FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
Ran by Sebastian (administrator) on DOKTORX (25-02-2017 10:47:52)

Running from C:\Users\Sebastian\Downloads
Loaded Profiles: Sebastian (Available Profiles: Sebastian)
Platform: Windows 8.1 Pro (Update) (X64) Language: Engelska (USA)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Birdjob\A
pplication\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335
081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file wi
ll not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpap
isvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(TODO: <Company name>) C:\Users\Sebastian\AppData\Roaming\gjdgj\UvConverter.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer
.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Serv
ice\nvwirelesscontroller.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrv
c.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwrite
r.exe
(hxxp://ytdownloader.biz/) C:\Program Files (x86)\Common Files\YT Updater\ytupda
ter.exe
(Intel Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcon
tainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Presentati
onFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAS
torDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusche
d.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Comp
onents\FWService\IntelMeFWService.exe
onents\DAL\Jhi_service.exe
onents\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAS
torIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Birdjob\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Comm
on7\IDE\VSIXAutoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(OldTimer Tools) C:\Users\Sebastian\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack
_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA
\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-06-10] (Realtek s
emiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Tech
nology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [140
21336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
[1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAV
Bg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2635016 2016-02-
08] (FSPro Labs)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\syst
em32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Ja
va\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\Run: [DAEMON Tools Lite A
utomount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15]
(Disc Soft Ltd)
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\Run: [Steam] => C:\Progra
m Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\Run: [msnmsgr] => "C:\Pro
gram Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\MountPoints2: {77850ee6-b
c71-11e5-824f-f0761cfc559f} - "E:\Ret.exe"
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\MountPoints2: {82cc19fe-d
7bd-11e5-825f-acd1b8e33b44} - "D:\AUTORUN.EXE"
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\MountPoints2: {c9ac2e09-4
f87-11e6-8278-acd1b8e33b44} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\MountPoints2: {c9ac2e4d-4
f87-11e6-8278-acd1b8e33b44} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\...\MountPoints2: {cabd6dbb-e
c64-11e5-8269-acd1b8e33b44} - "F:\start.exe"
IFEO\MRT.exe: [Debugger] C:\ProgramData\jdgjd\Gubed.exe -Yrrehs
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\
BtwProximityCP.dll
ShellExecuteHooks: No Name - {B19FD676-A733-11E6-868D-64006A5CFC23} - C:\Users\S
ebastian\AppData\Roaming\Ghgerleshowerther\Warasywubus.dll -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.
lnk [2016-01-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTT
ray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be remo
ved or restored to default.)
AutoConfigURL: [S-1-5-21-3936271138-2850751734-2826734864-1001] => hxxp://no-blo
ck.net/wpad.dat?e7cdbb71bf5b30df95f52d4a4d31f0c723222196
Tcpip\Parameters: [DhcpNameServer] 83.255.255.2 83.255.255.1
Tcpip\..\Interfaces\{C610867F-FBC8-49FA-8EF9-DC9B434DF130}: [DhcpNameServer] 83.
255.255.2 83.255.255.1
ManualProxies: 0hxxp://no-block.net/wpad.dat?e7cdbb71bf5b30df95f52d4a4d31f0c7232
22196
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpage
ing123.com/?type=hp&ts=1487704091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e5m3c&f
rom=ggg0221&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://w
