browser miner

Zpráva

rudolff · #1 Příspěvek od **rudolff** » 18 říj 2017 19:52

Dobry den
neustale mi vyskakuje nejaka reklama kdyz otevru mozilu
omlouvam se nevim jestli tenhle FRST log je spravne + Addition rar

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017
Ran by RX (administrator) on RX-PC (18-10-2017 20:38:24)
Running from C:\Users\RX\Desktop
Loaded Profiles: RX (Available Profiles: RX)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-17] (Valve Corporation)
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {3af202e4-a4ee-11e7-9d70-14dae9728e7c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {4feaf15f-946e-11e7-a69a-14dae9728e7c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {f522d007-83f4-11e7-b3fb-14dae9728e7c} - E:\Lenovo_Suite.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{C2C5D94B-1A62-458E-9D83-B75037CF33A5}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2546690686-1583332744-3323792972-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FireFox:
========
FF DefaultProfile: 551ei6cz.default
FF ProfilePath: C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\551ei6cz.default [2017-10-18]
FF Extension: (ProxTube - Unblock YouTube) - C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\551ei6cz.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2017-09-14]
FF Extension: (Adblock Plus) - C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\551ei6cz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-18]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-10] (NVIDIA Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-09] ()
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GenesysLogic)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-10-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-10-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-18] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-10-18] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-06-21] (NVIDIA Corporation)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-18 20:38 - 2017-10-18 20:38 - 000007313 _____ C:\Users\RX\Desktop\FRST.txt
2017-10-18 20:38 - 2017-10-18 20:38 - 000000000 ____D C:\FRST
2017-10-18 20:36 - 2017-10-18 20:36 - 002401792 _____ (Farbar) C:\Users\RX\Desktop\FRST64.exe
2017-10-18 14:05 - 2017-10-18 16:28 - 2647985602 _____ C:\Users\RX\Downloads\Wonder.Woman.2017.1080p.BluRay.x264.AC3.5.1.CZ.DABING.mkv
2017-10-18 12:05 - 2017-10-18 13:42 - 1791748286 _____ C:\Users\RX\Downloads\Gifted, Velký dar (2017) CZ. Dab. 1080p.mkv
2017-10-18 09:45 - 2017-10-18 11:21 - 1775360132 _____ C:\Users\RX\Downloads\Válka.o.Planetu.Opic.War.for.the.Planet.of.the.Apes.2017.720p.BRRip.XViD.DD5.1.CZ.Dabing.mkv
2017-10-17 18:23 - 2017-10-17 20:07 - 1922213412 _____ C:\Users\RX\Downloads\Piráti-z-Karibiku-Salazarova-pomsta-2017-CZ-dabing.avi
2017-10-17 15:39 - 2017-10-17 17:40 - 2232561664 _____ C:\Users\RX\Downloads\Baby Driver novinka 2017 cz dabing.avi
2017-10-17 12:20 - 2017-10-17 12:20 - 000034272 _____ C:\Users\RX\Desktop\Vyuctovani_2017_09-0744968254.pdf
2017-10-17 11:59 - 2017-10-17 11:59 - 000001294 _____ C:\Users\RX\Documents\cc_20171017_115928.reg
2017-10-13 16:12 - 2017-10-13 16:12 - 000000000 ____D C:\Users\RX\AppData\Local\TangoGameworks
2017-10-12 17:39 - 2017-10-12 17:39 - 000043520 _____ C:\Users\RX\Downloads\kalendar-akci-2017.xls
2017-10-11 12:11 - 2017-10-11 12:11 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-11 11:27 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 11:27 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 11:27 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 11:27 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 11:27 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-11 11:27 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-11 11:27 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-11 11:26 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-11 11:26 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 11:26 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-11 11:26 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 11:26 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 11:26 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-11 11:26 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-11 11:26 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-11 11:26 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-11 11:26 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 11:26 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 11:26 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 11:26 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 11:26 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 11:26 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-11 11:26 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 11:26 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 11:26 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 11:26 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 11:26 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 11:26 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 11:26 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-11 11:26 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-11 11:26 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-11 11:26 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 11:26 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-11 11:26 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 11:26 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-11 11:26 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 11:26 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 11:26 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 11:26 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 11:26 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 11:26 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 11:26 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-11 11:26 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-11 11:26 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-11 11:26 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-11 11:26 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-11 11:26 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 11:26 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-11 11:26 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-11 11:26 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-11 11:26 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-11 11:26 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-11 11:26 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-11 11:26 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-11 11:26 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 11:26 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 11:26 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 11:26 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 11:26 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 11:26 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 11:26 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 11:26 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 11:26 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 11:26 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 11:26 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 11:26 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 11:26 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 11:26 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 11:26 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 11:26 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 11:26 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 11:26 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 11:26 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 11:26 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 11:26 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 11:26 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 11:26 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 11:26 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 11:26 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 11:26 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 11:26 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 11:26 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 11:26 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 11:26 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-11 11:26 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 11:26 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 11:26 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-11 11:26 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-11 11:26 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-11 11:26 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-11 11:26 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-11 11:26 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-11 11:26 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-11 11:26 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-11 11:26 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-11 11:26 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-11 11:26 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-11 11:26 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-11 11:26 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-11 11:26 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-11 11:26 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-11 11:26 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-11 11:26 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-11 11:26 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-11 11:26 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-11 11:26 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-11 11:26 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-11 11:26 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-11 11:26 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-11 11:26 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-11 11:26 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-11 11:26 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-11 11:26 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-11 11:26 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 11:26 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-11 11:26 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 11:26 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 11:26 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 11:26 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 11:26 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 11:26 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 11:26 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-11 11:26 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-11 11:26 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-11 11:26 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 11:26 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 11:26 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-11 11:26 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-11 11:26 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 11:26 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-11 11:26 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 11:26 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-02 15:54 - 2017-10-18 16:48 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-10-02 15:54 - 2017-10-18 09:42 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-02 15:54 - 2017-10-18 09:42 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-02 15:54 - 2017-10-09 14:09 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-10-02 10:37 - 2017-10-02 10:46 - 000000000 ____D C:\Users\RX\Downloads\SHAREit
2017-10-02 10:37 - 2017-10-02 10:37 - 000001210 _____ C:\Users\Public\Desktop\SHAREit.lnk
2017-10-02 10:37 - 2017-10-02 10:37 - 000000000 ____D C:\Users\RX\AppData\Roaming\Umeng
2017-10-02 10:37 - 2017-10-02 10:37 - 000000000 ____D C:\Users\RX\AppData\Local\SHAREit Technologies
2017-10-02 10:37 - 2017-10-02 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2017-10-02 10:37 - 2017-10-02 10:37 - 000000000 ____D C:\Program Files (x86)\SHAREit Technologies
2017-09-27 11:25 - 2017-10-18 09:42 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-27 11:25 - 2017-10-09 14:09 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-27 11:25 - 2017-09-27 11:25 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-27 11:25 - 2017-09-27 11:25 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-27 11:24 - 2017-09-27 11:24 - 000000000 ____D C:\ProgramData\MB2Migration
2017-09-27 11:22 - 2017-09-27 11:22 - 000000000 ____D C:\Users\RX\Downloads\Malwarebytes Anti-Malware Premium 3.2.2.2018 Repack
2017-09-27 11:13 - 2017-09-27 11:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_UsbDr_01_09_00.Wdf
2017-09-27 10:30 - 2017-09-27 10:31 - 000006698 _____ C:\Users\RX\Documents\cc_20170927_103057.reg
2017-09-27 10:22 - 2017-09-27 10:22 - 000000000 ____D C:\Users\RX\AppData\Local\ElevatedDiagnostics
2017-09-23 06:12 - 2017-10-10 13:36 - 000000000 ____D C:\Users\RX\Documents\My Games

