Smart wrapper i FRST 64

Milotic · 25 Lipiec 2015 17:32

Na samym początku chciałbym zaznaczyć,że na prawdę nie znam się na tych wszystkich ‘‘informatycznych rzeczach’’.

Kiedy próbowałem pobrac daemon tools,na dole z tymi innymi okienkami wyświetlił się smart wrapper,ktorego można tylko otworzyć,po zrobieniu czego pokazuje się pomarańczowy prostokącik z napisem ‘‘smart downloading’’.

Próbując znaleźć coś na temat smart wrappera,natknąłem się na wątek na tym forum,gdzie w odpowiedzi był podany link ->http://forum.dobreprogramy.pl/farbar-recovery-scan-tool-raport-obowi%C4%85zkowy-t478727/

Mam już ten program,mam te txt. i teraz potrzeba mi fixlist.txt.

Mam nadzieję,że jak najszybciej mi pomożecie i nie będziecie mieli za złe,jeśli spamuję.

http://www.wklej.org/id/1762956/ - FRST

http://www.wklej.org/id/1762963/ - shortcut

Atis · 25 Lipiec 2015 18:17

Przeczytaj dokładnie punkt 5:

Farbar Recovery Scan Tool - Raport obowiązkowy

Milotic · 25 Lipiec 2015 18:25

Chodzi o to,że zapomniałem wkleić addition ?

http://www.wklej.org/id/1763000/

Atis · 25 Lipiec 2015 18:35

W panelu sterowania odinstaluj:

Linkey

QuickSurf

Spybot - Search & Destroy

Pobierz i uruchom AdwCleaner Kliknij Skanuj i później Usuń.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.

Milotic · 25 Lipiec 2015 18:46

http://prntscr.com/7wwvec

Atis · 25 Lipiec 2015 19:30

Użyj AdwCleaner i pokaż nowy log.

Milotic · 25 Lipiec 2015 19:46

http://www.wklej.org/id/1763036/

Atis · 25 Lipiec 2015 20:08

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF HKU\S-1-5-21-1701821128-3612261022-3041773879-1004\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
S1 qsafd_vt_1_10_0_20; system32\drivers\qsafd_vt_1_10_0_20.sys [X]
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
C:\Windows\system32\drivers\avgtpx64.sys
C:\Windows\SysWOW64\sho*.tmp
2015-07-25 21:32 - 2014-09-02 21:35 - 00000000 ____ D C:\AdwCleaner
2015-07-25 21:14 - 2015-02-13 17:24 - 00000000 ____ D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-25 21:07 - 2015-02-13 17:25 - 00000000 ____ D C:\ProgramData\Spybot - Search & Destroy
2015-07-25 17:16 - 2011-11-17 17:13 - 00001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-07-25 17:15 - 2011-11-17 17:16 - 00001024 ___RH C:\Users\Public\Documents\NTILiveUpdateV9.dll
2015-07-07 21:27 - 2015-05-27 19:27 - 00000000 ____ D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2012-07-05 00:52 - 2012-07-05 00:52 - 0000032 _____ () C:\ProgramData\Temp.log
2015-07-25 14:52 - 2015-07-25 14:52 - 00000000 ___HD C:\Users\Werner\temp.662210788
2013-05-21 16:08 - 2014-06-23 07:27 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-02-13 17:13 - 2015-02-13 17:13 - 0000003 _____ () C:\Users\Werner\AppData\Local\updater.log
2015-02-13 17:14 - 2015-04-23 16:41 - 0000424 _____ () C:\Users\Werner\AppData\Local\UserProducts.xml
Task: {012132D5-D5C6-4940-87E3-C6A55302E9E2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{BB255747-230A-4F65-9CE7-F467A09F797F}.exe
Task: {1F49811E-E2D9-4714-ACC3-6B609C941E32} - System32\Tasks\{D7540506-6428-48A1-8093-449A554E2D10} => pcalua.exe -a "C:\Users\Media\Downloads\dxwebsetup (1).exe" -d C:\Users\Media\Downloads
Task: {63F6935B-CE6E-4C23-ABF7-27164C6F20B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {87BB9C02-4814-4291-A468-716BF88D552A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{082ADB4A-4BA5-4C99-958A-D18D7CDF4531}.exe
Task: {93549455-32B6-4891-A590-A7E2CB5D53CE} - System32\Tasks\{86A7E417-CAA6-4DDA-9A6A-534693E1CB57} => pcalua.exe -a "C:\Program Files (x86)\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {A415B010-5D6F-4975-967D-F51362F685F6} - System32\Tasks\{3FF12046-3867-4FE6-8443-CF6ECA68BEFF} => Chrome.exe 
Task: {C339C5E5-77C2-4004-9BE7-CA34E0778696} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DA7E2A3E-AE93-42D7-8001-5B17A36D9798} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DBCF11CB-F3F9-4865-9901-BC594D4AA5BE} - System32\Tasks\{7BE9591E-0370-4F21-8208-6EF420A07185} => Chrome.exe 
Task: {EC34E79A-7D2E-431F-882F-B71098646CB0} - System32\Tasks\{2862DA90-81E7-4BFE-B01A-07B359248C8C} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe"
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{BB255747-230A-4F65-9CE7-F467A09F797F}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{082ADB4A-4BA5-4C99-958A-D18D7CDF4531}.exe <==== ATTENTION
2015-07-25 14:52 - 2015-07-25 14:52 - 00000000 ___HD C:\Users\Werner\temp.662210788
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.

