VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Samostatne sa spusta nejaky program

https://forum.viry.cz:443/viewtopic.php?t=152130

Stránka 1 z 1

Samostatne sa spusta nejaky program

Napsal: 18 kvě 2017 11:35
od Peter911
Prosím o pomoc. Kazdu chvilu sa mi nieco samostatne spusta vpozadi na zlomok sekudny. Kaspersky a spyware hunter nic nenasli.
log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Peto (administrator) on DESKTOP-MNH69NR (18-05-2017 12:27:35)
Running from C:\Users\Peto\Desktop
Loaded Profiles: Peto (Available Profiles: Peto)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5572\Agent.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net Helper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Mozilla Corporation) C:\Program Files\Waterfox\waterfox.exe
(Enigma Software Group USA, LLC.) D:\Programy\SpyHunter 4.21.10.4585 Portable by wood\SpyHunter4.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8800\Battle.net Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(forum.viry.cz) C:\Users\Peto\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Viber] => C:\Users\Peto\AppData\Local\Viber\Viber.exe [51657424 2015-11-09] ()
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [CGFLoader] => C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe [1961984 2007-11-26] (Colorjinn)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [CalibrizeResume] => C:\Program Files (x86)\Calibrize\CalibrizeResume.exe [413696 2007-11-26] (Eberhard Werle)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [BingSvc] => C:\Users\Peto\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-19] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Steam] => D:\Steam\steam.exe [3042592 2017-05-13] (Valve Corporation)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [3229160 2017-03-24] (Blizzard Entertainment)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Discord] => C:\Users\Peto\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [GalaxyClient] => D:\games\GOG Galaxy\GalaxyClient.exe [4006464 2017-02-02] (GOG.com)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [OSDownloaderUpdate] => C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe [3635712 2015-09-18] (Opensubtitles.org)
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19407360 2017-03-24] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Peto\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2016-10-14]
ShortcutTarget: Universal Media Server.lnk -> D:\Program Files\Universal Media Server\UMS.exe (Universal Media Server)
Startup: C:\Users\Peto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.9u4.lnk [2015-12-09]
ShortcutTarget: FreeRapid 0.9u4.lnk -> D:\preberanie\FreeRapid-0.9u4(1)\FreeRapid-0.9u4\frd.exe (Vity)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{0109097f-622b-4b75-bd28-d540807e9844}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{75e212de-23d5-4d53-b81d-160f7e51ad3b}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-768667381-2974455692-2822200728-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1285_170201__yaie&p={searchTerms}
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-19] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-19] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: m7jw6ni2.default
FF ProfilePath: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default [2017-05-18]
FF NewTab: Mozilla\Firefox\Profiles\m7jw6ni2.default -> about:home
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\m7jw6ni2.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\m7jw6ni2.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\m7jw6ni2.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\m7jw6ni2.default -> type", 0
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (Enhanced Steam) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\jid1-YdiFiTEkQgInxA@jetpack.xpi [2017-04-14]
FF Extension: (Video DownloadHelper) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Fasterfox) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-08-07]
FF Extension: (SteamPowered Forums Browser Updated) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{d025c20b-3380-44c7-9f32-ae447fe10a5e}.xpi [2016-08-22]
FF Extension: (Adblock Plus) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Greasemonkey) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-26]
FF Extension: (Adblock Edge) - C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\searchplugins\yahoo-lavasoft.xml [2017-02-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-05-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-18] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Prezentácie Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-30]
CHR Extension: (Dokumenty Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-30]
CHR Extension: (Disk Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-30]
CHR Extension: (YouTube) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-30]
CHR Extension: (Tabuľky Google) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-31]
CHR Extension: (Steam Market Float Checker) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjcjjbacacnhoibdbghilhicllgegcf [2016-08-30]
CHR Extension: (SteamWizard) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\kojolejmgolbhakghocbgjemjgbmcjig [2016-09-07]
CHR Extension: (Skype) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-30]
CHR Extension: (Gmail) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-03]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-11] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S3 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [74752 2017-03-17] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [103936 2017-03-17] (Microsoft Corporation)
S3 GalaxyClientService; D:\games\GOG Galaxy\GalaxyClientService.exe [284736 2017-02-02] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-28] (GOG.com)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2718840 2016-10-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe [103168 2016-10-13] ()
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [425768 2017-05-16] (AO Kaspersky Lab)
S2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2123240 2017-03-15] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2184688 2017-03-15] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [373760 2017-03-17] (Microsoft Corporation)
