VIRY.CZ

Dobrý den ,
prosím o pomoc.Vprohlížeči se mi spouští nectěnné stránky.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Aldair (administrator) on MSI (31-10-2015 14:16:14)
Running from C:\Users\Aldair\Desktop
Loaded Profiles: Aldair (Available Profiles: Aldair)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Innova Co S.a r.l.) C:\Program Files (x86)\4game\3.5.7.169\4game-service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\AFC Secure Net\privoxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13821.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Facebook Inc.) C:\Users\Aldair\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-08-05] (Sentelic Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-12-31] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-24] (AVAST Software)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {25965796-7d2a-11e5-9bdc-6c626d344700} - "G:\setup.exe"
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {e9a9e9a7-5469-11e5-9bd2-6c626d344700} - "H:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2015-10-14]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-854197151-3482271168-3196824506-1000] => Proxy is enabled.
ProxyServer: [S-1-5-21-854197151-3482271168-3196824506-1000] => 127.0.0.1:8118
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [51712 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [51712 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77fd36eb-cee9-4bde-9e15-b42666512acc}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gooe.cz/
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> DefaultScope {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @4game.com/plugin -> C:\Program Files (x86)\4game\3.5.7.169\npplugin4game.dll [2015-10-26] (Innova Co S.a r.l.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Aldair\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-04-25] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-24] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.msn.com/?pc ... &bmod=ASUT"
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-16]
CHR Extension: (Dokumenty Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Disk Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-16]
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 4game-service; C:\Program Files (x86)\4game\3.5.7.169\4game-service.exe [1545952 2015-10-26] (Innova Co S.a r.l.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-05] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 PrivoxyService; C:\Program Files (x86)\AFC Secure Net\privoxy.exe [371200 2015-10-30] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-05] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-05] (Microsoft Corporation)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2014-04-23] (Windows (R) Codename Longhorn DDK provider) [File not signed]
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-05-27] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-06] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-08-05] (Sentelic Corporation)
S3 fspad_wlh64; C:\Windows\system32\DRIVERS\fspad_wlh64.sys [52224 2010-06-07] (Sentelic Corporation) [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 h643331; C:\Windows\System32\drivers\h643331.sys [67432 2012-06-19] (Your Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2014-04-23] (TCT International Mobile Ltd) [File not signed]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-05] (Microsoft Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32496 2013-11-30] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 14:16 - 2015-10-31 14:17 - 00023068 _____ C:\Users\Aldair\Desktop\FRST.txt
2015-10-31 14:15 - 2015-10-31 14:16 - 00000000 ____D C:\FRST
2015-10-31 14:15 - 2015-10-31 14:15 - 02198016 _____ (Farbar) C:\Users\Aldair\Desktop\FRST64.exe
2015-10-31 12:51 - 2015-10-31 12:51 - 00016148 _____ C:\WINDOWS\system32\MSI_Aldair_HistoryPrediction.bin
2015-10-30 16:08 - 2015-10-30 16:08 - 00003406 _____ C:\WINDOWS\System32\Tasks\Security Defrag
2015-10-30 16:08 - 2015-10-30 16:08 - 00003378 _____ C:\WINDOWS\System32\Tasks\AFC Secure Net Worker
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Security Defrag
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 ____D C:\Program Files (x86)\AFC Secure Net
2015-10-28 08:31 - 2015-10-30 13:01 - 00000000 ____D C:\Users\Aldair\AppData\Local\Arma 3
2015-10-28 08:31 - 2015-10-28 08:31 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-10-26 17:59 - 2015-10-30 11:18 - 00001031 _____ C:\Users\Aldair\Desktop\L2.lnk
2015-10-26 17:59 - 2015-10-26 17:59 - 00000000 ____D C:\Users\Aldair\AppData\Local\CrashRpt
2015-10-24 16:00 - 2015-10-24 16:00 - 00000000 ____D C:\Users\Aldair\AppData\Local\2K Games
2015-10-24 15:57 - 2015-10-24 15:57 - 00000595 _____ C:\Users\Aldair\Desktop\Mafia II.lnk
2015-10-17 07:15 - 2015-10-17 07:24 - 00000000 ____D C:\Users\Aldair\Documents\Rockstar Games
2015-10-17 07:15 - 2015-10-17 07:15 - 00000607 _____ C:\Users\Public\Desktop\L.A. Noire.lnk
2015-10-17 07:15 - 2015-10-17 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\L.A. Noire
2015-10-16 21:08 - 2015-10-17 07:22 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-16 21:05 - 2015-10-17 07:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-14 16:38 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 16:38 - 2015-10-10 07:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-14 16:38 - 2015-10-10 07:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-14 16:38 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 16:38 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 16:38 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 16:38 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 16:38 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 16:38 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 16:38 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 16:38 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 16:38 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 16:38 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 16:38 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 16:38 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 16:38 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 16:38 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 16:38 - 2015-09-25 04:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 16:38 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 16:38 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 16:38 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 16:38 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 16:38 - 2015-09-25 04:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 16:38 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 16:38 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 16:38 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 16:38 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-14 16:38 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 16:38 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 16:38 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 16:38 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 16:38 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 16:38 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 16:38 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 16:38 - 2015-09-25 03:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 16:38 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 16:38 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:38 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 16:38 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 16:38 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 16:38 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 16:38 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 16:31 - 2015-10-14 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2015-10-08 19:50 - 2015-10-25 19:02 - 00000093 _____ C:\Users\Aldair\Documents\aionmemo_434f52d7.dat