ww.startpageing123.com/?type=hp&ts=1487704091&z=78c782cce360af3734a5b82g1zfbem5m
8e2z3e5m3c&from=ggg0221&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites
.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g6zabcg7gdo2m1q1c4m&
from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={searchTer
ms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.amisites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g6zabcg7
gdo2m1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&
q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sta
rtpageing123.com/?type=hp&ts=1487704091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e
5m3c&from=ggg0221&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hx
xp://www.startpageing123.com/?type=hp&ts=1487704091&z=78c782cce360af3734a5b82g1z
fbem5m8e2z3e5m3c&from=ggg0221&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTC
ASZT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.a
misites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g6zabcg7gdo2m
1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={se
archTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
hxxp://www.amisites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g
6zabcg7gdo2m1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZ
TCASZT&q={searchTerms}
HKU\S-1-5-21-3936271138-2850751734-2826734864-1001\Software\Microsoft\Internet E
xplorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=148
7704091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e5m3c&from=ggg0221&uid=WDCXWD10S2
1X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={searchTerms}
xplorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=14877
04091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e5m3c&from=ggg0221&uid=WDCXWD10S21X
-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT
xplorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds
&ts=1487704091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e5m3c&from=ggg0221&uid=WDC
XWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={searchTerms}
xplorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/sv-se/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
hxxp://www.amisites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g
6zabcg7gdo2m1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZ
TCASZT&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.am
isites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g6zabcg7gdo2m1
q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={sea
rchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} UR
L = hxxp://www.amisites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b
189g6zabcg7gdo2m1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65
CASZTCASZT&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://ww
w.amisites.com/search/?type=ds&ts=1481127637&z=883bd6c2c6173fc0e63b189g6zabcg7gd
o2m1q1c4m&from=che0812&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q=
{searchTerms}
SearchScopes: HKU\S-1-5-21-3936271138-2850751734-2826734864-1001 -> {33BB0A4E-99
AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&
ts=1487704091&z=78c782cce360af3734a5b82g1zfbem5m8e2z3e5m3c&from=ggg0221&uid=WDCX
WD10S21X-24R1BT0-SSHD-8GB_WD-WX71A65CASZTCASZT&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:
\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-25] (Oracle Corporation)
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Fil
es (x86)\Youtube AdBlock\IEEF\pla5Awa.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->
C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft
Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->
C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-25] (Oracle Corporati
on)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-25] (Oracle Corp
oration)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF}
-> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (
Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9}
-> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-25] (Oracle
Corporation)
FireFox:
========
FF DefaultProfile: vsr3fbrw.default
FF ProfilePath: [General]
AutoLogin=1
Default=Tozsamosc1
[Identities]
Tozsamosc1=C:\Program Files (x86)\Draco Software\Draco Organizer 3\Profiles\Tozs
amosc1\
[not found]
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\vsr3
fbrw.default [2017-02-17]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\vsr3fbrw.default -> Yahoo!