S3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [266240 2017-03-17] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1034240 2017-03-17] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AFTrafMgr1.1; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [54712 2016-10-04] (AnchorFree Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2016-03-23] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2016-03-23] (Windows (R) Win 7 DDK provider)
S3 esgiguard; D:\Programy\SpyHunter 4.21.10.4585 Portable by wood\esgiguard.sys [15920 2016-04-20] (Enigma Software Group USA, LLC.)
R1 HssDRV6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44648 2015-09-18] (AnchorFree Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-17] (REALiX(tm))
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
S0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [206552 2017-05-16] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [522736 2017-05-16] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051360 2017-05-16] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R4 klkbdflt2; C:\WINDOWS\system32\DRIVERS\klkbdflt2.sys [48352 2016-12-21] (AO Kaspersky Lab)
S3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-04-18] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
U0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_arkmon_E3769B27; C:\ProgramData\Kaspersky Lab\AVP18.0.0\temp\E3769B2713E1E013FACB78E3D4369EE8\klupd_klif_arkmon.sys [229288 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-05-16] (AO Kaspersky Lab)
U0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-05-16] (AO Kaspersky Lab)
U3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-16] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-04-18] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [198432 2017-01-22] (AO Kaspersky Lab)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-09] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42088 2015-09-18] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VCSVADHWSer; C:\WINDOWS\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S1 eamonm; system32\DRIVERS\eamonm.sys [X]
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S1 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
S2 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
S1 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-18 12:27 - 2017-05-18 12:27 - 00026453 _____ C:\Users\Peto\Desktop\FRST.txt
2017-05-18 12:26 - 2017-05-18 12:26 - 00112640 _____ (forum.viry.cz) C:\Users\Peto\Desktop\FRSTLauncher.exe
2017-05-18 12:25 - 2017-05-18 12:27 - 00000000 ____D C:\FRST
2017-05-18 12:25 - 2017-05-18 12:25 - 02429952 _____ (Farbar) C:\Users\Peto\Desktop\FRST64.exe
2017-05-18 12:19 - 2017-05-18 12:19 - 00000226 _____ C:\Users\Peto\Desktop\RootkitRevealer.zip
2017-05-18 11:32 - 2017-05-18 11:33 - 00089912 _____ C:\TDSSKiller.3.1.0.15_18.05.2017_11.32.29_log.txt
2017-05-18 11:31 - 2017-05-18 11:32 - 04830473 _____ C:\Users\Peto\Downloads\tdsskiller.zip
2017-05-18 11:30 - 2017-05-18 11:31 - 04194304 _____ C:\Users\Peto\Downloads\tdsskiller.exe.part
2017-05-18 09:22 - 2017-05-18 09:22 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-05-16 17:12 - 2017-05-16 17:12 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-05-16 17:07 - 2017-05-16 17:07 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-05-16 17:06 - 2017-05-18 09:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-05-16 17:06 - 2017-05-16 17:06 - 01051360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00522736 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00206552 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-05-16 17:06 - 2017-05-16 17:06 - 00149584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-05-16 17:06 - 2017-05-16 17:06 - 00002156 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2017-05-16 17:06 - 2017-05-16 17:06 - 00001309 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2017-05-16 17:06 - 2017-05-16 17:06 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-05-16 17:06 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-05-16 16:32 - 2017-05-16 16:32 - 00000061 _____ C:\WINDOWS\wininit.ini
2017-05-16 16:25 - 2017-05-16 17:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-16 16:21 - 2017-05-16 17:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-05-16 16:17 - 2017-05-16 17:13 - 00000000 ____D C:\Program Files (x86)\TNod
2017-05-16 16:17 - 2017-05-16 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2017-05-16 05:53 - 2017-05-16 16:16 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2017-05-16 05:48 - 2017-05-16 05:48 - 06559869 _____ C:\Users\Peto\Downloads\PCHunter_free.zip
2017-05-15 15:27 - 2017-05-15 15:27 - 00000000 ____D C:\Users\Peto\AppData\Roaming\SmartSteamEmu
2017-05-15 12:37 - 2017-05-15 13:09 - 98048340 _____ C:\Users\Peto\Downloads\Prey.v1.0.Crack.V2.by.BALDMAN.rar
2017-05-13 11:16 - 2017-05-13 11:16 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-05-13 11:16 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-13 11:16 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-13 11:16 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-13 08:59 - 2017-05-17 12:33 - 00000000 ____D C:\Users\Peto\AppData\Roaming\qBittorrent
2017-05-13 08:59 - 2017-05-13 08:59 - 00000000 ____D C:\Users\Peto\AppData\Local\qBittorrent
2017-05-13 08:50 - 2017-05-13 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-05-13 08:49 - 2017-05-13 08:49 - 16846965 _____ (The qBittorrent project) C:\Users\Peto\Downloads\qbittorrent_3.3.12_setup.exe
2017-05-12 20:06 - 2017-05-12 20:07 - 45019607 _____ (KLCP ) C:\Users\Peto\Downloads\K-Lite_Codec_Pack_1316_Mega.exe
2017-05-11 17:04 - 2017-05-11 17:04 - 00000202 _____ C:\Users\Peto\Desktop\Brawlhalla.url
