VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Peter (administrator) on PETER-PC (04-04-2018 17:01:28)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Total Commander\TOTALCMD64.EXE
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4201464 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-02] (Spotify Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6267384 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [uTorrent] => C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2151864 2018-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198A64C8-8290-44FF-AFFC-CC0451C43693}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: o6yasy6y.default-1506712320144
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144 [2018-04-04]
FF Extension: (Adblock Plus) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-30]
FF Extension: (OkayFreedom) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\features\{2e08a3b0-d6ed-4c15-a0d5-6496e5d67df3}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2018-04-01]
CHR Extension: (Dokumenty) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-31]
CHR Extension: (Disk Google) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-31]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-31]
CHR Extension: (Tabuľky) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-31]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8521384 2018-03-24] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-11-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4854464 2016-12-12] (Disc Soft Ltd)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [358408 2018-01-29] (Steganos Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [73200 2015-03-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [70384 2017-03-27] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-12-03] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-22] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-01-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-01-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-08] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-26] (REALiX(tm))
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2016-11-26] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-12-14] (Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [131856 2017-10-05] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [144656 2017-10-05] (BigNox Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2017-06-10] (MBB)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-05] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 12:31 - 2018-04-04 12:31 - 000002952 _____ C:\Windows\System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F}
2018-04-04 12:30 - 2018-04-04 12:30 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup(1).exe
2018-04-04 12:21 - 2018-04-04 12:21 - 000000162 ____H C:\Users\Peter\Downloads\~$votopis-Peter-Preták.odt
2018-04-04 12:21 - 2018-04-04 12:21 - 000000000 ____D C:\Users\Peter\Downloads\FontCache
2018-04-02 10:47 - 2018-04-02 10:47 - 000004622 _____ C:\Users\Peter\Downloads\purehate.m3u
2018-04-01 20:26 - 2018-04-01 20:26 - 000000000 ____D C:\Windows\SysWOW64\FontCache
2018-04-01 20:24 - 2018-04-01 20:24 - 000353997 _____ C:\Users\Peter\Downloads\HomeTicket.pdf
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\Desktop\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000000000 ____D C:\Users\Peter\AppData\Roaming\uTorrent
2018-03-31 08:50 - 2018-03-31 09:29 - 000000000 ____D C:\Users\Peter\Downloads\GoogleChromePortable
2018-03-30 22:33 - 2018-03-30 22:34 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf.exe
2018-03-30 22:32 - 2018-03-30 22:32 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup.exe
2018-03-30 17:36 - 2018-03-28 10:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-30 17:36 - 2018-03-28 10:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-03-30 17:36 - 2018-03-28 10:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-30 17:36 - 2018-03-09 05:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-30 17:36 - 2018-03-09 05:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-30 17:36 - 2018-03-09 05:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-30 17:36 - 2018-03-09 05:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-30 17:36 - 2018-03-09 05:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-30 17:36 - 2018-03-09 05:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-30 17:36 - 2018-03-09 04:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-30 17:36 - 2018-03-09 04:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-30 17:36 - 2018-03-09 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-30 17:36 - 2018-03-09 04:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-30 17:36 - 2018-03-09 04:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-30 17:36 - 2018-03-09 04:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-30 17:36 - 2018-03-09 04:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-30 17:36 - 2018-03-09 04:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-30 17:36 - 2018-03-09 04:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-30 17:36 - 2018-03-09 04:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-30 17:36 - 2018-03-09 04:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-30 17:36 - 2018-03-09 04:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-30 17:36 - 2018-03-09 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-30 17:36 - 2018-03-09 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-30 17:36 - 2018-03-09 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-30 17:36 - 2018-03-09 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-30 17:36 - 2018-03-09 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-30 17:36 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-30 12:55 - 2018-03-30 12:55 - 001140252 _____ C:\Users\Peter\Downloads\netflix.rar
2018-03-30 12:53 - 2018-03-30 12:53 - 001905624 _____ C:\Users\Peter\Downloads\delphi_all_keygen_2010_-_2017_1_a1c-412___.exe
2018-03-30 11:50 - 2018-04-04 12:21 - 000000000 ____D C:\officeclient.microsoft.com
2018-03-30 11:39 - 2018-03-31 09:21 - 000000000 ____D C:\Users\Peter\Downloads\uTorrentPortable
2018-03-30 11:38 - 2018-03-30 11:38 - 002989616 _____ (PortableApps.com) C:\Users\Peter\Downloads\uTorrentPortable_3.5.3.44358_online.paf.exe
2018-03-30 11:10 - 2018-03-30 11:10 - 000000000 ____D C:\Users\Peter\Downloads\cc6466
2018-03-30 11:04 - 2018-03-30 11:09 - 038110382 _____ C:\Users\Peter\Downloads\cc6466.rar
2018-03-30 09:29 - 2018-02-01 13:21 - 000000000 ____D C:\Users\Peter\Downloads\Frontalkraft & Blitzkrieg & Confident of Victory - Wir stehen fest! (2018)
2018-03-30 09:25 - 2018-03-30 09:27 - 167593813 _____ C:\Users\Peter\Downloads\F-B-CoV-Wsf(320).rar
2018-03-29 17:52 - 2018-03-29 17:52 - 000076623 _____ C:\Users\Peter\Desktop\sfcdetails.txt
2018-03-25 20:28 - 2018-03-25 20:28 - 001129816 _____ (Google Inc.) C:\Users\Peter\Desktop\ChromeSetup.exe
2018-03-25 16:50 - 2018-03-25 16:57 - 808669525 _____ C:\Users\Peter\Downloads\Gotham.S04E14.720p.HDTV.x264-KILLERS.mkv
2018-03-24 19:43 - 2018-03-24 19:43 - 003114288 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\uTorrent (1).exe
2018-03-24 19:35 - 2018-04-01 19:15 - 000009137 _____ C:\Users\Peter\Desktop\Fixlog.txt
2018-03-23 18:45 - 2018-03-23 18:45 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-03-23 18:41 - 2018-03-23 18:41 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Downloads\adwcleaner_7.0.8.0 (1).exe
2018-03-23 18:41 - 2018-03-23 18:41 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-03-23 14:23 - 2018-03-23 14:23 - 000000000 __SHD C:\found.000
2018-03-18 14:45 - 2018-03-18 14:45 - 000383395 _____ C:\Users\Peter\Downloads\TY_KURVA_TY_KURVA_VYJEBANÁ.mp4
2018-03-18 14:16 - 2018-03-18 14:23 - 1587711659 _____ C:\Users\Peter\Downloads\03---Super-11.3.-2018.mp4
2018-03-18 13:42 - 2018-03-18 13:46 - 000009392 _____ C:\Users\Peter\Downloads\Fullwolf6unsensoredHQ.7z.004
2018-03-17 10:35 - 2017-06-21 11:18 - 000000000 ____D C:\Users\Peter\Downloads\Ibude Gold Love Lyon
2018-03-17 10:34 - 2018-03-17 10:35 - 117470601 _____ C:\Users\Peter\Downloads\zaloha_28.1_reall.rar
2018-03-17 10:26 - 2018-03-17 10:26 - 000004528 _____ C:\Users\Peter\Downloads\[CzT]RarmaRadio_Pro_v_2_71_9_CZ_SK_.torrent
2018-03-17 09:36 - 2018-03-17 09:36 - 000007270 _____ C:\Users\Peter\Desktop\Addition.zip
2018-03-17 09:32 - 2018-03-31 08:28 - 000028210 _____ C:\Users\Peter\Desktop\Addition.txt
2018-03-17 09:31 - 2018-04-04 17:03 - 000011969 _____ C:\Users\Peter\Desktop\FRST.txt
2018-03-16 21:03 - 2018-03-16 21:03 - 002364880 _____ C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_Driver_Booster_5_PRO_hub.exe
2018-03-16 21:01 - 2018-03-16 21:02 - 008222496 _____ (Malwarebytes) C:\Users\Peter\Downloads\adwcleaner_7.0.8.0.exe
2018-03-14 20:36 - 2018-02-13 20:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 20:36 - 2018-02-13 20:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 20:36 - 2018-02-13 16:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 20:36 - 2018-02-13 16:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-11 21:20 - 2018-03-11 21:26 - 1290103944 _____ C:\Users\Peter\Downloads\DCs.Legends.of.Tomorrow.S03E12.720p.HDTV.x264-AVS.mkv
2018-03-11 21:09 - 2018-03-11 21:09 - 001026464 _____ C:\Users\Peter\Downloads\IST_2000R_ukázka (1).pdf
2018-03-11 20:51 - 2018-03-11 20:51 - 001026464 _____ C:\Users\Peter\Downloads\IST_2000R_ukázka.pdf
2018-03-11 14:04 - 2018-03-11 14:18 - 000000000 ____D C:\Users\Peter\Downloads\Odpovede
2018-03-11 13:59 - 2018-03-11 13:59 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Zoner
2018-03-11 13:59 - 2018-03-11 13:59 - 000000000 ____D C:\Users\Peter\AppData\Local\Zoner
2018-03-11 13:58 - 2018-03-11 14:01 - 000002139 _____ C:\Users\Peter\Desktop\Zoner Photo Studio X.lnk
2018-03-11 13:58 - 2018-03-11 13:58 - 000002006 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-03-11 13:58 - 2018-03-11 13:58 - 000000000 ____D C:\Program Files\Zoner
2018-03-11 13:57 - 2018-02-28 15:55 - 000000000 ____D C:\Users\Peter\Downloads\Zoner Photo Studio X v19.1802.2.51 SK
2018-03-11 13:56 - 2018-03-11 13:57 - 087449662 _____ C:\Users\Peter\Downloads\kapitola236.rar
2018-03-11 13:18 - 2018-03-11 13:19 - 003114288 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\uTorrent.exe
2018-03-11 12:28 - 2018-03-11 12:28 - 008379024 _____ (McAfee, Inc.) C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_McAfee_Internet_Security_2017.exe
2018-03-11 12:27 - 2018-03-11 12:27 - 002384424 _____ C:\Users\Peter\Downloads\SharewareOnSale_Giveaway_McAfee_Internet_Security_2017_hub.exe
2018-03-11 12:27 - 2018-03-11 12:27 - 000000000 ____D C:\SharewareOnSale Notifier
2018-03-11 11:31 - 2018-03-11 11:31 - 000000000 ____D C:\rsit
2018-03-11 11:30 - 2018-03-11 11:30 - 001222144 _____ C:\Users\Peter\Downloads\RSITx64.exe
2018-03-11 11:29 - 2018-03-11 11:29 - 000016743 _____ C:\Users\Peter\Downloads\[CzT]Spotify_Music_v_5_9_0_732_2016_EN_Android_.torrent
2018-03-11 11:26 - 2018-03-11 11:26 - 003062024 _____ (BitTorrent Inc.) C:\Users\Peter\Downloads\BitTorrent.exe
2018-03-10 14:25 - 2018-03-10 14:25 - 000000000 ____D C:\Users\Peter\Downloads\Psychotesty - k prijatiu do polície
2018-03-10 12:49 - 2018-03-10 13:03 - 1579989426 _____ C:\Users\Peter\Downloads\01x01.rar
2018-03-10 12:48 - 2018-03-10 13:01 - 1567360233 _____ C:\Users\Peter\Downloads\02 - Super (4.3. 2018).mp4
2018-03-10 11:32 - 2018-03-10 11:34 - 173457082 _____ C:\Users\Peter\Downloads\ACD.Systems.ACDSee.Photo.Studio.Ultimate.2018.v11.1.1272.x64.Incl.Keymaker-CORE.rar
2018-03-10 11:14 - 2018-03-10 11:14 - 000000000 ____D C:\ProgramData\ACD Systems
2018-03-10 11:07 - 2018-03-10 11:07 - 000000000 ____D C:\Program Files (x86)\ACD Systems
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\ProgramData\Apple
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\Program Files\Bonjour
2018-03-10 11:03 - 2018-03-10 11:03 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-03-10 10:59 - 2018-03-10 10:59 - 000966928 _____ C:\Users\Peter\Downloads\acdsee.exe
2018-03-10 10:17 - 2018-03-10 10:17 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\WINZIP_W3d70
2018-03-10 09:57 - 2018-03-10 09:57 - 000000000 ____D C:\Users\Peter\Downloads\updates
2018-03-10 09:57 - 2018-03-10 09:57 - 000000000 ____D C:\Users\Peter\Downloads\share