2015-10-02 06:15 - 2015-10-16 04:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 06:15 - 2015-10-16 04:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-01 10:54 - 2015-10-01 10:54 - 00001454 _____ C:\Users\Public\Desktop\Aion.lnk
2015-10-01 10:54 - 2015-10-01 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2015-10-01 10:54 - 2015-10-01 10:54 - 00000000 ____D C:\Program Files (x86)\NCWest
2015-10-01 05:29 - 2015-09-19 06:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 05:29 - 2015-09-17 07:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 05:29 - 2015-09-17 07:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 05:29 - 2015-09-17 07:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 05:29 - 2015-09-17 07:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 05:29 - 2015-09-17 07:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 05:29 - 2015-09-17 07:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 05:29 - 2015-09-17 07:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 05:29 - 2015-09-17 07:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 05:29 - 2015-09-17 07:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 05:29 - 2015-09-17 07:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 05:29 - 2015-09-17 07:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 05:29 - 2015-09-17 07:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 05:29 - 2015-09-17 07:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 05:29 - 2015-09-17 07:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 05:29 - 2015-09-17 07:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 05:29 - 2015-09-17 07:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 05:29 - 2015-09-17 07:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 05:29 - 2015-09-17 07:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 05:29 - 2015-09-17 07:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 05:29 - 2015-09-17 07:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 05:29 - 2015-09-17 07:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 05:29 - 2015-09-17 07:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 05:29 - 2015-09-17 07:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 05:29 - 2015-09-17 07:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 05:29 - 2015-09-17 07:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 05:29 - 2015-09-17 07:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 05:29 - 2015-09-17 07:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 05:29 - 2015-09-17 07:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 05:29 - 2015-09-17 07:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 05:29 - 2015-09-17 07:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 05:29 - 2015-09-17 07:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 05:29 - 2015-09-17 07:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 05:29 - 2015-09-17 07:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 05:29 - 2015-09-17 07:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 05:29 - 2015-09-17 07:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 05:29 - 2015-09-17 07:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 05:29 - 2015-09-17 07:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 05:29 - 2015-09-17 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 05:29 - 2015-09-17 07:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 05:29 - 2015-09-17 07:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 05:29 - 2015-09-17 07:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 05:29 - 2015-09-17 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 05:29 - 2015-09-17 07:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 05:29 - 2015-09-17 07:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 05:29 - 2015-09-17 07:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 05:29 - 2015-09-17 07:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 05:29 - 2015-09-17 07:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 05:29 - 2015-09-17 07:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 05:29 - 2015-09-17 07:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 05:29 - 2015-09-17 07:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 05:29 - 2015-09-17 07:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 05:29 - 2015-09-17 07:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 05:29 - 2015-09-17 07:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 05:29 - 2015-09-17 07:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 05:29 - 2015-09-17 07:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 05:29 - 2015-09-17 07:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 05:29 - 2015-09-17 06:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 05:29 - 2015-09-17 06:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 05:29 - 2015-09-17 06:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 05:29 - 2015-09-17 06:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 05:29 - 2015-09-17 06:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 05:29 - 2015-09-17 06:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 05:29 - 2015-09-17 06:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 05:29 - 2015-09-17 06:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 05:29 - 2015-09-17 06:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 05:29 - 2015-09-17 06:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 05:29 - 2015-09-17 06:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 05:29 - 2015-09-17 06:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 05:29 - 2015-09-17 06:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 05:29 - 2015-09-17 06:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 05:29 - 2015-09-17 06:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 05:29 - 2015-09-17 06:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 05:29 - 2015-09-17 06:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-01 05:29 - 2015-09-17 06:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 05:29 - 2015-09-17 06:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 05:29 - 2015-09-17 06:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 05:29 - 2015-09-17 06:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 05:29 - 2015-09-17 06:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 05:29 - 2015-09-17 06:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 05:29 - 2015-09-17 06:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 05:29 - 2015-09-17 06:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 05:29 - 2015-09-17 06:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 05:29 - 2015-09-17 06:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 05:29 - 2015-09-17 06:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 05:29 - 2015-09-17 06:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 05:29 - 2015-09-17 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 05:29 - 2015-09-17 06:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 05:29 - 2015-09-17 06:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 05:29 - 2015-09-17 06:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 05:29 - 2015-09-17 06:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 05:29 - 2015-09-17 06:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 05:29 - 2015-09-17 06:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 05:29 - 2015-09-17 06:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 05:29 - 2015-09-17 06:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 05:29 - 2015-09-17 06:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 05:29 - 2015-09-17 06:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 05:29 - 2015-09-17 06:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 05:29 - 2015-09-17 06:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 05:29 - 2015-09-17 06:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 05:29 - 2015-09-17 06:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 05:29 - 2015-09-17 06:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 05:29 - 2015-09-17 06:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 05:29 - 2015-09-17 06:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 05:29 - 2015-09-17 06:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 05:29 - 2015-09-17 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 05:29 - 2015-09-17 06:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 05:29 - 2015-09-17 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 05:29 - 2015-09-17 06:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 05:29 - 2015-09-17 06:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 05:29 - 2015-09-17 06:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 05:29 - 2015-09-17 06:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 05:29 - 2015-09-17 06:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 05:29 - 2015-09-17 06:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 05:29 - 2015-09-17 06:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 05:29 - 2015-09-17 06:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 05:29 - 2015-09-17 06:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 05:29 - 2015-09-17 06:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 05:29 - 2015-09-17 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 05:29 - 2015-09-17 06:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 05:29 - 2015-09-17 06:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 05:29 - 2015-09-17 06:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 05:29 - 2015-09-17 06:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 05:29 - 2015-09-17 06:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 05:29 - 2015-09-17 06:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 05:29 - 2015-09-17 06:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 05:29 - 2015-09-17 06:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 05:29 - 2015-09-17 06:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 05:29 - 2015-09-13 03:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 05:29 - 2015-09-13 02:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 14:15 - 2013-08-28 19:28 - 00000000 ____D C:\Download
2015-10-31 14:12 - 2013-08-28 19:20 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-31 13:53 - 2015-08-13 07:28 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-31 13:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-31 13:42 - 2015-03-10 20:12 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-31 13:18 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-31 08:42 - 2015-03-10 20:12 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-31 07:16 - 2015-08-05 07:09 - 02064814 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-31 07:16 - 2015-07-10 17:02 - 00851912 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-31 07:16 - 2015-07-10 17:02 - 00197418 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-30 19:23 - 2013-08-28 19:00 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\uTorrent
2015-10-30 13:23 - 2015-08-14 09:39 - 00003957 _____ C:\WINDOWS\setupact.log
2015-10-29 15:26 - 2015-03-18 20:06 - 00001170 _____ C:\Users\Public\Desktop\Lineage 2 EU.lnk
2015-10-29 15:26 - 2015-03-18 20:05 - 00000000 ____D C:\Program Files (x86)\4game
2015-10-28 17:04 - 2015-03-19 17:12 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Awesomium
2015-10-28 06:47 - 2013-11-07 09:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-28 06:43 - 2015-08-13 16:09 - 00111592 _____ C:\WINDOWS\DirectX.log
2015-10-25 20:40 - 2015-08-05 07:12 - 00000000 ____D C:\Users\Aldair
2015-10-20 17:22 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-17 07:42 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-17 07:42 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-15 14:39 - 2013-09-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 14:38 - 2013-08-30 14:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 14:25 - 2013-08-30 14:05 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 19:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-14 16:41 - 2013-08-28 19:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-14 16:21 - 2013-08-28 17:34 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-12 04:05 - 2014-09-11 17:59 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-12 04:05 - 2013-11-03 11:34 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-12 04:04 - 2014-09-11 17:59 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-12 04:04 - 2013-11-03 11:34 - 01710752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-08 07:59 - 2015-08-05 07:39 - 00000000 ____D C:\Users\Aldair\OneDrive
2015-10-02 09:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-01 10:54 - 2013-11-12 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2015-10-01 10:54 - 2013-08-28 17:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories =======

