-08 23:23 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-01 19:18 - 2015-10-20 02:39 - 00000000 ____D C:\Users\Peto\AppData\Local\VirtualStore
2017-05-01 19:03 - 2017-04-13 19:47 - 00000000 ____D C:\Users\Peto\Downloads\adminpanel2097
2017-04-30 02:07 - 2016-01-30 19:39 - 00000000 ____D C:\Users\Peto\AppData\Roaming\Skype
2017-04-30 01:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 00:32 - 2017-04-08 23:29 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 00:32 - 2017-04-08 23:29 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 23:11 - 2017-04-08 23:23 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-23 07:51 - 2017-04-08 23:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-23 07:51 - 2015-12-02 03:55 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-20 14:20 - 2016-07-13 12:51 - 00000000 ____D C:\Program Files (x86)\Bloody6
2017-04-20 03:59 - 2017-03-20 06:07 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-04-19 08:12 - 2015-07-10 15:20 - 00395226 __RSH C:\bootmgr
2017-04-19 04:38 - 2015-10-23 05:44 - 00000000 ____D C:\ProgramData\Oracle
2017-04-19 04:37 - 2016-10-14 14:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-04-19 04:37 - 2016-10-14 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-19 04:37 - 2016-10-14 14:45 - 00000000 ____D C:\Program Files (x86)\Java
==================== Files in the root of some directories =======
2015-10-22 16:17 - 2017-03-18 15:29 - 0007594 _____ () C:\Users\Peto\AppData\Local\Resmon.ResmonCfg
2016-03-23 16:02 - 2016-04-12 20:45 - 0000035 _____ () C:\ProgramData\droidcam-settings
2016-12-20 07:33 - 2017-01-25 15:27 - 0010941 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-20 07:33 - 2017-01-20 14:33 - 0007103 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Peto\Desktop" je 61 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Samostatne sa spusta nejaky program
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Samostatne sa spusta nejaky program
- Přílohy
-
- Addition.rar
- (17.07 KiB) Staženo 73 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Samostatne sa spusta nejaky program
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Samostatne sa spusta nejaky program
# AdwCleaner v6.046 - *Logfile created 18/05/2017 *at 13:19:25
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-17.1 [*Server]
# *Operating System : Windows 10 Pro (X64)
# *Username : Peto - DESKTOP-MNH69NR
# *Running from : C:\Users\Peto\Downloads\adwcleaner_6.046.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
*Service Found: esgiguard
***** [ *Folders ] *****
*Folder Found: C:\Users\Peto\AppData\Local\eSupport.com
*Folder Found: C:\ProgramData\BSD\DriverHive
*Folder Found: C:\ProgramData\BSD\DriverHiveEngine
*Folder Found: C:\ProgramData\Auslogics
*Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
*Folder Found: C:\Program Files (x86)\SecurityXploded
***** [ *Files ] *****
*File Found: C:\spyhunter.fix
*File Found: C:\WINDOWS\SysWOW64\sh4native.exe
*File Found: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
*No malicious DLLs found.
***** [ WMI ] *****
*No malicious keys found.
***** [ *Shortcuts ] *****
*No infected shortcut found.
***** [ *Scheduled tasks ] *****
*No malicious task found.
***** [ *Registry ] *****
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\eSupport.com
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\BSD
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\SecurityXploded
*Key Found: HKCU\Software\eSupport.com
*Key Found: HKCU\Software\BSD
*Key Found: HKCU\Software\SecurityXploded
*Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
*Key Found: HKLM\SOFTWARE\EnigmaSoftwareGroup
*Key Found: HKLM\SOFTWARE\Auslogics
*Key Found: HKLM\SOFTWARE\BSD
*Key Found: [x64] HKCU\Software\eSupport.com
*Key Found: [x64] HKCU\Software\BSD
*Key Found: [x64] HKCU\Software\SecurityXploded
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SSMaker2]
*Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Web browsers ] *****
*No malicious Firefox based browser items found.
*Chromium pref Found: [C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [2924 *Bytes] - [18/05/2017 13:19:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2998 *Bytes] ##########
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-17.1 [*Server]
# *Operating System : Windows 10 Pro (X64)
# *Username : Peto - DESKTOP-MNH69NR
# *Running from : C:\Users\Peto\Downloads\adwcleaner_6.046.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
*Service Found: esgiguard
***** [ *Folders ] *****
*Folder Found: C:\Users\Peto\AppData\Local\eSupport.com
*Folder Found: C:\ProgramData\BSD\DriverHive
*Folder Found: C:\ProgramData\BSD\DriverHiveEngine
*Folder Found: C:\ProgramData\Auslogics
*Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
*Folder Found: C:\Program Files (x86)\SecurityXploded
***** [ *Files ] *****
*File Found: C:\spyhunter.fix
*File Found: C:\WINDOWS\SysWOW64\sh4native.exe
*File Found: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
*No malicious DLLs found.
***** [ WMI ] *****
*No malicious keys found.
***** [ *Shortcuts ] *****
*No infected shortcut found.
***** [ *Scheduled tasks ] *****
*No malicious task found.
***** [ *Registry ] *****
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\eSupport.com
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\BSD
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\SecurityXploded
*Key Found: HKCU\Software\eSupport.com
*Key Found: HKCU\Software\BSD
*Key Found: HKCU\Software\SecurityXploded
*Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
*Key Found: HKLM\SOFTWARE\EnigmaSoftwareGroup
*Key Found: HKLM\SOFTWARE\Auslogics
*Key Found: HKLM\SOFTWARE\BSD
*Key Found: [x64] HKCU\Software\eSupport.com
*Key Found: [x64] HKCU\Software\BSD
*Key Found: [x64] HKCU\Software\SecurityXploded
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SSMaker2]
*Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Web browsers ] *****
*No malicious Firefox based browser items found.
*Chromium pref Found: [C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [2924 *Bytes] - [18/05/2017 13:19:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2998 *Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Samostatne sa spusta nejaky program
ADW nemazal, neklikl jste na mazání. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?