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 17:01 - 2017-11-05 09:00 - 000000000 ____D C:\FRST
2018-04-04 12:31 - 2016-11-26 17:20 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2018-04-04 12:31 - 2016-11-26 17:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-04-04 11:56 - 2018-02-17 20:42 - 000000000 ___RD C:\Users\Peter\Documents\Scanned Documents
2018-04-04 11:56 - 2016-11-26 20:50 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-04-04 11:51 - 2018-02-18 10:51 - 000000000 ____D C:\SCANOVANIE
2018-04-04 07:47 - 2017-12-12 14:33 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-04-04 05:02 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-04 05:02 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-02 22:21 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-02 22:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-02 22:16 - 2017-11-30 12:06 - 000000452 _____ C:\Windows\Tasks\Neptune.job
2018-04-02 22:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-02 16:58 - 2018-02-15 18:34 - 000000000 ____D C:\vlc
2018-04-01 07:56 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-31 11:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-03-31 09:27 - 2017-12-20 09:30 - 000117936 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-31 09:26 - 2017-12-20 09:27 - 000457624 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-31 08:52 - 2016-11-26 17:14 - 000000000 ____D C:\Users\Peter\AppData\Local\Google
2018-03-30 22:54 - 2018-02-18 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-03-30 22:54 - 2017-10-22 13:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-29 18:01 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-29 17:27 - 2018-01-05 14:00 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-29 17:03 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-25 20:45 - 2017-03-04 13:21 - 000000096 _____ C:\Users\Peter\Desktop\topovanie.txt
2018-03-25 20:29 - 2018-03-03 09:24 - 000000000 ____D C:\Program Files\CCleaner
2018-03-25 16:57 - 2017-02-24 15:14 - 000000000 ____D C:\Users\Peter\Downloads\Subs
2018-03-23 18:45 - 2017-11-05 09:03 - 002403328 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-03-23 18:41 - 2015-03-25 22:30 - 000000000 ____D C:\AdwCleaner
2018-03-18 13:34 - 2017-08-23 16:06 - 000000000 ____D C:\Users\Peter\Downloads\d160
2018-03-18 09:13 - 2016-11-26 17:09 - 000000000 ____D C:\Users\Peter
2018-03-18 09:12 - 2016-11-26 20:31 - 000000000 ____D C:\Users\Peter\AppData\Roaming\GHISLER
2018-03-18 09:11 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-18 09:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2018-03-16 18:19 - 2016-11-30 18:20 - 000000333 _____ C:\Users\Peter\Desktop\mail.txt
2018-03-16 04:22 - 2017-06-11 03:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-16 04:07 - 2016-11-26 17:30 - 000000000 ____D C:\Windows\system32\MRT
2018-03-16 04:02 - 2017-10-12 03:09 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-16 04:01 - 2016-11-26 17:30 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-13 04:05 - 2016-11-26 20:21 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-11 11:36 - 2016-11-26 20:51 - 000000000 ____D C:\Users\Peter\AppData\Local\Facebook
2018-03-11 11:23 - 2018-01-15 09:25 - 000000000 ____D C:\Program Files\Total Uninstall 6
2018-03-10 11:13 - 2017-08-23 15:44 - 000000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2018-03-10 10:28 - 2018-03-03 20:09 - 000000000 ____D C:\Users\Peter\AppData\Local\WinZip