2017-05-11 00:50 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 00:50 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 00:50 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 00:50 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 00:50 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 00:50 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 00:50 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 00:50 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 00:50 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 00:50 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 00:50 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 00:50 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 00:50 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 00:50 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 00:50 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 00:50 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 00:50 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 00:50 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-11 00:50 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 00:50 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-11 00:50 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 00:50 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 00:50 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 00:50 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-11 00:50 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 00:50 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 00:50 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 00:50 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 00:50 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 00:50 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 00:50 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 00:50 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 00:50 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 00:50 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 00:50 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-11 00:50 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 00:50 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 00:50 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 00:50 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 00:50 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 00:50 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 00:50 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 00:50 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 00:50 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 00:50 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 00:50 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 00:50 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 00:50 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-11 00:50 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 00:50 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-11 00:50 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 00:50 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 00:50 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 00:50 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 00:50 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 00:50 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 00:50 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-11 00:50 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 00:50 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-11 00:50 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-11 00:50 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 00:50 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 00:50 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 00:50 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 00:50 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 00:50 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 00:50 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 00:50 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 00:50 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-11 00:50 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 00:50 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 00:50 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 00:50 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 00:50 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 00:50 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 00:50 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 00:50 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-11 00:50 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 00:50 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 00:50 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-11 00:50 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 00:50 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 00:50 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-11 00:50 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-11 00:50 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 00:50 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-11 00:50 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-11 00:50 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-11 00:50 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-11 00:50 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-11 00:50 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-11 00:50 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-11 00:50 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 00:50 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-11 00:50 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 00:50 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-11 00:50 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-11 00:50 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-11 00:50 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 00:50 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 00:50 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 00:50 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 00:50 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 00:50 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 00:50 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 00:50 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 00:50 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 00:50 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-11 00:50 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 00:50 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-11 00:50 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-11 00:50 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 00:50 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-11 00:50 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-11 00:50 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-11 00:50 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 00:50 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 00:50 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 00:50 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-11 00:50 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-11 00:50 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-11 