2013-11-12 07:48 - 2014-12-21 22:26 - 0009216 _____ () C:\Users\Aldair\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 17:04 - 2014-04-23 17:04 - 0000094 _____ () C:\Users\Aldair\AppData\Local\fusioncache.dat
2015-01-18 07:50 - 2015-01-18 07:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-03-27 09:05 - 2014-03-27 09:05 - 0000096 _____ () C:\ProgramData\CameraRecorder.ini

Some files in TEMP:
====================
C:\Users\Aldair\AppData\Local\Temp\2BD2.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\3DA6.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\786C.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\86C4.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 07:26

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Udělal jsem vše podle návodu a přestaly mi fungovat prohlížeče, píše mi to :nejde se připojit k proxy serveru....
Log odesílám přes mobil.
# AdwCleaner v5.015 - Logfile created 01/11/2015 at 07:18:45
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Aldair - MSI
# Running from : C:\Users\Aldair\Desktop\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PrivoxyService

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\NetMon
[-] Folder Deleted : C:\Program Files (x86)\AFC Secure Net
[-] Folder Deleted : C:\Users\Aldair\AppData\Roaming\K9AMW

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : AFC Secure Net Worker

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\K9Tools
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKLM\SOFTWARE\K9Tools
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\SecureWeb
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\K9Tools
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP

***** [ Web browsers ] *****

[-] [C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.ividi.org/?src=tbhp&id=0e9119aa0000000000006c626d344700&affilt=3

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [2192 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Aldair (administrator) on MSI (01-11-2015 12:08:28)
Running from C:\Users\Aldair\Desktop
Loaded Profiles: Aldair (Available Profiles: Aldair)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Innova Co S.a r.l.) C:\Program Files (x86)\4game\3.5.7.169\4game-service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Weather Channel) C:\Users\Aldair\AppData\Roaming\Interstat\interstat.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13821.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-08-05] (Sentelic Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-12-31] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-24] (AVAST Software)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-07-31] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\Run: [Interstat] => C:\Users\Aldair\AppData\Roaming\Interstat\interstat.exe [1169408 2015-11-01] (Weather Channel)
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {25965796-7d2a-11e5-9bdc-6c626d344700} - "G:\setup.exe"
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {e9a9e9a7-5469-11e5-9bd2-6c626d344700} - "H:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2015-10-14]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-854197151-3482271168-3196824506-1000] => Proxy is enabled.
ProxyServer: [S-1-5-21-854197151-3482271168-3196824506-1000] => 127.0.0.1:8118
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [51712 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [51712 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77fd36eb-cee9-4bde-9e15-b42666512acc}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gooe.cz/
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> DefaultScope {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-854197151-3482271168-3196824506-1000 -> {0AD56A9D-57FF-401E-846C-D19A1A5B19DE} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @4game.com/plugin -> C:\Program Files (x86)\4game\3.5.7.169\npplugin4game.dll [2015-10-26] (Innova Co S.a r.l.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Aldair\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-854197151-3482271168-3196824506-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2013-04-25] (Sony Network Entertainment International LLC)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-24] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.msn.com/?pc ... &bmod=ASUT"
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-16]
CHR Extension: (Dokumenty Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Disk Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-16]
CHR Profile: C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avast Online Security) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Aldair\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 4game-service; C:\Program Files (x86)\4game\3.5.7.169\4game-service.exe [1545952 2015-10-26] (Innova Co S.a r.l.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-05] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-05] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-05] (Microsoft Corporation)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-07-31] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2014-04-23] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-05-27] (LG Electronics Inc.)
R3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
R3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-06] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-08-05] (Sentelic Corporation)
S3 fspad_wlh64; C:\Windows\system32\DRIVERS\fspad_wlh64.sys [52224 2010-06-07] (Sentelic Corporation) [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 h643331; C:\Windows\System32\drivers\h643331.sys [67432 2012-06-19] (Your Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2014-04-23] (TCT International Mobile Ltd) [File not signed]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-05] (Microsoft Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32496 2013-11-30] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 12:04 - 2015-11-01 12:05 - 00000000 ____D C:\WINDOWS\LastGood
2015-11-01 12:03 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-01 12:03 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-01 12:02 - 2015-11-01 12:02 - 00016148 _____ C:\WINDOWS\system32\MSI_Aldair_HistoryPrediction.bin
2015-11-01 07:32 - 2015-11-01 07:32 - 00002283 _____ C:\Users\Aldair\Desktop\AdwCleaner[C5].txt
2015-11-01 07:29 - 2015-11-01 07:29 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Interstat
2015-11-01 07:29 - 2015-11-01 07:29 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Interstat
2015-11-01 07:15 - 2015-11-01 07:18 - 00000000 ____D C:\AdwCleaner
2015-11-01 07:15 - 2015-11-01 07:15 - 01694208 _____ C:\Users\Aldair\Desktop\adwcleaner_5.015.exe
2015-10-31 15:02 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-31 15:02 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-31 15:02 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-31 15:02 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-31 15:02 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-31 15:02 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-31 15:01 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-31 15:01 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-31 15:01 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-31 15:01 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-31 15:01 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-31 15:01 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-31 15:01 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-31 15:01 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-31 15:01 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-31 15:01 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-31 15:01 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-31 15:01 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-31 15:00 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-31 15:00 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-31 15:00 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-31 15:00 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-31 15:00 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-31 15:00 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-31 15:00 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-31 15:00 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-31 15:00 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-31 15:00 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-31 15:00 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-31 15:00 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-31 15:00 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-31 15:00 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-31 14:59 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-31 14:59 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-31 14:31 - 2015-10-31 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-10-31 14:16 - 2015-11-01 12:08 - 00022493 _____ C:\Users\Aldair\Desktop\FRST.txt
2015-10-31 14:15 - 2015-11-01 12:08 - 00000000 ____D C:\FRST
2015-10-31 14:15 - 2015-10-31 14:15 - 02198016 _____ (Farbar) C:\Users\Aldair\Desktop\FRST64.exe
2015-10-30 16:08 - 2015-10-30 16:08 - 00003406 _____ C:\WINDOWS\System32\Tasks\Security Defrag
2015-10-30 16:08 - 2015-10-30 16:08 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Security Defrag
2015-10-28 08:31 - 2015-10-30 13:01 - 00000000 ____D C:\Users\Aldair\AppData\Local\Arma 3