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-18 20:33 - 2017-08-18 10:04 - 000000000 ____D C:\Users\RX\AppData\LocalLow\Mozilla
2017-10-18 20:12 - 2017-08-18 10:42 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-18 20:12 - 2017-08-18 10:25 - 000000000 ____D C:\Users\RX\AppData\Roaming\uTorrent
2017-10-18 20:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-18 14:50 - 2017-08-19 22:14 - 000000000 ____D C:\Users\RX\AppData\Roaming\vlc
2017-10-18 12:25 - 2017-08-18 10:17 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-18 12:10 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2017-10-18 12:10 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2017-10-18 12:10 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-18 09:52 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-18 09:52 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-18 09:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-15 01:12 - 2017-09-04 10:24 - 000000000 ____D C:\Users\RX\AppData\Local\CrashDumps
2017-10-12 16:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-10-11 12:14 - 2009-07-14 06:45 - 000267368 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 12:12 - 2017-08-18 12:02 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 12:11 - 2017-08-18 12:02 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-11 12:09 - 2017-08-18 12:35 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-01 14:12 - 2017-08-23 17:54 - 000000000 ____D C:\Users\RX\Desktop\ruzne
2017-09-30 09:36 - 2017-08-18 10:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-30 09:36 - 2017-08-18 10:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-27 11:25 - 2017-08-18 10:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-24 10:09 - 2017-09-04 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-24 10:09 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-23 09:50 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-10 14:18

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 18 říj 2017 19:58

Zdravím!
Log je správný. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

rudolff · #3 Příspěvek od **rudolff** » 18 říj 2017 20:08

Zdravim
taky se jmenujte ruda to je super

prikladam ten log

# AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 18 19:03:32 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [952 B] - [2017/10/18 19:2:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

rudolff · #4 Příspěvek od **rudolff** » 18 říj 2017 20:10

mimochodem koukam ze to vyskakovani reklam a nezadouci stranky dela hodne lidem neni to nejaky hromadny utok na firefox?