==================== Files in the root of some directories =======

2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Peter\AppData\Roaming\MafiaSetup.exe
2016-11-26 17:41 - 2017-02-21 18:38 - 014438400 _____ () C:\Users\Peter\AppData\Roaming\Sandra.mdb
2017-01-14 18:58 - 2017-01-20 17:37 - 000007597 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-19 17:47 - 2017-01-19 17:47 - 000000424 _____ () C:\Users\Peter\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-29 17:46

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Peter (04-04-2018 17:03:35)
Running from C:\Users\Peter\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-26 15:09:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1762337417-2231521048-3039012980-500 - Administrator - Disabled)
Guest (S-1-5-21-1762337417-2231521048-3039012980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1762337417-2231521048-3039012980-1002 - Limited - Enabled)
Peter (S-1-5-21-1762337417-2231521048-3039012980-1000 - Administrator - Enabled) => C:\Users\Peter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
bwin Poker (HKLM-x32\...\bwincomPoker) (Version: - bwincom)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CountDown ShutDown PC (HKLM-x32\...\CountDown ShutDown PC_is1) (Version: - Velkej Chytrák)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.0.0.0540 - Disc Soft Ltd)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 7.0 - Poikosoft)
Charles 4.1.3 (HKLM\...\{81045AC5-B1C4-4B5D-8719-9BEB41167F17}) (Version: 4.1.3.5 - XK72 Ltd)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
InstaTrader (HKLM-x32\...\InstaTrader) (Version: 6.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.3 - Steganos Software GmbH)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SharewareOnSale Notifier (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
SiSoftware Sandra Lite 2015.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.32.2015.3 - SiSoftware)
Spotify (HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Total Commander verze 9.12 (HKLM-x32\...\{B12BC641-C553-4138-A829-31B1A642333B}_is1) (Version: 9.12 - ©Ghisler Software GmbH)
Total Uninstall 6.21.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.21.1 - Gavrila Martau)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (01/20/2017 4.3.12) (HKLM\...\5704FF66AFA4D394842933DCC54279C2E177D380) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (01/20/2017 4.3.12) (HKLM\...\35C6212A24F5D9B7942ECD18B0255759779999C2) (Version: 01/20/2017 4.3.12 - BigNox Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24119}) (Version: 22.0.12706 - Corel Corporation)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version: - )
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_SK_is1) (Version: 19.1802.2.51 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll ()
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13BD8189-A171-49FE-9027-8C33F59C029F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {2526F98E-7DEA-4119-8FC1-7E8272BC7DA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {51866950-7186-4069-BA8F-A63C3279F21D} - System32\Tasks\{E30CA91D-AAF5-480F-A381-9FC5B3911889} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nox\bin\Nox_unload.exe" -d "C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Nox"
Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
Task: {95DB87D3-3FAD-45B7-B2F3-002C8DE0E96C} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-12-11] (WinZip)
Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
Task: {AAFE712A-7160-4544-BD91-D76BEEBDDB0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {DE6BD060-8625-4DF0-9C37-8F2B07C03ACE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {E0F94AAF-0B95-444C-A0BC-54A6A4F0404B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {E182B577-489C-40B4-8627-246BAD945241} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {F5C6E9EE-90CE-48E2-A0DE-099EB67E52CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-26 17:36 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-01 13:15 - 2017-09-01 13:15 - 000495872 ____N () C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
2018-01-22 11:03 - 2018-01-22 11:03 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-02-18 12:38 - 2018-03-30 22:48 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-04-01 19:14 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk => C:\Windows\pss\Facebook Gameroom.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: OKAYFREEDOM Notifier => "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
MSCONFIG\startupreg: OKAYFREEDOM_Agent => "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
MSCONFIG\startupreg: Spotify => "C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{21AF00BC-69E4-46D0-9E2C-7BDCA808AB87}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
FirewallRules: [{49A999C8-E8ED-493A-8569-474C1C02AA67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F3E2D9C-ADDF-4688-BA9C-7498CB62CE88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF242538-1915-4CB0-9CCA-0BE42684B226}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C2B13292-FE11-4D92-8BE6-FC58126E6FE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{91562D1F-4BB8-4DE3-9061-83293C19044B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{65A90583-4A75-4A42-B53E-574948CA365F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C9F0D391-BBD5-4832-819B-8FED00D6A67B}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{62EF1DAB-D355-4394-8692-6C9DE01C8F57}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C536916A-B3E5-478E-9A3B-99FBC19BE9BF}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\RpcSandraSrv.exe
FirewallRules: [TCP Query User{E99ACC46-EB4B-4690-AF11-A6D761CE11CB}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [UDP Query User{5F003441-B584-43ED-9AC2-F4CFC62463F4}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [{7C805329-BE04-4FE2-ADBA-FE123F381327}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FD895352-A201-4520-99D3-041E934E9621}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{22D57A7F-28F1-433B-B1B8-20C30E90BED8}] => (Block) LPort=445
FirewallRules: [{287B29C8-F3BB-40DB-A7F1-CE083767A946}] => (Block) LPort=445
FirewallRules: [TCP Query User{9E74E1B7-D2A6-485D-939B-C6BDF5A46CAF}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [UDP Query User{8C4309E6-FF2E-47F3-BF23-EB0C4B101B69}C:\program files\charles\charles.exe] => (Allow) C:\program files\charles\charles.exe
FirewallRules: [TCP Query User{A283D731-EAFB-411F-BEFC-AD2A2B510395}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A48889D6-B34D-4693-B1B3-3CCC50F648E5}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe
FirewallRules: [{334F2B70-9981-4709-A053-2CBE9A891BED}] => (Allow) \Nox\bin\Nox.exe
FirewallRules: [{C8EFF610-85D7-48FF-9174-DEF031BEE7EB}] => (Allow) \Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{BFF57A19-B280-410D-B975-C97037BCA189}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B21132F8-8F3E-4BC4-ADEC-9A7249804BA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC3F5B27-B14C-4FF5-8AC0-C7D159430180}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC7FAFBE-7EB6-4B94-8D7B-3BFB5255A88E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6E760AF-CE67-405E-BBC9-46110337E7D1}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50855B08-1183-4AED-951E-018DD6B1D6F1}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8B9BB92-C8D0-4DED-81B5-7C3ADA1DDE27}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E6E9127-557D-4739-B1DC-FE44AC816735}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5C42852C-D506-4AD0-B1AE-42F3DD1E6C9B}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DB88DE23-4E74-4DD7-A823-3D35DDF6F429}] => (Allow) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\xchat\xchat.exe] => Enabled:XChat IRC Client

==================== Restore Points =========================

01-04-2018 19:14:08 Restore Point Created by FRST
01-04-2018 19:23:10 Odinštalované pomocou Total Uninstall "Google Update Helper"
01-04-2018 19:24:10 Removed Google Update Helper
03-04-2018 10:50:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2018 07:46:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OkayFreedomClient.exe, verzia: 1.8.3.12287, časová značka: 0x5a6f2bfb
Názov chybového modulu: OkayFreedomClient.exe, verzia: 1.8.3.12287, časová značka: 0x5a6f2bfb
Kód výnimky: 0xc0000417
Odstup chyby: 0x003239dd
Identifikácia chybného procesu: 0x9bc
Čas spustenia chybnej aplikácie: 0x01d3cabf8425d55b
Cesta chybnej aplikácie: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
Cesta chybného modulu: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
Identifikácia hlásenia: 96f5af0b-37cb-11e8-9dcc-001e8c60ef64

Error: (04/04/2018 04:51:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x11b8
Čas spustenia chybnej aplikácie: 0x01d3cbbfdebd0b3b
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 1d56050a-37b3-11e8-9dcc-001e8c60ef64

Error: (04/04/2018 04:51:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x14e8
Čas spustenia chybnej aplikácie: 0x01d3cbbfdec91958
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 1d55b6e9-37b3-11e8-9dcc-001e8c60ef64

Error: (04/03/2018 10:46:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x1788
Čas spustenia chybnej aplikácie: 0x01d3cb283e91d23b
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 7d172164-371b-11e8-9dcc-001e8c60ef64

Error: (04/03/2018 10:46:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Názov chybového modulu: OneDriveSetup.exe, verzia: 18.25.204.9, časová značka: 0x5a9798dc
Kód výnimky: 0x40000015
Odstup chyby: 0x00086722
Identifikácia chybného procesu: 0x12cc
Čas spustenia chybnej aplikácie: 0x01d3cb283b094752
Cesta chybnej aplikácie: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Cesta chybného modulu: C:\Users\Peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
Identifikácia hlásenia: 7d16fa54-371b-11e8-9dcc-001e8c60ef64

Error: (04/02/2018 10:21:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/02/2018 10:21:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/02/2018 05:20:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585


System errors:
=============
Error: (04/04/2018 08:48:55 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/04/2018 08:48:52 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/02/2018 11:05:24 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (04/02/2018 10:18:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (04/02/2018 10:18:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Error: (04/02/2018 03:32:05 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (04/02/2018 11:25:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (04/02/2018 11:25:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).


Windows Defender:
===================================
Date: 2018-03-29 17:53:58.309
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{126F799B-869C-440B-9062-942759E2D4AA}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-06-02 05:57:47.906
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.429
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.427
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-27 14:23:26.415
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-20 08:33:09.048
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-05-20 08:33:09.031
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 4095.12 MB
Available physical RAM: 1829.21 MB
Total Virtual: 8188.4 MB
Available Virtual: 3854.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.31 GB) (Free:36.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 08CB08CB)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Akurát sa mi podarilo naištalovať portable verziu google chrome
ale tvári sa takto:

Problemy s Chrome stale pretrvavaju? Ostatne programy a prehliadace (Firefox) funguju?

Ak Chrome stale nejde, postupuj takto.

V ovladacom paneli -> odinstalovat program skontroluj, ci sa tam nenachadza Chrome, pripadne iny suvisiaci program od Google; ak ano, odinstaluj ich.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
  Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
  Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
  Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
  
  C:\Program Files\Google
  C:\Program Files (x86)\Google
  C:\Users\Peter\AppData\Local\Google
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Po restartovani precisti PC cez CCleaner, vratane registrov.

Vyskusaj nainstalovat Chrome z tohoto odkazu: https://www.google.com/intl/en/chrome/b ... andalone=1

Tento krát pre zmenu my tam naskočilo pri inštalícií G.Ch. toto:



Ukazolo sa to bna 3 sekundy a potom zmizlo.. Samozrejme ani inštalačku nespusti...
Mozila, ide bez problémov

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Peter (07-04-2018 09:29:24) Run:6
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [SharewareOnSale Notifier] => \SharewareOnSale Notifier\SharewareOnSale Notifier.exe
Task: {66BFD9E7-B83C-4976-B2DA-4EBB7321013C} - System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => C:\Users\Peter\Downloads\ChromeSetup(1).exe [2018-04-04] (Google Inc.)
Task: {9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C} - System32\Tasks\Neptune => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe
Task: C:\Windows\Tasks\Neptune.job => C:\Program Files (x86)\Neptune SystemCare 2017\NeptuneTray.exe

C:\Program Files\Google
C:\Program Files (x86)\Google
C:\Users\Peter\AppData\Local\Google

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SharewareOnSale Notifier" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66BFD9E7-B83C-4976-B2DA-4EBB7321013C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66BFD9E7-B83C-4976-B2DA-4EBB7321013C}" => removed successfully
C:\Windows\System32\Tasks\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B3E36BA-80A4-4CC5-BEC2-D5DC9CE4C84F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D1ED043-594B-4966-9B5F-C5CCD3E6EB8C}" => removed successfully
C:\Windows\System32\Tasks\Neptune => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Neptune" => removed successfully
C:\Windows\Tasks\Neptune.job => moved successfully
"C:\Program Files\Google" => not found
C:\Program Files (x86)\Google => moved successfully
C:\Users\Peter\AppData\Local\Google => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9453960 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 21700252 B
Edge => 0 B
Chrome => 0 B
Firefox => 381025155 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1584 B
Peter => 158260757 B

RecycleBin => 420544421 B
EmptyTemp: => 953.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:30:14 ====

Tie aktualizacie cez Windows Update si uz nainstaloval?

Skus tam spustit este tento fixlist:

Systém je zaktualizovaný, fixlist nepomohol.
Riešenie skúsim nájsť niekde inde
Inak PC už je čistý ?

Vyzera to ciste, kazdopadne odporuucil by som urobit preistotu este uplny sken v MBAM.

Urob v MBAM uplny sken

• Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
• Ignoruj skusobnu trial verziu
• Otvor MBAM a vlavo klikni na "Skenovat"
• Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
• Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
• Klikni na Skenovat teraz a pockaj na dokoncenie
• Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
• Obsah tohto suboru sem skopiruj
• Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868

Zaujímavé... NEchal som označiť aj rootkity a v logu sú zakazané.
Zatiaľ som nič nemazal


Malwarebytes
http://www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 09.04.18
Čas skenovania: 2:58
Súbor denníka: 0c806426-3b91-11e8-aab5-001e8c60ef64.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.4.5.2467
Verzia súčastí: 1.0.342
Aktualizovať verziu balíka: 1.0.4662
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: System

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Plánovač
Výsledok: Dokončené
Preskenované objekty: 235340
Zistené hrozby: 32
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 6 min, 11 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 3
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall, Bez zásahu používateľa, [4602], [396335],1.0.4662

Súbor: 29
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE\DLLSUITE.INI, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71u.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcr71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dgl.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dum.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLibJava.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmhgfs.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vsocklib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71u.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\msvcr71.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dgl.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dum.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLibJava.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmhgfs.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vsocklib.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall\InnoCallback.dll, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42751,7110374074.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42788,5345377083.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42789,5794298264.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42993,3638671296.Reg, Bez zásahu používateľa, [4602], [396335],1.0.4662
Generic.Malware/Suspicious, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP, Bez zásahu používateľa, [0], [392686],1.0.4662
HackTool.HotKeysHook, C:\USERS\PETER\DESKTOP\MAFIA.EXE, Bez zásahu používateľa, [14344], [279589],1.0.4662
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8210], [393793],1.0.4662
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8210], [393793],1.0.4662
Adware.LoadMoney, C:\USERS\PETER\DOWNLOADS\DELPHI_ALL_KEYGEN_2010_-_2017_1_A1C-412___.EXE, Bez zásahu používateľa, [391], [505238],1.0.4662

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Toto je log iba z rychleho Threat Scan ("Vyhľadávanie hrozieb"), urobil si uplny sken tak ako som pisal?