Milotic · 25 Lipiec 2015 20:40

http://www.wklej.org/id/1763064/ -fixlog

FRST (wklejam cały,bo wklej.org nie chce mi działać):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015

Ran by Werner (administrator) on MEDIA-KOMPUTER (25-07-2015 22:32:19)

Running from E:\Users\Pobierane

Loaded Profiles: Werner (Available Profiles: Sabka & Werner)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Polski (Polska)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\CCF_Reputation\fsorsp.exe

(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Common\FSHDLL64.EXE

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Common\FSM32.EXE

(F-Secure Corporation) C:\Program Files (x86)\bezpieczny_internet_vectra\fshoster32.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\consent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)

HKLM…\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)

HKLM…\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)

HKLM…\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)

HKLM-x32…\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)

HKLM-x32…\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)

HKLM-x32…\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)

HKLM-x32…\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.)

HKLM-x32…\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)

HKLM-x32…\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-27] (CyberLink Corp.)

HKLM-x32…\Run: [sSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)

HKLM-x32…\Run: [F-Secure Manager] => C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)

HKLM-x32…\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKLM-x32…\Run: [F-Secure Hoster (54752)] => C:\Program Files (x86)\bezpieczny_internet_vectra\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)

HKLM-x32…\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32…\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()

HKLM-x32…\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)

HKU\S-1-5-19…\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-20…\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-1701821128-3612261022-3041773879-1004…\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)

HKU\S-1-5-21-1701821128-3612261022-3041773879-1004…\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)

HKU\S-1-5-21-1701821128-3612261022-3041773879-1004…\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)

HKU\S-1-5-21-1701821128-3612261022-3041773879-1004…\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)

HKU\S-1-5-18…\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-04-19] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-04-19] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-04-19] (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-04-19] (GG Network S.A.)

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip…\Interfaces{9BC192DE-0F47-4999-B09C-88195BB43701}: [DhcpNameServer] 192.168.0.1

FireFox:

========

FF ProfilePath: C:\Users\Werner\AppData\Roaming\Mozilla\Firefox\Profiles\knud94vv.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-01-26] (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1701821128-3612261022-3041773879-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Werner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-07] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-07] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-07] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-07] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-07] (Apple Inc.)

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-07-19]

Chrome:

=======

CHR Profile: C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]

CHR Extension: (YouTube) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]

CHR Extension: (Adblock Plus) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-06]

CHR Extension: (Google Search) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]

CHR Extension: (Ghostery) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-02-13]

CHR Extension: (Google Wallet) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-31]

CHR Extension: (Gmail) - C:\Users\Werner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)

R2 fshoster; C:\Program Files (x86)\bezpieczny_internet_vectra\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)

R2 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)

R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 DirectNT; C:\Windows\SysWow64\Drivers\DirectNT.sys [3424 1996-12-04] (c’t)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-07-07] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-06-08] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-05-26] ()

R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2012-11-06] ()