2015-10-28 08:31 - 2015-10-28 08:31 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-10-26 17:59 - 2015-10-30 11:18 - 00001031 _____ C:\Users\Aldair\Desktop\L2.lnk
2015-10-26 17:59 - 2015-10-26 17:59 - 00000000 ____D C:\Users\Aldair\AppData\Local\CrashRpt
2015-10-24 16:00 - 2015-10-24 16:00 - 00000000 ____D C:\Users\Aldair\AppData\Local\2K Games
2015-10-24 15:57 - 2015-10-24 15:57 - 00000595 _____ C:\Users\Aldair\Desktop\Mafia II.lnk
2015-10-17 07:15 - 2015-10-17 07:24 - 00000000 ____D C:\Users\Aldair\Documents\Rockstar Games
2015-10-17 07:15 - 2015-10-17 07:15 - 00000607 _____ C:\Users\Public\Desktop\L.A. Noire.lnk
2015-10-17 07:15 - 2015-10-17 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\L.A. Noire
2015-10-16 21:08 - 2015-10-17 07:22 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-16 21:05 - 2015-10-17 07:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-14 16:38 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 16:38 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 16:38 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 16:38 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 16:38 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 16:38 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 16:38 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 16:38 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 16:38 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 16:38 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 16:38 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 16:38 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 16:38 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 16:38 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 16:38 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 16:38 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 16:38 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 16:38 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 16:38 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 16:38 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 16:38 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 16:38 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 16:38 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 16:38 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:38 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 16:38 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 16:38 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 16:38 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 16:38 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 16:38 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 16:38 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 16:38 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 16:38 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 16:38 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 16:38 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 16:38 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 16:38 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 16:38 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 16:38 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 16:38 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 16:38 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 16:38 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 16:31 - 2015-10-14 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2015-10-08 19:50 - 2015-10-25 19:02 - 00000093 _____ C:\Users\Aldair\Documents\aionmemo_434f52d7.dat
2015-10-02 06:15 - 2015-10-16 04:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 06:15 - 2015-10-16 04:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 12:06 - 2015-08-14 09:39 - 00004113 _____ C:\WINDOWS\setupact.log
2015-11-01 12:05 - 2013-08-28 18:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-01 12:03 - 2015-08-13 07:28 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 12:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-01 11:42 - 2015-03-10 20:12 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 11:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-01 11:12 - 2013-08-28 19:20 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-01 08:42 - 2015-03-10 20:12 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 08:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 07:49 - 2015-08-05 07:09 - 02064814 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-01 07:49 - 2015-07-10 17:02 - 00851912 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-01 07:49 - 2015-07-10 17:02 - 00197418 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-01 07:44 - 2015-03-10 20:07 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Google Chrome Backup
2015-11-01 07:39 - 2015-03-10 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-01 07:33 - 2015-09-04 04:50 - 00005150 _____ C:\WINDOWS\PFRO.log
2015-11-01 07:33 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 07:32 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 07:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-01 07:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 07:15 - 2013-08-28 19:28 - 00000000 ____D C:\Download
2015-10-31 15:07 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-31 14:48 - 2015-03-10 20:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-30 19:23 - 2013-08-28 19:00 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\uTorrent
2015-10-29 15:26 - 2015-03-18 20:06 - 00001170 _____ C:\Users\Public\Desktop\Lineage 2 EU.lnk
2015-10-29 15:26 - 2015-03-18 20:05 - 00000000 ____D C:\Program Files (x86)\4game
2015-10-28 17:04 - 2015-03-19 17:12 - 00000000 ____D C:\Users\Aldair\AppData\Roaming\Awesomium
2015-10-28 06:47 - 2013-11-07 09:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-28 06:43 - 2015-08-13 16:09 - 00111592 _____ C:\WINDOWS\DirectX.log
2015-10-25 20:40 - 2015-08-05 07:12 - 00000000 ____D C:\Users\Aldair
2015-10-15 14:39 - 2013-09-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 14:38 - 2013-08-30 14:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 14:25 - 2013-08-30 14:05 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 16:41 - 2013-08-28 19:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-14 16:21 - 2013-08-28 17:34 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-12 04:05 - 2014-09-11 17:59 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-12 04:05 - 2013-11-03 11:34 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-12 04:04 - 2014-09-11 17:59 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-12 04:04 - 2013-11-03 11:34 - 01710752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-08 07:59 - 2015-08-05 07:39 - 00000000 ____D C:\Users\Aldair\OneDrive
2015-10-06 19:45 - 2015-08-05 07:53 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-03 05:58 - 2015-08-05 07:53 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-08-05 07:53 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-08-05 07:53 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 05:58 - 2015-08-05 07:52 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-08-05 07:52 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 03:38 - 2013-08-28 18:04 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2013-08-28 18:04 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2013-08-28 18:04 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2013-08-28 18:04 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2013-08-28 18:04 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2013-08-28 18:04 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 06:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Files in the root of some directories =======

2013-11-12 07:48 - 2014-12-21 22:26 - 0009216 _____ () C:\Users\Aldair\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 17:04 - 2014-04-23 17:04 - 0000094 _____ () C:\Users\Aldair\AppData\Local\fusioncache.dat
2015-01-18 07:50 - 2015-01-18 07:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-03-27 09:05 - 2014-03-27 09:05 - 0000096 _____ () C:\ProgramData\CameraRecorder.ini

Some files in TEMP:
====================
C:\Users\Aldair\AppData\Local\Temp\2BD2.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\3DA6.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\786C.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\86C4.tmp.exe
C:\Users\Aldair\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 07:26

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {25965796-7d2a-11e5-9bdc-6c626d344700} - "G:\setup.exe"
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {e9a9e9a7-5469-11e5-9bd2-6c626d344700} - "H:\setup.exe"
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.msn.com/?pc ... /?src=tbhp&
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Aldair\Documents\aionmemo_434f52d7.dat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Aldair\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Hotovo, děkuji

Fix result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Aldair (2015-11-01 13:14:42) Run:1
Running from C:\Users\Aldair\Desktop
Loaded Profiles: Aldair (Available Profiles: Aldair)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {25965796-7d2a-11e5-9bdc-6c626d344700} - "G:\setup.exe"
HKU\S-1-5-21-854197151-3482271168-3196824506-1000\...\MountPoints2: {e9a9e9a7-5469-11e5-9bd2-6c626d344700} - "H:\setup.exe"
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.msn.com/?pc ... /?src=tbhp&
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Users\Aldair\Documents\aionmemo_434f52d7.dat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Aldair\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-854197151-3482271168-3196824506-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25965796-7d2a-11e5-9bdc-6c626d344700}" => key removed successfully
HKCR\CLSID\{25965796-7d2a-11e5-9bdc-6c626d344700} => key not found.
"HKU\S-1-5-21-854197151-3482271168-3196824506-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9a9e9a7-5469-11e5-9bd2-6c626d344700}" => key removed successfully
HKCR\CLSID\{e9a9e9a7-5469-11e5-9bd2-6c626d344700} => key not found.
Chrome StartupUrls => removed successfully
idsvc => service removed successfully
wpcsvc => service removed successfully
C:\Users\Aldair\Documents\aionmemo_434f52d7.dat => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\Aldair\AppData\Local\Temp" folder move:

Could not move "C:\Users\Aldair\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-01 14:16:12)

C:\Users\Aldair\AppData\Local\Temp => moved successfully

==== End of Fixlog 14:16:12 ====

Smazáno. Nastala nějaká změna?