Program DLL Suite neodporucam velmi pouzivat.

Teraz by to už malo byť správne

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 14.04.18
Čas skenovania: 13:12
Súbor denníka: c8af7d66-3fd4-11e8-a8da-001e8c60ef64.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.4.5.2467
Verzia súčastí: 1.0.342
Aktualizovať verziu balíka: 1.0.4732
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Peter-PC\Peter

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 478459
Zistené hrozby: 142
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 27 h, 14 min, 45 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 7
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE, Bez zásahu používateľa, [4616], [396335],1.0.4732

Súbor: 135
Adware.Elex, C:\ADWCLEANER\QUARANTINE\FILES\KAWSSFOICVICSZWUVBLWIYBVSUPVPTIG\WINSAP_UPDATE\UVCSETUP.MSI, Bez zásahu používateľa, [685], [435872],1.0.4732
Adware.Elex, C:\ADWCLEANER\QUARANTINE\FILES\KAWSSFOICVICSZWUVBLWIYBVSUPVPTIG\WINSAP_UPDATE\REGKEY.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
FraudTool.YAC, C:\ADWCLEANER\QUARANTINE\FILES\ORRCNFEQBBSWHWPDAFXSSWHQSMSKLZUC.BACK, Bez zásahu používateľa, [324], [299006],1.0.4732
FraudTool.YAC, C:\ADWCLEANER\QUARANTINE\FILES\VMZBOODNRWZGGUOKYFALGFMKDMFOXRGP.BACK, Bez zásahu používateľa, [324], [299006],1.0.4732
HackTool.HotKeyHook, C:\ADWCLEANER\QUARANTINE\FILES\XSQQXKNSLNRGOFXCRRANVAICKTEUPVBB.BACK, Bez zásahu používateľa, [10624], [34706],1.0.4732
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8236], [393793],1.0.4732
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Bez zásahu používateľa, [8236], [393793],1.0.4732
PUP.Optional.DLLSuite, C:\PROGRAM FILES (X86)\DLL SUITE\DLLSUITE.INI, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\FXSEXT32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjetoledb40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mswstr10.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\regedit.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\audiodev.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\compobj.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\crtdll.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ctl3d32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3d8.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dim.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dim700.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dramp.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\d3dxof.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmband.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmcompos.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmime.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmscript.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dmstyle.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dplaysvr.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dplayx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dpmodemx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\dpwsockx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\explorer.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\expsrv.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\FXSXP32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\hh.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\iccvid.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\instnm.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\iprop.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir32_32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir41_qc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir41_qcx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_qc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ir50_qcx.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc40u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mfc71u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mscpx32r.dLL, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mscpxl32.dLL, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msexch40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msexcl40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjet40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjint40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjter40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msjtes40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msltus40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msorc32r.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msorcl32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mspbde40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrd2x40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrd3x40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msrepl40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mstext40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvbvm60.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcr71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcrt20.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msvcrt40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mswdat10.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\msxbde40.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\mtxlegih.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ntkrnlpa.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odbcji32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odbcjt32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\oddbse32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odexl32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odfox32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odpdx32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\odtext32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2disp.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\ole2nls.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olecli32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olepro32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olesvr32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\olethk32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\perfhost.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\setup16.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\setupSNK.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlunirl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlwid.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\sqlwoa.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\storage.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\typelib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\user.exe, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vbajet32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vdmdbg.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vfpodbc.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dgl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vm3dum.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmGuestLibJava.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vmhgfs.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\vsocklib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\System32\wow32.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\mfc71u.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\msvcr71.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dgl.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vm3dum.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmGuestLibJava.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vmhgfs.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\DownLoad\SoftwareUpdate\SysWOW64\vsocklib.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\Intall\InnoCallback.dll, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42751,7110374074.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42788,5345377083.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42789,5794298264.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
PUP.Optional.DLLSuite, C:\Program Files (x86)\DLL Suite\RegistryBack\42993,3638671296.Reg, Bez zásahu používateľa, [4616], [396335],1.0.4732
Generic.Malware/Suspicious, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP, Bez zásahu používateľa, [0], [392686],1.0.4732
Generic.Malware/Suspicious, C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE, Bez zásahu používateľa, [0], [392686],1.0.4732
HackTool.HotKeysHook, C:\USERS\PETER\DESKTOP\MAFIA.EXE, Bez zásahu používateľa, [14394], [279589],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH\DAEMON.TOOLS.ULTRA.V.5.0.0.0540.X32-PATCH.EXE, Bez zásahu používateľa, [8152], [281135],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH\DAEMON.TOOLS.ULTRA.V.5.0.0.0540.X64-PATCH.EXE, Bez zásahu používateľa, [8152], [281135],1.0.4732
HackTool.FilePatch, C:\USERS\PETER\DOWNLOADS\DTU5540\DAEMON TOOLS ULTRA 5.0.0.540\PATCH.RAR, Bez zásahu používateľa, [8152], [281135],1.0.4732
Generic.Malware/Suspicious, C:\USERS\PETER\DOWNLOADS\CC6466\CC6466\KEYMAKER_CORE.RAR, Bez zásahu používateľa, [0], [392686],1.0.4732
PUP.Optional.AdvancedSystemCare, C:\USERS\PETER\DOWNLOADS\PROGRAMS\ADVANCED-SYSTEMCARE-SETUP.EXE, Bez zásahu používateľa, [4592], [396386],1.0.4732
Adware.LoadMoney, C:\USERS\PETER\DOWNLOADS\DELPHI_ALL_KEYGEN_2010_-_2017_1_A1C-412___.EXE, Bez zásahu používateľa, [396], [505238],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE, Bez zásahu používateľa, [685], [424002],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI, Bez zásahu používateľa, [685], [435872],1.0.4732
FraudTool.YAC, C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS, Bez zásahu používateľa, [324], [299006],1.0.4732
PUP.Optional.AdvancedSystemCare, C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE, Bez zásahu používateľa, [4592], [396386],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\REGKEY.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\YACQQ.EXE, Bez zásahu používateľa, [685], [345563],1.0.4732
Adware.Elex, C:\WINDOWS.OLD\WINDOWS\TEMP\NSI5E1D.TMP\UPDATE.DLL-201611221827.DLL.EXE, Bez zásahu používateľa, [685], [404063],1.0.4732
RiskWare.BitCoinMiner, C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE, Bez zásahu používateľa, [914], [354560],1.0.4732

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Odporcam odinstalovat DLL Suite. Takisto odporucam nepouzivat ziadne IObit programy, su to smejdy, ktore mozu poskodit system. Odporucam premazat zlozku so stiahnutymi subormi (C:\Users\Peter\Desktop\Downloads), hlavne tie cracky, ktore mozu mat v sebe aj nejakeho smejda.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP
  VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE
  VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
  VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
  File: C:\USERS\PETER\DESKTOP\MAFIA.EXE
  File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
  File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
  
  C:\ADWCLEANER\QUARANTINE
  C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE
  C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE
  C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI
  C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
  C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE
  C:\WINDOWS.OLD\WINDOWS\TEMP
  C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by Peter (21-04-2018 13:03:06) Run:8
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP
VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE
VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
File: C:\USERS\PETER\DESKTOP\MAFIA.EXE
File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

C:\ADWCLEANER\QUARANTINE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE
C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE
C:\WINDOWS.OLD\WINDOWS\TEMP
C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\CCLEANER.ANALYZED.ZIP => (3) Error
VirusTotal: C:\USERS\PETER\DESKTOP\MAFIA.EXE => https://www.virustotal.com/file/40fbcc4 ... 424111142/
VirusTotal: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS => https://www.virustotal.com/file/6597d49 ... 522908890/
VirusTotal: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE => https://www.virustotal.com/file/ba5ad1f ... 506534131/

========================= File: C:\USERS\PETER\DESKTOP\MAFIA.EXE ========================

C:\USERS\PETER\DESKTOP\MAFIA.EXE
File not signed
MD5: E730D53C1BD3E7ACCDCC1B61A09E6910
Creation and modification date: 2016-12-25 18:12 - 2003-06-24 13:29
Size: 000428417
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS ========================

C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS
File is digitally signed
MD5: 9FB02FBA90F6AF59537A30C3DB9777C8
Creation and modification date: 2016-11-22 20:34 - 2016-05-19 08:42
Size: 000052392
Attributes: ----A
Company Name: Elex do Brasil Participações Ltda
Internal Name: iSafeNetFilter.sys
Original Name: iSafeNetFilter.sys
Product: YAC Security Protection
Description: iSafeNetFilter SDK WFP Driver (WPP)
File Version: 1.4.6.1 built by: WinDDK
Product Version: 1.4.6.1
Copyright: Copyright (c) 2011-2013 Elex do Brasil Participações Ltda
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE ========================

C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE
File not signed
MD5: 95C63E6F6B4AD5D13BF44C3D4B0C35F0
Creation and modification date: 2016-11-18 21:41 - 2016-11-18 21:41
Size: 000073216
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

C:\ADWCLEANER\QUARANTINE => moved successfully
C:\SYSTEM VOLUME INFORMATION\_RESTORE{D75B3A1E-7CA6-4C9C-9FDE-6198209CBF53}\RP8\A0004026.EXE => moved successfully
C:\WINDOWS.OLD\USERS\PETER\APPDATA\ROAMING\IBEIB\UVCONVERTER.EXE => moved successfully
C:\WINDOWS.OLD\WINDOWS\INSTALLER\F922B12.MSI => moved successfully
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\DRIVERS\ISAFENETFILTER.SYS => moved successfully
C:\WINDOWS.OLD\WINDOWS\SYSTEM32\REGISTRYDEFRAGBOOTTIME.EXE => moved successfully
C:\WINDOWS.OLD\WINDOWS\TEMP => moved successfully
C:\WINDOWS.OLD\WINDOWS\TASKMGR.EXE => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5464689 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7894042 B
Edge => 0 B
Chrome => 0 B
Firefox => 385667028 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 1312 B
Peter => 281430793 B

RecycleBin => 256811666 B
EmptyTemp: => 901.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:05:19 ====

OK, poprosim este raz nove logy z FRST. Chrome stale nejde?

Chrome zatiaľ nejde

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018
Ran by Peter (administrator) on PETER-PC (28-04-2018 20:57:30)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Total Commander\TOTALCMD64.EXE
(XChat-SE) C:\Users\Peter\Downloads\IRC\xchat.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-11] (WinZip Computing, S.L.)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2017-12-11] (WinZip Computing, S.L.)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4201464 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-02] (Spotify Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6267384 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [uTorrent] => C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2151864 2018-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2003688 2018-02-20] (TomTom)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2018-03-16] (TomTom)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198A64C8-8290-44FF-AFFC-CC0451C43693}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: o6yasy6y.default-1506712320144
FF ProfilePath: C:\Users\Peter\AppData\Roaming\TomTom\HOME\Profiles\iif5lsue.default [2018-04-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2018-04-14] [Legacy] [not signed]
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144 [2018-04-28]
FF Extension: (Adblock Plus) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-04-22]
FF Extension: (OkayFreedom) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-11-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4854464 2016-12-12] (Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [358408 2018-01-29] (Steganos Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [73200 2015-03-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [70384 2017-03-27] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-12-03] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-22] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-01-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-01-25] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-08] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-26] (REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-04-23] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2016-11-26] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-12-14] (Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [131856 2017-10-05] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [144656 2017-10-05] (BigNox Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2017-06-10] (MBB)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-05] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-28 17:14 - 2018-04-28 17:24 - 965693119 _____ C:\Users\Peter\Downloads\Lucifer.S03E15.720p.HDTV.x264-KILLERS.mkv
2018-04-28 17:13 - 2018-04-28 17:23 - 933517040 _____ C:\Users\Peter\Downloads\Lucifer.S03E14.720p.HDTV.x264-BATV.mkv
2018-04-22 20:41 - 2018-04-22 20:41 - 000006244 _____ C:\Windows\SysWOW64\MSO1051.acl
2018-04-21 19:31 - 2018-04-21 19:31 - 002071992 _____ C:\Users\Peter\Downloads\Malwarebytes.AntiExploit.Premium.1.12.1.68.rar
2018-04-21 15:53 - 2018-04-21 15:54 - 001129816 _____ (Google Inc.) C:\Users\Peter\Downloads\ChromeSetup.exe
2018-04-21 14:01 - 2018-04-21 14:02 - 089811021 _____ C:\Users\Peter\Downloads\Reborn - Patriot (2017) - 320kbps.7z
2018-04-21 13:58 - 2018-04-21 14:02 - 364027575 _____ C:\Users\Peter\Downloads\JANDA DALIBOR - Velky flam-Zlate album (CZ 2CD 2018)[MP3.CBR.320].rar
2018-04-21 13:51 - 2018-04-21 13:53 - 155904449 _____ C:\Users\Peter\Downloads\BFMV-Venom.rar
2018-04-21 12:24 - 2018-04-21 12:35 - 212245569 _____ C:\Users\Peter\Downloads\Moshpit - An Eternal Torch Can Light A Million (2017).7z
2018-04-15 15:21 - 2018-03-06 17:55 - 000000000 ____D C:\Users\Peter\Downloads\mma250
2018-04-15 15:17 - 2018-04-15 15:19 - 069520126 _____ C:\Users\Peter\Downloads\mma250.rar
2018-04-14 12:54 - 2018-04-14 12:54 - 000000000 ____D C:\Users\Peter\AppData\Roaming\TomTom
2018-04-14 12:53 - 2018-04-14 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2018-04-14 12:52 - 2018-04-14 12:53 - 000000000 ____D C:\Program Files (x86)\TomTom HOME 2
2018-04-14 12:48 - 2018-04-15 12:21 - 000000000 ____D C:\Users\Peter\AppData\Local\TomTom
2018-04-14 12:48 - 2018-04-14 12:48 - 000000851 _____ C:\Users\Peter\Desktop\TomTom MyDrive Connect.lnk
2018-04-14 12:48 - 2018-04-14 12:48 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom
2018-04-14 12:48 - 2018-04-14 12:48 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2018-04-14 12:31 - 2018-04-14 12:31 - 000000000 ____D C:\Windows\Mozilla
2018-04-14 12:25 - 2018-04-14 12:26 - 029424528 _____ C:\Users\Peter\Downloads\TomTomHOME2winlatest.exe
2018-04-14 12:19 - 2018-04-14 12:19 - 000000000 ____D C:\Users\Peter\AppData\Local\cache
2018-04-14 12:16 - 2018-04-14 12:16 - 068659424 _____ (TomTom International B.V.) C:\Users\Peter\Downloads\InstallTomTomMyDriveConnect.exe
2018-04-13 18:26 - 2018-03-31 04:09 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-04-13 18:26 - 2018-03-31 04:09 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-04-13 18:26 - 2018-03-31 04:09 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-04-13 18:26 - 2018-03-31 04:09 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-04-13 18:26 - 2018-03-31 04:09 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-04-13 18:26 - 2018-03-31 03:45 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-04-13 18:26 - 2018-03-31 03:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-04-13 18:26 - 2018-03-31 03:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-04-13 18:26 - 2018-03-31 03:38 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-04-13 18:26 - 2018-03-31 03:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-04-13 18:26 - 2018-03-31 03:12 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-04-13 18:26 - 2018-03-31 03:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-04-13 18:26 - 2018-03-31 03:06 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-04-13 18:26 - 2018-03-31 03:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-04-13 18:26 - 2018-03-31 03:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-04-13 18:26 - 2018-03-31 03:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-04-13 18:26 - 2018-03-31 03:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-04-13 18:26 - 2018-03-31 02:59 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-04-13 18:26 - 2018-03-31 02:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-04-13 18:26 - 2018-03-31 02:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-04-13 18:26 - 2018-03-31 02:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-04-13 18:26 - 2018-03-28 09:30 - 003225600 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-04-13 18:26 - 2018-03-23 20:50 - 000396952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-04-13 18:26 - 2018-03-23 19:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-04-13 18:26 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-04-13 18:26 - 2018-03-22 23:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-04-13 18:26 - 2018-03-22 23:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-04-13 18:26 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-04-13 18:26 - 2018-03-22 23:19 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-04-13 18:26 - 2018-03-22 23:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-04-13 18:26 - 2018-03-22 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-04-13 18:26 - 2018-03-22 23:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-04-13 18:26 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-04-13 18:26 - 2018-03-22 23:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-04-13 18:26 - 2018-03-22 23:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-04-13 18:26 - 2018-03-22 23:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-04-13 18:26 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-04-13 18:26 - 2018-03-22 23:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-04-13 18:26 - 2018-03-22 23:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-04-13 18:26 - 2018-03-22 23:05 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-04-13 18:26 - 2018-03-22 23:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-04-13 18:26 - 2018-03-22 22:58 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-04-13 18:26 - 2018-03-22 22:55 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-04-13 18:26 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-04-13 18:26 - 2018-03-22 22:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-04-13 18:26 - 2018-03-22 22:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-04-13 18:26 - 2018-03-22 22:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-04-13 18:26 - 2018-03-22 22:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-04-13 18:26 - 2018-03-22 22:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-04-13 18:26 - 2018-03-22 22:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-04-13 18:26 - 2018-03-22 22:45 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-04-13 18:26 - 2018-03-22 22:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-04-13 18:26 - 2018-03-22 22:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-04-13 18:26 - 2018-03-22 22:44 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-04-13 18:26 - 2018-03-22 22:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-04-13 18:26 - 2018-03-22 22:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-04-13 18:26 - 2018-03-22 22:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-04-13 18:26 - 2018-03-22 22:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-04-13 18:26 - 2018-03-22 22:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-04-13 18:26 - 2018-03-22 22:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-04-13 18:26 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-04-13 18:26 - 2018-03-22 22:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-13 18:26 - 2018-03-22 22:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-04-13 18:26 - 2018-03-22 22:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-04-13 18:26 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-04-13 18:26 - 2018-03-22 22:27 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-04-13 18:26 - 2018-03-22 22:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-04-13 18:26 - 2018-03-22 22:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-04-13 18:26 - 2018-03-22 22:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-04-13 18:26 - 2018-03-22 22:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-04-13 18:26 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-04-13 18:26 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-04-13 18:26 - 2018-03-22 22:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-04-13 18:26 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-04-13 18:26 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-04-13 18:26 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-04-13 18:26 - 2018-03-22 22:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-04-13 18:26 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-04-13 18:26 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-04-13 18:26 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-04-13 18:26 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-04-13 18:26 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-04-13 18:26 - 2018-03-10 19:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-04-13 18:26 - 