R3 fsni; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)

R1 fsvista; C:\Program Files (x86)\bezpieczny_internet_vectra\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-05-06] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-05-06] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-13] (Duplex Secure Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 22:01 - 2015-07-25 22:01 - 00000000 ____D C:\Users\Werner\Desktop\Nowy folder

2015-07-25 21:26 - 2015-07-25 21:26 - 02248704 _____ C:\Users\Werner\Downloads\adwcleaner_4.208.exe

2015-07-25 16:23 - 2015-07-25 16:23 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Werner\Downloads\DTLiteInstaller.exe

2015-07-25 15:26 - 2015-07-25 22:32 - 00000000 ____D C:\FRST

2015-07-23 22:05 - 2015-07-23 22:05 - 00003280 ____N C:\bootsqm.dat

2015-07-22 19:08 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-07-22 19:08 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-22 19:08 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-07-22 19:08 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-07-22 19:08 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-07-22 19:08 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-22 19:08 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-07-22 19:08 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-07-22 19:08 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-22 19:08 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-22 18:36 - 2015-07-25 21:14 - 00003778 _____ C:\Windows\PFRO.log

2015-07-19 11:32 - 2015-07-22 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-18 14:05 - 2015-07-25 22:24 - 00001288 _____ C:\Windows\setupact.log

2015-07-18 14:05 - 2015-07-18 14:05 - 00000000 _____ C:\Windows\setuperr.log

2015-07-16 17:44 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-16 17:44 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-07-16 17:44 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-16 17:44 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-16 17:44 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-16 17:44 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-07-16 17:44 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-16 17:44 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-16 17:44 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-16 17:44 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-16 17:44 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-16 17:44 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-16 17:44 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-16 17:44 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-16 17:44 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-07-16 17:44 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-07-16 17:44 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-07-16 17:44 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-07-16 17:44 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-07-16 17:44 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-07-16 17:44 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-16 17:44 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-16 17:44 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-07-16 17:44 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-16 17:44 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-07-16 17:44 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-07-16 17:44 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-16 17:44 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-07-16 17:44 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-07-16 17:44 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-16 17:44 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-07-16 17:44 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-07-16 17:44 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-07-16 17:44 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-16 17:44 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-16 17:44 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-16 17:44 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-16 17:44 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-16 17:44 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

2015-07-16 17:44 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

2015-07-16 17:43 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-07-16 17:43 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-16 17:43 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-16 17:43 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-16 17:43 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-07-16 17:43 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-16 17:43 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-07-16 17:43 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-07-16 17:43 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-16 17:43 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-16 17:43 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-16 17:43 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-07-16 17:43 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-16 17:43 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-16 17:43 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-16 17:43 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-16 17:43 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-07-16 17:43 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-15 15:30 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-15 15:30 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-15 15:30 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-07-15 15:30 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-15 15:30 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-15 15:30 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-15 15:30 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-15 15:30 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-15 15:30 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-15 15:30 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-15 15:30 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-15 15:30 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-15 15:30 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-15 15:30 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-15 15:30 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-15 15:30 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-15 15:30 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-15 15:29 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-07-15 15:29 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-07-15 15:29 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-07-15 15:29 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-07-15 15:29 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-07-15 15:29 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-07-15 15:29 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-07-15 15:29 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-07-15 15:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-15 15:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-07-15 15:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-07-15 15:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-07-15 15:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-07-15 15:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-07-15 15:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-07-15 15:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-07-15 15:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-07-15 15:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-07-15 15:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-07-15 15:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-07-15 15:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-15 15:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-07-15 15:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-07-15 15:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-07-15 15:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-07-15 15:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-07-15 15:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-15 15:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-15 15:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-15 15:26 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-15 15:26 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-15 15:26 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-15 15:26 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-15 15:26 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-15 15:26 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-15 15:26 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-15 15:26 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-15 15:26 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-15 15:26 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-15 15:26 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-15 15:26 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-15 15:26 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-15 15:26 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-15 15:26 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-15 15:26 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-15 15:26 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-15 15:26 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-15 15:26 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-15 15:26 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2015-07-14 16:36 - 2015-07-14 16:36 - 00001553 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-07-14 16:36 - 2015-07-14 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2015-07-14 16:35 - 2015-07-14 16:35 - 00000000 ____D C:\Program Files\iPod