#5 Příspěvek od **Rudy** » 18 říj 2017 21:04

Jj. Jmenuji. Toto dělají všechny browsery pokud je infikujete na stránkách, mající za cíl je infikovat. Log je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {3af202e4-a4ee-11e7-9d70-14dae9728e7c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {4feaf15f-946e-11e7-a69a-14dae9728e7c} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-2546690686-1583332744-3323792972-1000\...\MountPoints2: {f522d007-83f4-11e7-b3fb-14dae9728e7c} - E:\Lenovo_Suite.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Po skončení této akce ještě pročistěte browsery postupně těmito utilitami:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

rudolff · #6 Příspěvek od **rudolff** » 18 říj 2017 22:03

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by RX on st 18.10.2017 at 22:10:10,72.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\RX\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 22:10:30,64 =====

--- Create Environment Variables 22:10:31,67
--- Create System Restore Point 22:10:36,67
--- Checking Input 22:11:10,25
--- Reset Hosts File 22:11:27,21
--- AU AppData Check 22:11:30,63
--- Remove From Windows Installer 22:11:32,53
--- Empty Folders Check 22:12:21,47
--- Registry HKLM Software Check 22:12:21,48
--- Quick Launch Shortcut Check 22:12:40,12
--- IE Startpage Check 22:12:42,36
--- Program Files DB Check 22:12:57,55
--- C:\Users\Default\AppData\Roaming DB Check 22:13:36,17
--- C:\Users\Default User\AppData\Roaming DB Check 22:13:36,17
--- C:\Users\RX\AppData\Roaming DB Check 22:13:36,17
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 22:13:36,17
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 22:13:36,17
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 22:13:36,17
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 22:13:36,17
--- C:\Users\RX DB Check 22:15:28,51
--- C:\PROGRA~3 DB Check 22:15:42,45
--- C:\Users\Default\AppData\Local DB Check 22:15:45,34
--- C:\Users\Default User\AppData\Local DB Check 22:15:45,34
--- C:\Users\RX\AppData\Local DB Check 22:15:45,34
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 22:15:45,34
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 22:15:45,34
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 22:15:45,34
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 22:15:45,34
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 22:17:02,26
--- C:\Users\RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 22:17:10,42
--- Tasks DB Check 22:17:15,70
--- Downloads DB Check 22:17:18,96
--- C:\Users\RX\AppData\LocalLow DB Check 22:17:22,36
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 22:17:22,36
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 22:17:22,36
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 22:17:22,36
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 22:17:22,36
--- Tasks2 DB Check 22:18:03,54
--- Documents DB Check 22:18:28,09
--- C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\brhq1nu4.default DB Check 22:18:35,19
--- C:\Users\Public\Desktop DB Check 22:18:37,13
--- C:\Users\RX\Desktop DB Check 22:18:41,15
--- Services DB Check 22:18:48,52
--- FF prefs.js DB Check 22:19:07,50
--- Emptyclsid 22:19:41,60
--- Del by CLSID 22:19:42,88
--- Delete Services 22:20:00,23
--- Firefox Fix 22:20:04,02
--- Delete files\folders 22:20:05,16
--- Create Backups 22:20:05,27
--- Firefox Extensions 22:20:07,76

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by RX on st 18.10.2017 at 22:10:10,72.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\RX\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.10.2017 22:11:08 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\RX\AppData\Local\CrashDumps deleted successfully
C:\Users\RX\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\brhq1nu4.default\prefs.js:

Added to C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\brhq1nu4.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\RX\AppData\Roaming\Mozilla\Firefox\Profiles\brhq1nu4.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by RX (Administrator) on st 18.10.2017 at 22:59:20,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 18.10.2017 at 23:00:41,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#7 Příspěvek od **Rudy** » 19 říj 2017 16:28

OK. Nastala nějaká změna?

rudolff · #8 Příspěvek od **rudolff** » 19 říj 2017 17:03

K pár změnám určitě došlo, ale to vyskakovaní reklam přetrvávalo, tak jediný co mě napadlo bylo vymazat komplet všechny data složky od mozily a stáhnout přes ninety novy firefox a najednou ty reklamy přestaly vyskakovat. Jinak to vyskakování začalo po naštívení stránky navratdoreality.

#9 Příspěvek od **Rudy** » 19 říj 2017 17:42

V podstatě ano, doporučujeme ale FF zazálohovat pomocí Mozbackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/, kompletní smazání profilu v c:\users\RX\appdata\roaming, c:\users\RX\data aplikací, c:\users\RX\local settings a v c:\program data , přeinstalování a zpět ze zálohy pak můžete nakopírovat záložky a hesla.

rudolff · #10 Příspěvek od **rudolff** » 19 říj 2017 21:10

Už se stalo

moc vám děkuji

#11 Příspěvek od **Rudy** » 20 říj 2017 16:16

Nemáte zač!

VIRY.CZ

browser miner

browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner

Re: browser miner