2018-03-09 20:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-04-13 18:26 - 2018-03-09 20:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-04-13 18:26 - 2018-03-09 20:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-04-13 18:26 - 2018-03-09 20:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-04-13 18:26 - 2018-03-06 20:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-04-13 18:26 - 2018-03-06 20:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-04-13 18:26 - 2018-03-06 20:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-04-13 18:26 - 2018-03-06 20:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-04-13 18:26 - 2018-03-06 20:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-04-13 18:26 - 2018-03-06 20:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-04-13 18:26 - 2018-02-22 05:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-04-13 18:26 - 2018-02-22 05:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-04-13 18:26 - 2018-02-10 20:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-04-13 18:26 - 2018-02-10 20:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-04-13 18:26 - 2018-02-10 20:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-04-13 18:26 - 2018-02-10 20:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-04-13 18:26 - 2018-02-10 20:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-04-13 18:26 - 2018-02-10 20:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-04-13 18:26 - 2018-02-10 20:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-04-13 18:26 - 2018-02-10 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-04-13 18:26 - 2018-02-10 20:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-04-13 18:26 - 2018-02-10 19:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-04-13 18:26 - 2018-02-10 19:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-04-13 18:26 - 2018-02-10 19:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-04-13 18:26 - 2018-02-10 19:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-04-13 18:26 - 2018-02-10 19:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-04-13 18:26 - 2018-02-10 19:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-04-13 18:26 - 2018-02-10 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-04-13 18:26 - 2018-02-10 19:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-04-13 18:26 - 2018-02-02 20:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-04-13 18:26 - 2018-02-02 20:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-04-13 18:26 - 2018-02-02 20:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-04-13 18:26 - 2018-02-02 20:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-04-13 18:26 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-04-13 18:26 - 2018-02-02 20:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-04-13 18:26 - 2018-02-02 20:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-04-13 18:26 - 2018-02-02 20:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-04-13 18:26 - 2018-02-02 19:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-04-13 18:26 - 2018-02-02 19:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-04-13 18:26 - 2018-01-25 16:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000019800 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-04-13 18:26 - 2018-01-25 16:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-04-13 18:26 - 2018-01-12 18:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-04-13 18:26 - 2018-01-12 18:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 03:06 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-04-13 18:25 - 2018-03-31 03:06 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-04-13 18:25 - 2018-03-31 02:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-04-13 18:25 - 2018-03-31 02:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-04-13 18:25 - 2018-03-31 02:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-04-13 18:25 - 2018-03-09 20:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-04-13 18:25 - 2018-03-09 20:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-04-13 18:25 - 2018-03-09 20:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-04-13 18:25 - 2018-03-09 19:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-04-13 18:25 - 2018-01-15 21:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-04-13 18:25 - 2018-01-15 21:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-04-13 18:18 - 2018-04-13 18:18 - 000023407 _____ C:\malwarebytes.txt
2018-04-13 03:01 - 2018-03-14 19:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-13 03:01 - 2018-03-14 19:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-13 03:01 - 2018-03-14 15:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-13 03:01 - 2018-03-14 15:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-09 03:43 - 2018-04-09 03:43 - 000006233 _____ C:\Users\Peter\Desktop\malware.txt
2018-04-08 18:36 - 2018-04-23 03:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-04-08 18:36 - 2018-04-08 18:36 - 000001867 _____ C:\Users\Peter\Desktop\Malwarebytes.lnk
2018-04-08 18:36 - 2018-04-08 18:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-08 18:36 - 2018-04-08 18:36 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Malwarebytes
2018-04-08 18:36 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-04-08 18:35 - 2018-04-08 18:35 - 072584760 _____ (Malwarebytes ) C:\Users\Peter\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4646.exe
2018-04-08 14:46 - 2018-04-28 20:56 - 000000000 ____D C:\Program Files (x86)\Google
2018-04-08 14:46 - 2018-04-08 14:46 - 000000000 ____D C:\Users\Peter\AppData\Local\Google
2018-04-08 13:33 - 2018-04-08 13:33 - 001207800 _____ (Adobe Systems Incorporated) C:\Users\Peter\Downloads\readerdc_sk_xa_crd_install.exe
2018-04-08 13:30 - 2018-04-08 13:30 - 000423254 _____ C:\Users\Peter\Downloads\12-010 Ziadost o prihlasenie do evidencie.pdf
2018-04-07 09:29 - 2018-04-07 09:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-04 17:44 - 2018-04-04 17:44 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf(1).exe
2018-04-04 12:21 - 2018-04-04 12:21 - 000000162 ____H C:\Users\Peter\Downloads\~$votopis-Peter-Preták.odt
2018-04-04 12:21 - 2018-04-04 12:21 - 000000000 ____D C:\Users\Peter\Downloads\FontCache
2018-04-02 10:47 - 2018-04-02 10:47 - 000004622 _____ C:\Users\Peter\Downloads\purehate.m3u
2018-04-01 20:26 - 2018-04-01 20:26 - 000000000 ____D C:\Windows\SysWOW64\FontCache
2018-04-01 20:24 - 2018-04-01 20:24 - 000353997 _____ C:\Users\Peter\Downloads\HomeTicket.pdf
2018-03-31 09:21 - 2018-04-04 17:53 - 000002615 _____ C:\Users\Peter\Desktop\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000002812 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-03-31 09:21 - 2018-04-04 12:32 - 000000000 ____D C:\Users\Peter\AppData\Roaming\uTorrent
2018-03-31 08:50 - 2018-04-04 17:45 - 000000000 ____D C:\Users\Peter\Downloads\GoogleChromePortable
2018-03-30 22:33 - 2018-03-30 22:34 - 001637808 _____ (PortableApps.com) C:\Users\Peter\Downloads\GoogleChromePortable_65.0.3325.181_online.paf.exe
2018-03-30 17:36 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-30 12:55 - 2018-03-30 12:55 - 001140252 _____ C:\Users\Peter\Downloads\netflix.rar
2018-03-30 12:53 - 2018-03-30 12:53 - 001905624 _____ C:\Users\Peter\Downloads\delphi_all_keygen_2010_-_2017_1_a1c-412___.exe
2018-03-30 11:50 - 2018-04-22 20:41 - 000000000 ____D C:\officeclient.microsoft.com
2018-03-30 11:38 - 2018-03-30 11:38 - 002989616 _____ (PortableApps.com) C:\Users\Peter\Downloads\uTorrentPortable_3.5.3.44358_online.paf.exe
2018-03-30 11:10 - 2018-03-30 11:10 - 000000000 ____D C:\Users\Peter\Downloads\cc6466
2018-03-30 11:04 - 2018-03-30 11:09 - 038110382 _____ C:\Users\Peter\Downloads\cc6466.rar
2018-03-30 09:25 - 2018-03-30 09:27 - 167593813 _____ C:\Users\Peter\Downloads\F-B-CoV-Wsf(320).rar
2018-03-29 17:52 - 2018-03-29 17:52 - 000076623 _____ C:\Users\Peter\Desktop\sfcdetails.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-28 20:58 - 2018-03-17 09:31 - 000011277 _____ C:\Users\Peter\Desktop\FRST.txt
2018-04-28 20:57 - 2018-03-23 18:45 - 000000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2018-04-28 20:57 - 2017-11-05 09:03 - 002405888 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2018-04-28 20:57 - 2017-11-05 09:00 - 000000000 ____D C:\FRST
2018-04-28 20:40 - 2016-11-27 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-28 18:56 - 2018-02-15 18:34 - 000000000 ____D C:\vlc
2018-04-28 17:25 - 2017-02-24 15:14 - 000000000 ____D C:\Users\Peter\Downloads\Subs
2018-04-28 14:23 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-28 14:23 - 2009-07-14 06:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-28 11:11 - 2017-12-12 14:33 - 000000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2018-04-23 05:02 - 2016-11-26 20:50 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2018-04-23 03:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-22 07:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-21 14:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-04-21 13:44 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 13:05 - 2018-03-24 19:35 - 000004964 _____ C:\Users\Peter\Desktop\Fixlog.txt
2018-04-21 13:04 - 2015-03-25 22:30 - 000000000 ____D C:\AdwCleaner
2018-04-16 04:08 - 2017-10-22 13:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-14 16:21 - 2018-02-18 10:51 - 000000000 ____D C:\SCANOVANIE
2018-04-14 16:21 - 2018-02-17 20:42 - 000000000 ___RD C:\Users\Peter\Documents\Scanned Documents
2018-04-14 12:26 - 2017-08-23 15:44 - 000000000 ____D C:\Users\Peter\AppData\Local\Downloaded Installations
2018-04-14 12:08 - 2009-07-14 07:08 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-04-13 21:59 - 2017-12-20 09:27 - 000457624 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-13 21:55 - 2017-06-11 03:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-13 21:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-04-13 18:36 - 2016-11-26 17:30 - 000000000 ____D C:\Windows\system32\MRT
2018-04-13 18:32 - 2017-10-12 03:09 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-13 18:31 - 2016-11-26 17:30 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-08 13:33 - 2009-07-14 09:54 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-04-06 13:34 - 2016-11-26 17:09 - 000000000 ____D C:\Users\Peter
2018-04-04 17:51 - 2017-12-09 10:26 - 000000000 ____D C:\Program Files\WinZip
2018-04-04 17:04 - 2018-03-17 09:32 - 000030834 _____ C:\Users\Peter\Desktop\Addition.txt
2018-04-04 12:31 - 2016-11-26 17:20 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2018-03-31 09:27 - 2017-12-20 09:30 - 000117936 _____ C:\Users\Peter\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-30 22:54 - 2018-02-18 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2018-03-29 18:01 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-29 17:27 - 2018-01-05 14:00 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-03-29 17:03 - 2016-11-26 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Files in the root of some directories =======

2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Peter\AppData\Roaming\MafiaSetup.exe
2016-11-26 17:41 - 2017-02-21 18:38 - 014438400 _____ () C:\Users\Peter\AppData\Roaming\Sandra.mdb
2017-01-14 18:58 - 2017-01-20 17:37 - 000007597 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-19 17:47 - 2017-01-19 17:47 - 000000424 _____ () C:\Users\Peter\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-21 14:22

==================== End of FRST.txt ============================