FF Homepage: Mozilla\Firefox\Profiles\vsr3fbrw.default -> hxxp://www.google.se/
FF Keyword.URL: Mozilla\Firefox\Profiles\vsr3fbrw.default -> hxxps://se.search.y
ahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Extension: (Aktualizacja dodatku Flash) - C:\Users\Sebastian\AppData\Roaming\
Mozilla\Firefox\Profiles\vsr3fbrw.default\Extensions\dodatek@firefox.pl.xpi [201
6-09-06]
FF Extension: (Mark Ads Sites In Search) - C:\Users\Sebastian\AppData\Roaming\Mo
zilla\Firefox\Profiles\vsr3fbrw.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.x
pi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefo
x\Profiles\vsr3fbrw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xp
i [2016-04-28]
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Firefox\Firefox\Profiles\vsr3
fbrw.default [2017-02-23]
FF SelectedSearchEngine: Firefox\Firefox\Profiles\vsr3fbrw.default -> Yahoo!
FF Homepage: Firefox\Firefox\Profiles\vsr3fbrw.default -> hxxp://www.google.se/
FF Keyword.URL: Firefox\Firefox\Profiles\vsr3fbrw.default -> hxxps://se.search.y
ahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Extension: (FF Adr) - C:\Users\Sebastian\AppData\Roaming\Firefox\Firefox\Prof
iles\vsr3fbrw.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017
-01-18] [not signed]
FF Extension: (Aktualizacja dodatku Flash) - C:\Users\Sebastian\AppData\Roaming\
Firefox\Firefox\Profiles\vsr3fbrw.default\Extensions\dodatek@firefox.pl.xpi [201
6-09-06]
FF Extension: (Mark Ads Sites In Search) - C:\Users\Sebastian\AppData\Roaming\Fi
refox\Firefox\Profiles\vsr3fbrw.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.x
pi [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Roaming\Firefox\Firefo
x\Profiles\vsr3fbrw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xp
i [2017-02-20]
FF SearchPlugin: C:\Users\Sebastian\AppData\Roaming\Firefox\Firefox\Profiles\vsr
3fbrw.default\searchplugins\searchinme.xml [2017-01-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_
23_0_0_162.dll [2016-10-03] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog We
b Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0
_121\bin\dtplugin\npDeployJava1.dll [2017-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8
.0_121\bin\plugin2\npjp2.dll [2017-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Offic
e14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSW
F32_23_0_0_162.dll [2016-10-03] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\
np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelo
g Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Prog
ram Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT
.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [
2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Jav
a\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\J
ava\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\O
ffice14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Of
fice14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x
86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation
\3D Vision\npnv3dv.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Co
rporation\3D Vision\npnv3dvstreaming.dll [2016-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x8
6)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x8
6)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-23] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default [2
017-02-23]
CHR Extension: (Google Presentationer) - C:\Users\Sebastian\AppData\Local\Google
\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-2
3]
CHR Extension: (Google Dokument) - C:\Users\Sebastian\AppData\Local\Google\Chrom
e\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-23]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\U
ser Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-23]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User D
ata\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-23]
CHR Extension: (Google Kalkylark) - C:\Users\Sebastian\AppData\Local\Google\Chro
me\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-23]
CHR Extension: (Google Dokument Offline) - C:\Users\Sebastian\AppData\Local\Goog
le\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02
-23]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Sebastian\AppData\Loc
al\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [
2017-02-23]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-23]
CHR Extension: (Chrome Media Router) - C:\Users\Sebastian\AppData\Local\Google\C
hrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-23]
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
R2 Apple_Cfg; C:\ProgramData\Apple\Apple Application Support\Support.dll [112640
2017-02-23] () [File not signed]
R2 APPLE_svr; C:\ProgramData\Apple Computer\iTunes\iPodDevices.dll [482304 2017-
02-13] () [File not signed]
R2 Convxxxx; C:\Users\Sebastian\AppData\Roaming\gjdgj\UvConverter.exe [451072 20
16-12-19] (TODO: <Company name>) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusSer
vice.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [162992 2017-0
2-13] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteServic
e64.exe [191688 2016-05-25] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IA
StorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08
-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS
Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signe
d]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Inte
l\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation
)
R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [459264 20
17-02-13] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Componen
ts\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12
-04] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5691912 2016-05-18] (INCA Internet
Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcon
tainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nv
container.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeFor
ce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corp
oration)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe
[2122248 2016-08-12] (Electronic Arts)
S2 Prercertain; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Co
rporation)
S2 Prercertain; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Co
rporation)
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-29] (Microsoft Co
rporation) [DependOnService: iThemes5]<==== ATTENTION
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio
14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776
2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (M
icrosoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (
Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Sebastian\AppData\Roaming\WinSAPSvc\WinSAP.dll [184832 20
17-02-24] (TODO: <Company name>) [File not signed]
R2 WinSnare; C:\Users\Sebastian\AppData\Roaming\WinSnare\WinSnare.dll [778752 20
17-02-24] (InterSect Alliance Pty Ltd) [File not signed]
R2 YT Updater Service; C:\Program Files (x86)\Common Files\YT Updater\ytupdater.
exe [16384 2015-01-26] (hxxp://ytdownloader.biz/) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [382
0960 2014-12-04] (Intel Corporation)
S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X]
S2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [X]
S2 GubZL; C:\Program Files (x86)\Gub\GubZL.dll [X]
===================== Drivers (Whitelisted) ======================
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [172760 2013-10-02] (Broadco
m Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broad
com Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-04] (Sams
ung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-1
6] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-01-16]
(Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 201
6-05-25] (Huawei Technologies Co., Ltd.)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FS
Pro Labs)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Hua
wei Technologies Co., Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Inte
l Corporation)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [57832 2015-09-30] (Wi
ndows (R) Win 7 DDK provider)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
[27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-11
-17] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil S
emiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek
Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-1
0-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07]
(Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-04] (Samsung
Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Appl
e, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft
Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Micro
soft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Micro
soft Corporation)
S1 p1481375318am; \??\C:\Users\SEBAST~1\AppData\Local\Temp\bk70B7.tmp\p148137531
8am.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-25 10:46 - 2017-02-25 10:46 - 00602112 _____ (OldTimer Tools) C:\Users\S
ebastian\Downloads\OTL.exe
2017-02-25 10:45 - 2017-02-25 10:45 - 00000000 ____D C:\Users\Sebastian\Download
s\FRST-OlderVersion
2017-02-24 19:51 - 2017-02-24 19:51 - 16938323 _____ (Bractwo Spolszczenia ) C:\
Users\Sebastian\Downloads\Wojna z Orkami patch (1).exe
2017-02-24 18:51 - 2017-02-24 18:52 - 13767776 _____ (Microsoft Corporation) C:\
Users\Sebastian\Downloads\vc_redist.x86.exe
2017-02-24 18:50 - 2017-02-24 19:30 - 00003348 _____ C:\Program Files (x86)\meta
data
2017-02-24 18:50 - 2017-02-24 18:50 - 00000040 _____ C:\Program Files (x86)\sett
ings.dat
2017-02-24 18:32 - 2017-02-24 18:33 - 16938323 _____ (Bractwo Spolszczenia ) C:\
Users\Sebastian\Downloads\Wojna z Orkami patch.exe
2017-02-24 18:24 - 2017-02-24 18:24 - 00000000 ____D C:\Users\Sebastian\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Roaming\aMule
2017-02-24 18:24 - 2017-02-24 18:24 - 00000000 ____D C:\Program Files (x86)\WinS
nare(4.1.6)
2017-02-24 18:24 - 2017-02-24 18:24 - 00000000 ____D C:\Program Files (x86)\amul
eCexx
2017-02-24 18:23 - 2017-02-24 18:23 - 00000000 ____D C:\Program Files (x86)\cvbs
0
2017-02-23 22:06 - 2017-02-23 22:06 - 00000000 _____ C:\temp.dat
Local\Birdjob
2017-02-23 21:32 - 2017-02-23 21:32 - 00003426 _____ C:\Windows\System32\Tasks\G
oogleUpdateTaskMachineUA
2017-02-23 21:32 - 2017-02-23 21:32 - 00002275 _____ C:\Users\Public\Desktop\Goo
gle Chrome.lnk
2017-02-23 21:32 - 2017-02-23 21:32 - 00000000 ____D C:\Program Files (x86)\Goog
le
2017-02-23 21:31 - 2017-02-23 21:31 - 01129376 _____ (Google Inc.) C:\Users\Seba
stian\Downloads\ChromeSetup.exe
2017-02-23 21:00 - 2017-02-23 21:00 - 00000000 ____D C:\Program Files (x86)\Bird
job
2017-02-23 20:59 - 2017-02-23 20:59 - 00000000 ____D C:\Program Files (x86)\MIO
2017-02-23 20:07 - 2017-02-23 20:08 - 00000900 _____ C:\Users\Sebastian\Desktop\
MaxPayne.exe - genvg.lnk
2017-02-22 21:39 - 2017-02-22 21:39 - 00003832 _____ C:\Windows\System32\Tasks\O
pera scheduled Autoupdate 1487795959
2017-02-22 21:39 - 2017-02-22 21:39 - 00001109 _____ C:\Users\Public\Desktop\Ope
ra.lnk
2017-02-22 21:39 - 2017-02-22 21:39 - 00001109 _____ C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Opera.lnk
Roaming\Opera Software
Local\Opera Software
2017-02-22 21:38 - 2017-02-22 21:39 - 00000000 ____D C:\Program Files\Opera
2017-02-22 19:54 - 2017-02-24 19:30 - 00000000 ____D C:\Program Files (x86)\repo
rts
2017-02-22 19:54 - 2017-02-22 19:57 - 00007669 _____ C:\Users\Sebastian\AppData\
Local\resmon.resmoncfg
2017-02-18 18:16 - 2017-02-23 21:26 - 00000000 ____D C:\Users\Sebastian\Document
s\Max Payne Savegames
LocalLow\uTorrent
2017-02-14 21:24 - 2017-02-23 21:00 - 00000217 _____ C:\Users\Public\Desktop\Goo
gle Chrome.url
2017-02-13 20:57 - 2017-02-13 20:57 - 00000000 ____D C:\Program Files (x86)\Fire
fox
2017-02-13 20:45 - 2017-02-13 20:57 - 00002011 _____ C:\Users\Public\Desktop\Moz
illa Firefox.lnk
Local\Goldass
Roaming\WinSAPSvc
2017-02-12 10:05 - 2017-02-12 10:05 - 22140464 _____ C:\Users\Sebastian\Download
s\BankID_installation_7_3_0.exe
2017-02-09 19:56 - 2017-02-24 18:24 - 00003604 _____ C:\Windows\System32\Tasks\M
ilimili
2017-02-09 19:17 - 2017-02-09 19:17 - 12754040 _____ C:\Users\Sebastian\Document
s\Chopin - Spring Waltz.mp4
2017-01-29 20:34 - 2017-01-29 20:34 - 00000772 _____ C:\Windows\SysWOW64\ping.cf
g
2017-01-27 19:59 - 2017-01-27 19:59 - 06792995 _____ C:\Users\Sebastian\Document
s\Travesuras - Nicky Jam (Lyrics Spanish & English) (HD).mp4
s\Maja och hennes kritor.odt
2017-01-27 19:36 - 2017-01-27 19:36 - 00000000 ____D C:\Users\Sebastian\Desktop\
ilona
Local\Apps\2.0
Local\Deployment
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
s\FRST.txt
2017-02-25 10:47 - 2016-12-10 14:03 - 00000000 _____ C:\Users\Public\Documents\r
eport.dat
2017-02-25 10:47 - 2016-10-03 21:57 - 00000000 ____D C:\FRST
2017-02-25 10:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-02-25 10:45 - 2017-01-17 18:14 - 02423296 _____ (Farbar) C:\Users\Sebastian
\Downloads\FRST64.exe
2017-02-25 10:42 - 2016-01-16 16:26 - 00003794 _____ C:\Windows\System32\Tasks\U
ser_Feed_Synchronization-{DF919879-6280-402B-A7DF-982E3824E6B6}
2017-02-25 10:38 - 2016-01-16 16:36 - 00000000 ___DO C:\Users\Sebastian\SkyDrive
2017-02-25 10:37 - 2016-01-16 17:52 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-25 10:37 - 2016-01-16 16:46 - 00000000 __SHD C:\Users\Sebastian\IntelGra
phicsProfiles
2017-02-25 10:35 - 2016-12-10 14:03 - 00000000 _____ C:\Users\Public\Documents\t
emp.dat
2017-02-25 10:35 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-25 00:24 - 2016-01-19 22:58 - 00000868 _____ C:\Windows\Tasks\Adobe Flas
h Player Updater.job
ptimize Start Menu Cache Files-S-1-5-21-3936271138-2850751734-2826734864-1001
Roaming\WinSnare
LocalLow\Mozilla
2017-02-23 21:32 - 2016-08-29 13:47 - 00003298 _____ C:\Windows\System32\Tasks\G
oogleUpdateTaskMachineCore
ndows\Start Menu\Programs\Google Chrome.lnk
Local\Google
2017-02-23 21:00 - 2016-02-24 06:34 - 00000000 ____D C:\ProgramData\Apple
Local\ElevatedDiagnostics
neDrive Standalone Update Task v2
2017-02-19 14:17 - 2016-06-28 07:47 - 00002314 _____ C:\Users\Sebastian\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive fr fretag.lnk
Roaming\uTorrent
2017-02-19 00:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\
BBI
Local\CrashDumps
2017-02-16 19:17 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-02-14 23:03 - 2016-01-17 16:20 - 00000000 ____D C:\Users\Sebastian
ndows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-13 20:52 - 2016-11-30 19:55 - 00000000 ____D C:\ProgramData\WinSAPSvc
2017-02-13 20:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System
2017-02-09 19:17 - 2016-12-02 21:35 - 00000000 ____D C:\ProgramData\YTD Video Do
wnloader
2017-02-09 19:10 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-28 13:14 - 2016-10-10 22:37 - 00846800 _____ C:\Windows\system32\perfh01
5.dat
2017-01-28 13:14 - 2016-10-10 22:37 - 00187734 _____ C:\Windows\system32\perfc01
5.dat
2017-01-28 13:14 - 2016-01-17 16:16 - 02909910 _____ C:\Windows\system32\PerfStr
ingBackup.INI
2017-01-28 13:14 - 2016-01-16 21:31 - 00769366 _____ C:\Windows\system32\perfh01
D.dat
2017-01-28 13:14 - 2016-01-16 21:31 - 00173672 _____ C:\Windows\system32\perfc01
D.dat
2017-01-27 18:22 - 2016-02-22 17:01 - 00000000 ____D C:\Users\Sebastian\Desktop\
foty z pulpu
2017-01-27 18:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2017-02-24 18:50 - 2017-02-24 19:30 - 0003348 _____ () C:\Program Files (x86)\me
tadata
2017-02-24 18:50 - 2017-02-24 18:50 - 0000040 _____ () C:\Program Files (x86)\se
ttings.dat
2016-10-15 19:59 - 2016-10-15 19:59 - 0009668 _____ () C:\Users\Sebastian\AppDat
a\Local\recently-used.xbel
a\Local\resmon.resmoncfg
2016-01-21 22:30 - 2016-01-21 22:30 - 0000000 ____H () C:\ProgramData\DP45977C.l
fl
Some files in TEMP:
====================
a\Local\Temp\apm689F.exe
a\Local\Temp\apm7CC7.exe
a\Local\Temp\apm90E4.exe
a\Local\Temp\apmA4FC.exe
a\Local\Temp\apmAE46.exe
a\Local\Temp\apmEFE5.exe
2017-01-12 17:36 - 2017-01-12 17:37 - 26883792 _____ () C:\Users\Sebastian\AppDa
ta\Local\Temp\ins7327.tmp.exe
2017-01-18 18:33 - 2017-01-18 18:33 - 26967248 _____ () C:\Users\Sebastian\AppDa
ta\Local\Temp\inst12.exe
2016-09-23 20:04 - 2016-09-23 20:04 - 0737856 _____ (Oracle Corporation) C:\User
s\Sebastian\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-25 19:55 - 2017-01-25 19:55 - 0739904 _____ (Oracle Corporation) C:\User
s\Sebastian\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-10-20 18:26 - 2016-10-20 18:26 - 2458672 _____ (The OpenSSL Project, http:/
/www.openssl.org/) C:\Users\Sebastian\AppData\Local\Temp\libeay32.dll
2016-10-20 18:26 - 2016-10-20 18:26 - 0970912 _____ (Microsoft Corporation) C:\U
sers\Sebastian\AppData\Local\Temp\msvcr120.dll
a\Local\Temp\sqlite3.dll
a\Local\Temp\tdll.dll
2017-01-05 16:52 - 2017-01-05 16:52 - 0361472 _____ (update) C:\Users\Sebastian\
AppData\Local\Temp\~ctBC95.tmp.dll
a\Local\Temp\~ctD647.tmp.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-16 21:41
==================== End of FRST.txt ============================

FRST

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

FRST

Transféré par

Droits d'auteur :

Formats disponibles

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017

Ran by Sebastian (administrator) on DOKTORX (25-02-2017 10:47:52)

==================== One Month Created files and folders ========

Vous aimerez peut-être aussi