00:50 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-11 00:50 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-11 00:50 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-11 00:50 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 00:50 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-11 00:50 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-11 00:50 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 00:50 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-11 00:50 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-11 00:50 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-11 00:50 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-11 00:50 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-11 00:50 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-11 00:50 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-11 00:50 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-11 00:50 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-11 00:50 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 00:50 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-11 00:50 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-11 00:50 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 00:50 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-11 00:50 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-11 00:50 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-11 00:50 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 00:50 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 00:50 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 00:50 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-11 00:50 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-11 00:50 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 00:50 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-11 00:50 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-11 00:50 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 00:50 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-11 00:50 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-11 00:50 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-11 00:50 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 00:50 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 00:50 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 00:50 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 00:50 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-05 08:07 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-05 08:04 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 08:04 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-04 03:29 - 2017-05-04 03:29 - 00000000 ____D C:\Users\Peto\Downloads\Fishbot
2017-05-04 03:18 - 2017-05-04 03:18 - 02058092 _____ C:\Users\Peto\Downloads\MrFishIt-4.0.135.zip
2017-05-04 03:12 - 2017-05-04 03:12 - 00098632 _____ C:\Users\Peto\Downloads\Fishbot.zip
2017-05-03 16:24 - 2017-05-03 16:24 - 00000505 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2017-05-02 01:55 - 2017-05-02 01:59 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-05-01 19:41 - 2017-05-01 19:42 - 00408482 _____ C:\Users\Peto\Downloads\WPE PRO By BboyHacks.zip
2017-05-01 19:01 - 2017-05-01 19:04 - 00000000 ____D C:\Users\Peto\Downloads\WoWAdminPanel-master
2017-05-01 05:20 - 2017-05-01 05:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-01 05:19 - 2017-05-01 05:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Peto\Downloads\mbar-1.09.3.1001.exe
2017-05-01 05:19 - 2017-05-01 05:19 - 00000000 ____D C:\Users\Peto\Desktop\mbar
2017-04-29 21:43 - 2017-04-29 21:43 - 00010621 _____ C:\Users\Peto\Downloads\SweetFX_Settings_World of Warcraft_Clean & Simple ReShade 3.txt
2017-04-29 20:50 - 2017-04-29 19:55 - 04206080 _____ (crosire) C:\Users\Peto\Desktop\ReShade_Setup_3.0.7.exe
2017-04-29 19:55 - 2017-04-29 19:55 - 04206080 _____ (crosire) C:\Users\Peto\Downloads\ReShade_Setup_3.0.7.exe
2017-04-28 22:25 - 2017-04-28 22:44 - 00017952 _____ C:\Users\Peto\Desktop\SweetFX_settings.txt
2017-04-25 22:45 - 2017-04-29 20:15 - 00000573 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2017-04-25 22:41 - 2017-04-20 03:59 - 00513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-04-25 22:38 - 2017-04-20 03:59 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438189.dll
2017-04-25 22:38 - 2017-04-20 03:59 - 01589880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438189.dll
2017-04-25 22:17 - 2017-05-13 11:16 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-23 07:51 - 2017-01-11 11:38 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-04-23 07:51 - 2017-01-11 11:38 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-04-23 07:51 - 2017-01-11 11:38 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-04-23 07:51 - 2017-01-11 11:38 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00914016 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00768816 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00410032 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00074600 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00069920 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2017-04-23 07:51 - 2017-01-11 11:38 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-04-23 07:51 - 2017-01-11 11:37 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-04-23 07:50 - 2017-01-11 11:37 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2017-04-22 02:49 - 2017-04-22 02:49 - 00012045 _____ C:\Users\Peto\Downloads\laa_2_0_4.7z
2017-04-21 18:14 - 2017-04-21 18:14 - 06382059 _____ C:\Users\Peto\Downloads\3DSoundBack_Beta0.1.zip
2017-04-21 17:18 - 2017-04-21 17:19 - 00000000 ____D C:\Program Files (x86)\Resource Hacker
2017-04-21 17:18 - 2017-04-21 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2017-04-21 17:17 - 2017-04-21 17:18 - 02919683 _____ ( ) C:\Users\Peto\Downloads\reshacker_setup.exe
2017-04-20 14:21 - 2017-04-20 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2017-04-20 14:15 - 2017-05-16 05:32 - 00000000 ____D C:\Users\Peto\AppData\Local\ESET
2017-04-20 14:14 - 2017-04-20 14:15 - 06752384 _____ (ESET spol. s r.o.) C:\Users\Peto\Downloads\ESETOnlineScanner_SKY.exe
2017-04-20 04:06 - 2017-04-13 19:47 - 00199369 _____ C:\telelist.ini
2017-04-20 02:59 - 2017-04-20 02:59 - 02058632 _____ C:\Users\Peto\Downloads\WoWAdminPanel-master.zip
2017-04-19 22:58 - 2017-04-19 22:58 - 02281595 _____ C:\Users\Peto\Downloads\adminpanel2097.zip