2015-07-14 16:35 - 2015-07-14 16:35 - 00000000 ____D C:\Program Files (x86)\iTunes

2015-07-10 16:04 - 2015-07-10 16:04 - 00000003 _____ C:\updater.log

2015-07-07 21:08 - 2015-07-07 21:09 - 00000000 ____D C:\Program Files (x86)\QuickTime

2015-07-07 21:08 - 2015-07-07 21:08 - 00001809 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2015-07-07 21:08 - 2015-07-07 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 22:29 - 2011-11-17 17:00 - 01552262 _____ C:\Windows\WindowsUpdate.log

2015-07-25 22:25 - 2015-05-29 18:09 - 00000000 ___RD C:\Users\Werner\iCloudDrive

2015-07-25 22:25 - 2014-09-04 16:29 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-25 22:25 - 2012-11-04 20:00 - 00000284 _____ C:\Windows\Tasks\RMAutoUpdate.job

2015-07-25 22:25 - 2012-11-03 23:45 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic

2015-07-25 22:25 - 2012-07-19 19:56 - 00000000 ____D C:\ProgramData\Giraffic

2015-07-25 22:25 - 2012-07-19 19:56 - 00000000 ____D C:\Program Files (x86)\Giraffic

2015-07-25 22:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-25 22:17 - 2014-04-10 23:01 - 00000000 ____D C:\Users\Werner

2015-07-25 21:59 - 2012-07-01 22:40 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-07-25 21:55 - 2014-09-04 16:29 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-25 21:48 - 2012-07-01 20:02 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1701821128-3612261022-3041773879-1000UA.job

2015-07-25 21:48 - 2012-07-01 20:02 - 00001006 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1701821128-3612261022-3041773879-1000Core.job

2015-07-25 21:44 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-25 21:44 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-25 21:18 - 2012-08-13 18:13 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701821128-3612261022-3041773879-1000UA.job

2015-07-25 21:08 - 2012-07-01 20:14 - 00010023 _____ C:\Windows\wininit.ini

2015-07-25 21:07 - 2014-09-13 13:43 - 00000000 ____D C:\Users\Werner\AppData\Roaming\uTorrent

2015-07-25 19:24 - 2012-11-03 23:47 - 00000284 _____ C:\Windows\Tasks\RMSchedule.job

2015-07-25 18:18 - 2012-08-13 18:13 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701821128-3612261022-3041773879-1000Core.job

2015-07-25 14:38 - 2015-04-05 10:45 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-25 14:26 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-07-24 18:51 - 2011-11-17 17:19 - 00000000 ____D C:\ProgramData\Temp

2015-07-23 08:37 - 2009-07-14 06:45 - 00276432 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-22 18:36 - 2012-07-08 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-07-21 19:09 - 2014-05-14 07:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

2015-07-16 23:48 - 2011-11-17 16:30 - 00741140 _____ C:\Windows\system32\perfh015.dat

2015-07-16 23:48 - 2011-11-17 16:30 - 00156424 _____ C:\Windows\system32\perfc015.dat

2015-07-16 23:48 - 2009-07-14 07:13 - 01672206 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-16 17:14 - 2015-04-05 10:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-16 17:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-16 17:13 - 2014-12-11 18:12 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-16 17:13 - 2014-05-07 11:43 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-16 03:23 - 2013-07-13 09:26 - 00000000 ____D C:\Windows\system32\MRT

2015-07-15 23:59 - 2012-07-01 22:40 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-07-15 23:59 - 2012-07-01 22:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-15 23:59 - 2011-10-19 06:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-15 23:50 - 2014-09-04 16:29 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-15 23:50 - 2014-09-04 16:29 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-14 16:35 - 2015-05-27 19:18 - 00000000 ____D C:\Program Files\Common Files\Apple

2015-07-09 00:02 - 2014-04-12 19:45 - 00000000 ____D C:\Users\Werner\AppData\Roaming\Skype

2015-07-03 08:43 - 2012-07-02 14:07 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2011-11-17 17:19 - 2011-11-17 17:25 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-23 09:08

==================== End of log ============================