2017-04-19 22:10 - 2017-04-19 22:10 - 00178714 _____ C:\Users\Peto\Downloads\adminpanel.rar
2017-04-18 20:19 - 2017-04-18 20:19 - 04059353 _____ C:\Users\Peto\Downloads\SweetFX+EFX_WoW_Barni.zip
2017-04-18 14:32 - 2017-04-18 14:32 - 00136176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-04-18 14:32 - 2017-04-18 14:32 - 00050672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-18 12:27 - 2015-10-23 06:11 - 00000000 ____D C:\Users\Peto\AppData\Local\Battle.net
2017-05-18 12:25 - 2017-04-08 23:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-18 12:01 - 2016-02-21 15:05 - 00000000 ____D C:\Users\Peto\AppData\Roaming\TS3Client
2017-05-18 11:25 - 2016-11-24 21:39 - 00000000 ____D C:\Users\Peto\AppData\LocalLow\Mozilla
2017-05-18 09:22 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-18 09:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-18 09:21 - 2015-10-21 15:00 - 00000000 ____D C:\Program Files\Microsoft Office
2017-05-18 09:04 - 2017-04-08 23:23 - 00000000 ____D C:\Users\Peto
2017-05-18 09:04 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-18 09:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-18 09:01 - 2015-10-23 06:10 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-05-18 00:36 - 2017-04-08 23:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-16 17:13 - 2016-10-08 23:44 - 00000000 ____D C:\Users\Peto\AppData\Roaming\Resilio Sync
2017-05-16 17:13 - 2016-10-08 23:44 - 00000000 ____D C:\ProgramData\Resilio Sync
2017-05-16 17:11 - 2017-04-08 23:31 - 04813102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-16 17:11 - 2015-10-29 05:37 - 02833298 _____ C:\WINDOWS\system32\perfh01B.dat
2017-05-16 17:11 - 2015-10-29 05:37 - 00795518 _____ C:\WINDOWS\system32\perfc01B.dat
2017-05-16 17:06 - 2017-03-18 23:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-16 17:06 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 17:05 - 2017-04-08 23:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-16 17:04 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-16 16:59 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-16 16:25 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-16 16:16 - 2016-04-10 16:16 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-05-16 16:15 - 2016-02-17 21:42 - 00000000 ____D C:\ProgramData\Auslogics
2017-05-16 10:39 - 2016-08-30 17:40 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 12:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-13 11:16 - 2017-04-08 23:29 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:29 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-13 11:16 - 2017-04-08 23:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-12 21:07 - 2017-04-08 23:29 - 00003230 _____ C:\WINDOWS\System32\Tasks\klcp_update
2017-05-12 21:07 - 2017-02-01 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-05-12 21:07 - 2015-10-21 00:57 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-05-12 20:06 - 2015-11-30 17:27 - 00000000 ____D C:\Program Files\Waterfox
2017-05-12 04:43 - 2015-11-16 13:16 - 00000000 ____D C:\Users\Peto\AppData\Local\ElevatedDiagnostics
2017-05-11 20:04 - 2015-11-26 14:45 - 00000000 ____D C:\Users\Peto\AppData\Local\Ubisoft Game Launcher
2017-05-11 18:11 - 2016-08-17 21:42 - 00000000 ____D C:\Users\Peto\BrawlhallaReplays
2017-05-11 16:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 16:08 - 2015-10-20 02:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 16:07 - 2017-04-08 23:22 - 00252384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 04:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 04:40 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-11 00:52 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-11 00:52 - 2015-10-20 04:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-11 00:50 - 2015-10-20 04:03 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-11 00:43 - 2015-10-20 02:39 - 00000000 ____D C:\Users\Peto\AppData\Local\Packages
2017-05-09 20:28 - 2017-04-08 23:29 - 00004550 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-09 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-05 16:54 - 2015-11-25 17:11 - 00000000 ____D C:\Users\Peto\AppData\Local\CrashDumps
2017-05-05 08:07 - 2016-03-12 17:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 08:07 - 2016-02-17 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-03 22:21 - 2017-04-06 22:35 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-03 22:21 - 2017-04-06 22:22 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2016-12-14 04:27 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-12-14 04:27 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2016-12-20 07:32 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 17:41 - 2017-04-08 23:23 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-02 00:59 - 2015-11-11 22:20 - 00000000 ____D C:\Users\Peto\Desktop\wpepro09mod
2017-05-02 00:38 - 2017-04-06 22:35 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-02 00:38 - 2017-04-06 22:35 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-02 00:38 - 2017-04-06 22:35 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-01 22:51 - 2017-04-08 23:23 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2017-04-08 23:23 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-01 19:18 - 2015-10-20 02:39 - 00000000 ____D C:\Users\Peto\AppData\Local\VirtualStore
2017-05-01 19:03 - 2017-04-13 19:47 - 00000000 ____D C:\Users\Peto\Downloads\adminpanel2097
2017-04-30 02:07 - 2016-01-30 19:39 - 00000000 ____D C:\Users\Peto\AppData\Roaming\Skype
2017-04-30 01:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 00:32 - 2017-04-08 23:29 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 00:32 - 2017-04-08 23:29 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 23:11 - 2017-04-08 23:23 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-23 07:51 - 2017-04-08 23:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-04-23 07:51 - 2015-12-02 03:55 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-20 14:20 - 2016-07-13 12:51 - 00000000 ____D C:\Program Files (x86)\Bloody6
2017-04-20 03:59 - 2017-03-20 06:07 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-04-19 08:12 - 2015-07-10 15:20 - 00395226 __RSH C:\bootmgr
2017-04-19 04:38 - 2015-10-23 05:44 - 00000000 ____D C:\ProgramData\Oracle
2017-04-19 04:37 - 2016-10-14 14:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-04-19 04:37 - 2016-10-14 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-19 04:37 - 2016-10-14 14:45 - 00000000 ____D C:\Program Files (x86)\Java

==================== Files in the root of some directories =======

2015-10-22 16:17 - 2017-03-18 15:29 - 0007594 _____ () C:\Users\Peto\AppData\Local\Resmon.ResmonCfg
2016-03-23 16:02 - 2016-04-12 20:45 - 0000035 _____ () C:\ProgramData\droidcam-settings
2016-12-20 07:33 - 2017-01-25 15:27 - 0010941 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-20 07:33 - 2017-01-20 14:33 - 0007103 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Peto\Desktop" je 61 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Samostatne sa spusta nejaky program

Napsal: 18 kvě 2017 17:46
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Samostatne sa spusta nejaky program

Napsal: 18 kvě 2017 19:49
od Peter911
# AdwCleaner v6.046 - *Logfile created 18/05/2017 *at 13:19:25
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-17.1 [*Server]
# *Operating System : Windows 10 Pro (X64)
# *Username : Peto - DESKTOP-MNH69NR
# *Running from : C:\Users\Peto\Downloads\adwcleaner_6.046.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

*Service Found: esgiguard


***** [ *Folders ] *****

*Folder Found: C:\Users\Peto\AppData\Local\eSupport.com
*Folder Found: C:\ProgramData\BSD\DriverHive
*Folder Found: C:\ProgramData\BSD\DriverHiveEngine
*Folder Found: C:\ProgramData\Auslogics
*Folder Found: C:\ProgramData\Application Data\lavasoft\web companion
*Folder Found: C:\Program Files (x86)\SecurityXploded


***** [ *Files ] *****

*File Found: C:\spyhunter.fix
*File Found: C:\WINDOWS\SysWOW64\sh4native.exe
*File Found: C:\Users\Peto\AppData\Roaming\Mozilla\Firefox\Profiles\m7jw6ni2.default\searchplugins\yahoo-lavasoft.xml


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*No malicious task found.


***** [ *Registry ] *****

*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\eSupport.com
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\BSD
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\SecurityXploded
*Key Found: HKCU\Software\eSupport.com
*Key Found: HKCU\Software\BSD
*Key Found: HKCU\Software\SecurityXploded
*Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
*Key Found: HKLM\SOFTWARE\EnigmaSoftwareGroup
*Key Found: HKLM\SOFTWARE\Auslogics
*Key Found: HKLM\SOFTWARE\BSD
*Key Found: [x64] HKCU\Software\eSupport.com
*Key Found: [x64] HKCU\Software\BSD
*Key Found: [x64] HKCU\Software\SecurityXploded
*Key Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
*Value Found: HKU\S-1-5-21-768667381-2974455692-2822200728-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SSMaker2]
*Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*Chromium pref Found: [C:\Users\Peto\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2924 *Bytes] - [18/05/2017 13:19:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2998 *Bytes] ##########

Re: Samostatne sa spusta nejaky program

Napsal: 18 kvě 2017 19:58
od Rudy
ADW nemazal, neklikl jste na mazání. Zkuste ještě jednou.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz