Премини към съдържанието

speedy912

Потребител
  • Публикации

    10
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за speedy912

  • Титла
    Потребител
  1. Това са следващите създадени лог файлове ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 7 Home Premium x64 Ran by Maria on бкЎ 05.09.2015 Ј. at 0:02:39,07 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\Windows\system32\tasks\EgisUpdate ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{38E8CBCA-CFE9-4948-89F9-753502A942E0} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{5EDA72E4-4586-4A35-8538-5A0F4B309C38} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{6EC1D4D7-3ACB-49E1-90B1-B26F84406AA3} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{8A2B32FC-676A-4D43-9204-5CFE9920DBAE} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{9378A697-A571-4250-B165-EC3C80BE3195} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{9D14771E-0224-4C3E-AECC-3C0F2C906E6A} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{A84646D7-F920-4D47-832D-3601F9A4F54F} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{B39AB570-D1A6-4B30-8CF0-4E5035C964CE} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{B5DDF131-B29F-4623-93BF-61CDCCD74DA5} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{B953EE2B-29A6-47E9-AA9E-1D060837A15F} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{DACAF9E6-AFA4-4426-A174-E4768EFA0360} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{E054F875-D11C-497B-AAF3-6898DD962750} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{F32D3C64-1638-40A9-844D-08CC9F82BAAF} Successfully deleted: [Empty Folder] C:\Users\Maria\Appdata\Local\{FF315428-E6F6-467B-8E9F-2415767622CF} Successfully deleted: [Folder] C:\Program Files (x86)\mobogenie Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec Successfully deleted: [Folder] C:\ProgramData\apn Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coupons Successfully deleted: [Folder] C:\Users\Maria\Appdata\Local\genienext Successfully deleted: [Folder] C:\Users\Maria\Appdata\Local\mobogenie ~~~ FireFox Emptied folder: C:\Users\Maria\AppData\Roaming\mozilla\firefox\profiles\jj20c8vy.default-1399660562603\minidumps [85 files] ~~~ Chrome [C:\Users\Maria\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Maria\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Maria\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Maria\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on бкЎ 05.09.2015 Ј. at 0:11:13,84 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v5.005 - Logfile created 05/09/2015 at 00:26:28 # Updated 31/08/2015 by Xplode # Database : 2015-09-04.4 [server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Maria - Maria-PC # Running from : C:\Users\Maria\Downloads\adwcleaner_5.005.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Users\Maria\AppData\Roaming\SecureSearch [-] Folder Deleted : C:\Users\Maria\Documents\Mobogenie ***** [ Files ] ***** [-] File Deleted : C:\END [-] File Deleted : C:\Users\Maria\daemonprocess.txt ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon] [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C} [-] Key Deleted : HKCU\Software\Conduit [-] Key Deleted : HKCU\Software\Myfree Codec [-] Key Deleted : HKLM\SOFTWARE\Myfree Codec [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} [!] Key Not Deleted : [x64] HKCU\Software\Conduit [!] Key Not Deleted : [x64] HKCU\Software\Myfree Codec ***** [ Web browsers ] ***** ************************* :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2583 bytes] ########## ~ ZHPCleaner v2015.9.4.342 by Nicolas Coolman (2015/09/04) ~ Run by Maria (Administrator) (05/09/2015 00:52:10) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Maria\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Maria\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (2) MOVED folder: C:\Windows\Installer\MSI5D6C.tmp- =>Empty MOVED folder: C:\Windows\Installer\MSI5FB9.tmp- =>Empty ---\\ Registry ( Key, Value, Data) (1) DELETED key*: [X64] HKLM\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1 [cpbrkpie Control] =>PUP.Optional.CouponBar ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Google Chrome) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 1238 ~ Items found : 0 ~ Items cancelled : 0 ~ Items repaired : 3 ~ End of clean in 0 minutes =================== ZHPCleaner-[R]-05092015-00_52_45.txt ZHPCleaner--05092015-00_47_45.txt FSS.txt
  2. Изпълних стъпките а в прикачени са новите лог файлове от FRST Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4.9.2015 г. Scan Time: 15:11 ч. Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.09.04.05 Rootkit Database: v2015.08.16.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Maria Scan Type: Threat Scan Result: Completed Objects Scanned: 376672 Time Elapsed: 53 min, 18 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.Conduit, HKU\S-1-5-21-2347407579-307350475-1959961940-1001\SOFTWARE\CONDUIT\FF, Quarantined, [ba2b35f66b20a4929f93730fbf4505fb], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 11 PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [885d0625c5c677bfa1d713e30002cb35], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826\content, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826\content\tb, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826\content\tb\al, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826\content\tb\al\options, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.Conduit, C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\waha7wag.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\Chrome\CT3225826\content\tb\al\options\js, Quarantined, [00e599929af13ef856630cf117eb10f0], PUP.Optional.NextLive, C:\Users\Maria\AppData\Roaming\newnext.me, Quarantined, [39ac23083d4e5ed8364d868d11f28a76], PUP.Optional.NextLive, C:\Users\Maria\AppData\Roaming\newnext.me\cache, Quarantined, [39ac23083d4e5ed8364d868d11f28a76], Files: 2 PUP.Optional.NextLive, C:\Users\Maria\AppData\Roaming\newnext.me\nengine.cookie, Quarantined, [39ac23083d4e5ed8364d868d11f28a76], PUP.Optional.NextLive, C:\Users\Maria\AppData\Roaming\newnext.me\cache\spark.bin, Quarantined, [39ac23083d4e5ed8364d868d11f28a76], Physical Sectors: 0 (No malicious items detected) (end) Fixlog.txt Addition.txt FRST.txt
  3. Генерирах новите лог файлове, качих ги като прикачени, надявам се няма проблем FRST.txt Addition.txt
  4. Да, ако можете да дадете съвет.
  5. Здравейте, имам проблем със стартирането на Windows 7, стартира като XP - лентата с менюто Старт и програмите, а после висва и трябва да го рестарирам. След като го рестартирам работи нормално, но забива почти всичко на лаптопа. Така е при всяко пускане. Иначе Мозилата работи добре. Моля някой да даде съвет. Благодаря Ето и лог файловете Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-08-2015 Ran by Maria (administrator) on Maria-PC (29-08-2015 12:25:36) Running from C:\Users\Maria\Downloads Loaded Profiles: Maria (Available Profiles: Maria) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (BitTorrent Inc.) C:\Users\Maria\AppData\Roaming\BitTorrent\BitTorrent.exe (Spotify Ltd) C:\Users\Maria\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Maria\AppData\Roaming\Spotify\Spotify.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Dropbox, Inc.) C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Spotify Ltd) C:\Users\Maria\AppData\Roaming\Spotify\SpotifyCrashService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Users\Maria\AppData\Roaming\Spotify\Spotify.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Spotify Ltd) C:\Users\Maria\AppData\Roaming\Spotify\Spotify.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe () C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-09] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-09] (Atheros Commnucations) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-02] (Synaptics Incorporated) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-08] (Acer Incorporated) HKLM\...\Run: [instantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] () HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2014-09-29] (Copyright 2013 SAMSUNG) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-24] (Dritek System Inc.) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [bitTorrent] => C:\Users\Maria\AppData\Roaming\BitTorrent\BitTorrent.exe [1698152 2015-08-19] (BitTorrent Inc.) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [spotify Web Helper] => C:\Users\Maria\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-26] (Spotify Ltd) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [spotify] => C:\Users\Maria\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-26] (Spotify Ltd) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [Dropbox Update] => C:\Users\Maria\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1015104 2015-03-24] (Samsung) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13] ShortcutTarget: Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2347407579-307350475-1959961940-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR HKU\S-1-5-21-2347407579-307350475-1959961940-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp HKU\S-1-5-21-2347407579-307350475-1959961940-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=U218DHP&pc=U218 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope value is missing BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{68859187-D387-4013-8A93-72D7ED5C7549}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-06] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2014-10-24] (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-14] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-14] (Apple Inc.) FF Extension: Lindsay Lohan - C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603\Extensions\5efd979e8a7311e1ac5712313d1adcbe@jetpack.xpi [2014-12-18] FF Extension: Sportingbet България - C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603\Extensions\jid1-j6i82dunTFcYiA@jetpack.xpi [2014-10-19] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2013-10-17] FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2013-10-17] Chrome: ======= CHR Profile: C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-09] (Atheros Commnucations) [File not signed] S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-03] (WildTangent) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-09-29] (Copyright 2013 SAMSUNG) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-28] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-10-31] (GFI Software) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X] S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-29 12:25 - 2015-08-29 12:27 - 00025989 _____ C:\Users\Maria\Downloads\FRST.txt 2015-08-29 12:09 - 2015-08-29 12:09 - 02186752 _____ (Farbar) C:\Users\Maria\Downloads\FRST64.exe 2015-08-29 11:42 - 2015-08-29 11:42 - 00000000 ___RD C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-08-28 23:51 - 2015-08-29 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-20 01:04 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-20 01:04 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-20 01:04 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-20 01:04 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-13 16:41 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-13 16:41 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 22:17 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 22:17 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-12 22:17 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 22:17 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 22:17 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 22:17 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 22:17 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 22:17 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 22:17 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 22:17 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 22:17 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-12 22:17 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-12 22:17 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 22:17 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-12 22:17 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-12 22:17 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 22:17 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-08-12 22:17 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-08-12 22:17 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 22:17 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-12 22:17 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-12 22:17 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-12 22:17 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-12 22:17 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 22:17 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 22:17 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 22:17 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 22:16 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 22:16 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 22:16 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 22:16 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 22:16 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 22:16 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 22:16 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 22:16 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 22:16 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 22:16 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 22:16 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 22:16 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 22:16 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 22:16 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 22:16 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 22:16 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-12 22:16 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 22:16 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 22:16 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 22:16 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 22:16 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 22:16 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-12 22:16 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-12 22:16 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 22:16 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 22:16 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 22:16 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-12 22:16 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 22:16 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 22:11 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 22:11 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 22:11 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 22:11 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 22:11 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 22:11 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 22:11 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 22:11 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 22:11 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 22:11 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 22:11 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-12 22:11 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-12 22:10 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 22:10 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 22:10 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 22:10 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-12 22:10 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-12 22:10 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-12 22:10 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 22:10 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 22:10 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 22:10 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 22:10 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-12 22:10 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 22:10 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-12 22:10 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 22:10 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 22:10 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-12 22:10 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 22:10 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-12 22:10 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-12 22:10 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-12 22:10 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-12 22:10 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-12 22:10 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-12 22:10 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-12 22:10 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-12 22:10 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-12 22:10 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-12 22:10 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-12 22:10 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-12 22:10 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-12 22:10 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-12 22:10 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 22:10 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 22:10 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 22:10 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-12 22:10 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-12 22:10 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 22:10 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-12 22:09 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 22:09 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 22:09 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-08-12 22:09 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 22:09 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 22:09 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-12 22:09 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 22:05 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 22:05 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-12 22:05 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 22:05 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-12 22:05 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 22:05 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-12 22:05 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-12 22:05 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 22:05 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 22:05 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 22:05 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 22:05 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 22:05 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 22:05 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 22:05 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 22:05 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 22:05 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-12 22:05 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-12 22:05 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 22:05 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 22:05 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 22:05 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 22:05 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 22:04 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 22:04 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 22:04 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 22:04 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 22:04 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 22:04 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 22:04 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 22:04 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 22:04 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-12 22:04 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 22:04 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 22:04 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 22:03 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-12 19:06 - 2015-08-12 19:06 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-06 23:06 - 2015-08-06 23:06 - 00000000 ____D C:\Users\Maria\AppData\Local\CEF 2015-07-30 21:56 - 2015-07-30 21:58 - 00000000 ____D C:\Users\Maria\Desktop\New folder 2015-07-30 21:37 - 2015-07-30 21:40 - 00000000 ____D C:\Users\Maria\Desktop\Stage 20 Etape 20 Modane Valfréjus - Alpe d’Huez 2015-07-30 21:32 - 2015-07-30 21:58 - 00000000 ____D C:\Users\Maria\Desktop\Stage 21 Etape 21 - Sèvres Paris 2015-07-30 21:25 - 2015-07-30 21:26 - 00000000 ____D C:\Users\Maria\Desktop\TDF2015 2015-07-30 20:07 - 2015-07-30 20:07 - 00000000 ____D C:\Users\Maria\AppData\Local\{38E8CBCA-CFE9-4948-89F9-753502A942E0} 2015-07-30 13:49 - 2015-07-30 13:50 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2015-07-30 13:49 - 2015-07-30 13:49 - 00001944 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-07-30 13:49 - 2015-07-30 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-07-30 13:48 - 2015-07-30 13:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-07-30 13:48 - 2015-07-30 13:48 - 00002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-07-30 13:47 - 2015-07-30 13:47 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-30 13:30 - 2015-07-30 13:30 - 05012928 _____ (Adobe Systems Inc.) C:\Users\Maria\Downloads\Shockwave_Installer_Slim.exe 2015-07-30 13:30 - 2015-07-30 13:30 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2015-07-30 13:18 - 2015-08-29 11:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-30 13:18 - 2015-07-30 13:18 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-07-30 13:18 - 2015-07-30 13:18 - 00001111 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-29 12:25 - 2014-10-20 11:40 - 00000000 ____D C:\FRST 2015-08-29 12:24 - 2014-02-18 21:11 - 00000000 ____D C:\Users\Maria\AppData\Roaming\BitTorrent 2015-08-29 12:23 - 2013-10-17 19:20 - 00000324 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2015-08-29 12:22 - 2014-03-07 22:30 - 00000000 ___RD C:\Users\Maria\Dropbox 2015-08-29 12:17 - 2012-06-14 06:30 - 01262726 _____ C:\Windows\WindowsUpdate.log 2015-08-29 12:13 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-29 12:13 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-29 11:56 - 2014-03-03 17:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-29 11:48 - 2015-06-18 22:37 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2347407579-307350475-1959961940-1001UA.job 2015-08-29 11:46 - 2014-03-04 22:50 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Spotify 2015-08-29 11:44 - 2014-03-07 22:28 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Dropbox 2015-08-29 11:44 - 2013-10-16 15:48 - 00003799 _____ C:\Windows\wininit.ini 2015-08-29 11:44 - 2013-10-15 07:56 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Skype 2015-08-29 11:43 - 2014-03-04 22:51 - 00000000 ____D C:\Users\Maria\AppData\Local\Spotify 2015-08-29 11:41 - 2012-06-14 06:44 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-08-29 11:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-29 11:41 - 2009-07-14 06:51 - 00171369 _____ C:\Windows\setupact.log 2015-08-28 22:59 - 2009-07-14 07:08 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-28 01:02 - 2014-03-12 15:46 - 11040256 ___SH C:\Users\Maria\Desktop\Thumbs.db 2015-08-27 20:51 - 2015-06-18 22:37 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2347407579-307350475-1959961940-1001Core.job 2015-08-26 19:30 - 2014-03-09 19:38 - 00000000 ____D C:\The KMPlayer 2015-08-26 18:57 - 2012-06-14 06:44 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-08-23 23:03 - 2014-10-27 17:44 - 00000000 ____D C:\Users\Maria\AppData\Local\Adobe 2015-08-17 11:40 - 2010-11-21 05:47 - 01234524 _____ C:\Windows\PFRO.log 2015-08-16 00:37 - 2009-07-14 07:13 - 00782744 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-15 11:39 - 2012-03-28 21:18 - 00000000 ____D C:\ProgramData\Skype 2015-08-14 00:04 - 2014-03-21 16:28 - 00541184 ___SH C:\Users\Maria\Downloads\Thumbs.db 2015-08-13 18:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-08-13 16:51 - 2009-07-14 06:45 - 02281736 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 16:48 - 2014-12-11 12:12 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 16:48 - 2014-04-24 09:38 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-13 16:41 - 2013-10-31 06:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-13 16:39 - 2013-10-31 06:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-13 16:39 - 2013-10-31 06:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-13 16:28 - 2013-10-16 12:02 - 00000000 ____D C:\Windows\system32\MRT 2015-08-13 16:19 - 2013-10-16 12:02 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-12 21:23 - 2014-03-03 17:33 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 21:23 - 2014-03-03 17:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 21:23 - 2014-03-03 17:33 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-08 13:57 - 2013-10-15 07:03 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Atheros 2015-08-07 19:18 - 2013-11-22 12:38 - 00000000 ____D C:\Users\Maria\Documents\Bluetooth Folder 2015-08-07 18:37 - 2013-10-25 17:12 - 00000000 ____D C:\Users\Maria\AppData\Local\CrashDumps 2015-08-07 00:14 - 2015-07-10 15:39 - 00000000 ___HD C:\$Windows.~BT 2015-08-06 23:33 - 2012-03-24 03:58 - 00000000 ____D C:\Windows\Panther 2015-08-04 00:55 - 2013-12-16 00:09 - 00000000 ____D C:\Users\Maria\Downloads\Taken.2.2012.BGSUB.NTSC.DVDR-WAR 2015-07-30 13:53 - 2014-03-11 13:22 - 00000000 ____D C:\NVIDIA 2015-07-30 13:48 - 2015-06-24 21:44 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-30 13:47 - 2012-03-28 20:57 - 00000000 ____D C:\ProgramData\Adobe 2015-07-30 13:44 - 2014-01-16 12:12 - 00614432 _____ (www.patchmypc.net) C:\Users\Maria\Downloads\PatchMyPC.exe ==================== Files in the root of some directories ======= 2014-07-26 20:44 - 2014-07-26 20:44 - 0000134 _____ () C:\Users\Maria\AppData\Local\bet365PokerPal_SettingsPath.txt 2012-06-14 06:58 - 2012-06-14 07:01 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log 2012-06-14 07:00 - 2012-06-14 07:00 - 0000032 _____ () C:\ProgramData\PS.log Some files in TEMP: ==================== C:\Users\Maria\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8hwit1.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-26 14:39 ==================== End of FRST.txt ============================ Addition.txt
  6. Здравейте, включих си компютъра, стартирах Мозилата, но страницата и беше изцяло променена - всичко беше в син цвят. После стартирах Експлорера - той също беше по същия начин. И двата браузъра стартираха много бавно. Когато отварях интернет страници ми показваше съобщение че Shockwave Flash е спрян. Лентата с менюто Старт доби вида на лентата от XP, часовника ми е с два часа назад и ми дава съобщение за грешка - Spyware and unwanted software protection - Windows Defender е изключен. Програмите в компютъра отварят бавно. Направих рестарт и всичко изчезна, но пак имам съмнение за вирус. Това случайно ли е? Да, компютъра ми разполага с компакт диск Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014 Ran by Maria (administrator) on Maria-PC on 20-10-2014 11:40:48 Running from C:\Users\Maria\Downloads Loaded Profile: Maria (Available profiles: Maria) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Users\Maria\AppData\Local\bet365PokerPal\Bet365PokerPal_service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Kessem Holdings Limited) C:\Users\Maria\AppData\Local\bet365PokerPal\bet365PokerPalLauncher.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe (Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (BitTorrent Inc.) C:\Users\Maria\AppData\Roaming\BitTorrent\BitTorrent.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (CyberLink) C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Kesemoholdings Limited) C:\Users\Maria\AppData\Local\bet365PokerPal\Bet365PokerPal.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Dropbox, Inc.) C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-09] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-09] (Atheros Commnucations) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-02] (Synaptics Incorporated) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-08] (Acer Incorporated) HKLM\...\Run: [instantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] () HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG) HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-24] (Dritek System Inc.) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Maria\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\Run: [bitTorrent] => C:\Users\Maria\AppData\Roaming\BitTorrent\BitTorrent.exe [1387864 2014-10-08] (BitTorrent Inc.) HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\MountPoints2: {1d63c657-8fd9-11e3-b9d4-74e5430eb366} - F:\AutoRun.exe HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\MountPoints2: {6b4f67f3-3656-11e3-ab3c-206a8a869576} - E:\SETUP.EXE /AUTORUN HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\MountPoints2: {b98051d1-8a5e-11e3-8263-74e5430eb366} - F:\AutoRun.exe HKU\S-1-5-21-2347407579-307350475-1959961940-1001\...\MountPoints2: {b98051dd-8a5e-11e3-8263-74e5430eb366} - F:\AutoRun.exe HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U218DHP&pc=U218 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6A109DE4-0E5A-4AD6-9CBE-F5EA3E9FC88B}: [NameServer] Tcpip\..\Interfaces\{87930B5A-50D0-4520-8C93-3B2FD53B6501}: [NameServer] FireFox: ======== FF ProfilePath: C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml FF Extension: Lightbeam - C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-05-09] FF Extension: Sportingbet България - C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\jj20c8vy.default-1399660562603\Extensions\jid1-j6i82dunTFcYiA@jetpack.xpi [2014-10-19] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2013-10-17] FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2013-10-17] Chrome: ======= CHR Profile: C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed] R2 bet365PokerPal; C:\Users\Maria\AppData\Local\bet365PokerPal\bet365PokerPalLauncher.exe [212456 2014-07-22] (Kessem Holdings Limited) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-03] (WildTangent) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG) S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2014-01-31] () R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-28] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-17] (Disc Soft Ltd) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-10-31] (GFI Software) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2014-01-31] (Huawei Technologies Co., Ltd.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 11:40 - 2014-10-20 11:41 - 00021672 _____ () C:\Users\Maria\Downloads\FRST.txt 2014-10-20 11:40 - 2014-10-20 11:40 - 00000000 ____D () C:\FRST 2014-10-20 11:27 - 2014-10-20 11:27 - 00000000 ___RD () C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-10-20 11:03 - 2014-10-20 11:04 - 01102848 _____ (Farbar) C:\Users\Maria\Downloads\FRST.exe 2014-10-20 10:59 - 2014-10-20 10:59 - 02111488 _____ (Farbar) C:\Users\Maria\Downloads\FRST64.exe 2014-10-18 12:06 - 2014-10-19 16:36 - 00000000 ____D () C:\Users\Maria\Desktop\Счетоводство 1 2014-10-18 11:57 - 2014-10-18 12:49 - 00000000 ____D () C:\Users\Maria\Desktop\Световна икономика 2014-10-15 12:18 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 12:18 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 12:18 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 12:18 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 12:18 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 12:18 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 12:18 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 12:17 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 12:17 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 12:17 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 12:17 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 12:17 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 12:17 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 12:17 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 12:17 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 12:17 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 12:17 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 12:17 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 12:17 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 12:17 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 12:17 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 12:17 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 12:17 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 12:17 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 12:17 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 12:17 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 12:17 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 12:17 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 12:17 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 12:17 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-15 12:17 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 12:17 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 12:17 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 12:17 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 12:17 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 12:17 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 12:17 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 12:17 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 12:17 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 12:17 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 12:17 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 12:17 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 12:17 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 12:17 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 12:16 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-15 12:16 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-15 12:16 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-15 12:16 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-15 12:16 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 12:16 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 12:16 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 12:16 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 12:16 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 12:16 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-15 12:16 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 12:16 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 12:16 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 12:16 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 12:16 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-15 12:16 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 12:16 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 12:16 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-15 12:16 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-15 12:16 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 12:16 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 12:16 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-15 12:16 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-15 12:16 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 12:16 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-15 12:16 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-15 12:16 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-15 12:16 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 12:16 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 12:16 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 12:16 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-15 12:16 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-15 12:16 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-15 12:16 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 12:16 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 12:16 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 12:16 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-15 12:16 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 12:16 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-15 12:16 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-15 12:16 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-15 12:16 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-15 12:16 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 12:16 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-15 12:16 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-15 12:16 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-15 12:16 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 12:16 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-15 12:16 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 12:16 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-15 12:16 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 12:16 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-15 12:16 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-15 12:16 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-15 12:16 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 12:15 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 12:15 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-15 12:15 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 12:15 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-15 12:14 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-15 12:14 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-15 12:14 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 12:14 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 12:14 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 12:14 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-15 12:14 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-15 12:14 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 12:14 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-15 12:13 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 12:13 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-15 12:13 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 12:13 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 12:13 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 12:13 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-15 12:13 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-15 12:13 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 12:13 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-15 12:13 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-15 12:13 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-15 12:13 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 12:13 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-03 00:17 - 2014-10-03 00:17 - 00035328 _____ () C:\Users\Maria\Downloads\British_Airways.ppt 2014-10-03 00:14 - 2014-10-18 13:00 - 00000000 ____D () C:\Users\Maria\Desktop\Планиране и прогнозиране 2014-10-02 11:53 - 2014-10-02 11:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-01 19:56 - 2014-10-01 19:56 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-01 19:56 - 2014-10-01 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-01 19:55 - 2014-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-01 19:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-01 19:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2014-10-01 19:53 - 2014-10-01 19:53 - 00000000 ____D () C:\Program Files (x86)\Evernote 2014-10-01 19:46 - 2014-10-01 19:56 - 00000000 ____D () C:\PatchMyPCUpdates 2014-10-01 19:44 - 2014-10-01 19:44 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-10-01 19:44 - 2014-10-01 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-01 19:41 - 2014-10-01 19:43 - 112794960 _____ (Apple Inc.) C:\Users\Maria\Downloads\iTunes64Setup(1).exe 2014-10-01 19:36 - 2014-10-01 19:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-01 19:36 - 2014-10-01 19:44 - 00000000 ____D () C:\Program Files\iTunes 2014-10-01 19:36 - 2014-10-01 19:43 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-01 19:36 - 2014-10-01 19:36 - 00000000 ____D () C:\Program Files\iPod 2014-10-01 19:20 - 2014-10-01 19:20 - 00130048 _____ (CodePlex Community) C:\Users\Maria\Downloads\Microsoft.Win32.TaskScheduler.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-10-01 19:15 - 2014-10-01 19:15 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-10-01 19:15 - 2014-10-01 19:15 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-10-01 19:15 - 2014-10-01 19:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-10-01 19:15 - 2014-10-01 19:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-10-01 19:15 - 2014-10-01 19:15 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-10-01 19:15 - 2014-10-01 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-10-01 19:15 - 2014-10-01 19:15 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-10-01 19:14 - 2014-10-01 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-10-01 19:14 - 2014-10-01 19:14 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-10-01 19:14 - 2014-10-01 19:14 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-10-01 19:14 - 2014-10-01 19:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-10-01 19:14 - 2014-10-01 19:14 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-10-01 18:59 - 2014-10-01 19:01 - 60112520 _____ (Microsoft Corporation) C:\Users\Maria\Downloads\EIE11_BG-BG_WOL_WIN764.EXE 2014-10-01 18:53 - 2014-10-01 18:55 - 122452224 _____ (Microsoft Corporation) C:\Users\Maria\Downloads\msert.exe 2014-10-01 18:45 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 18:45 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-25 00:23 - 2014-09-25 00:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-24 11:54 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 11:54 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 11:41 - 2014-02-18 21:11 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\BitTorrent 2014-10-20 11:39 - 2012-06-14 06:30 - 01411814 _____ () C:\Windows\WindowsUpdate.log 2014-10-20 11:35 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-20 11:35 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-20 11:31 - 2014-03-07 22:30 - 00000000 ___RD () C:\Users\Maria\Dropbox 2014-10-20 11:29 - 2014-03-07 22:28 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Dropbox 2014-10-20 11:27 - 2014-03-09 19:41 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\newnext.me 2014-10-20 11:27 - 2012-06-14 06:44 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2014-10-20 11:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-20 11:26 - 2009-07-14 06:51 - 00105388 _____ () C:\Windows\setupact.log 2014-10-20 11:21 - 2014-03-04 22:50 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Spotify 2014-10-20 11:16 - 2014-03-21 16:28 - 00427520 ___SH () C:\Users\Maria\Downloads\Thumbs.db 2014-10-20 11:11 - 2014-03-12 15:46 - 03131904 ___SH () C:\Users\Maria\Desktop\Thumbs.db 2014-10-20 11:11 - 2013-10-25 17:12 - 00000000 ____D () C:\Users\Maria\AppData\Local\CrashDumps 2014-10-20 11:09 - 2009-07-14 07:08 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-20 10:27 - 2014-03-04 22:51 - 00000000 ____D () C:\Users\Maria\AppData\Local\Spotify 2014-10-20 00:26 - 2013-10-17 19:20 - 00000324 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job 2014-10-19 23:56 - 2014-03-03 17:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-19 18:20 - 2012-06-14 06:44 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2014-10-17 11:18 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-10-17 00:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-16 13:04 - 2014-03-09 19:38 - 00000000 ____D () C:\The KMPlayer 2014-10-16 00:40 - 2009-07-14 06:45 - 02281736 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 00:37 - 2014-04-24 09:38 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-16 00:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-16 00:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-16 00:25 - 2013-10-16 12:02 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 00:02 - 2013-10-16 12:02 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-14 18:27 - 2013-11-22 12:38 - 00000000 ____D () C:\Users\Maria\Documents\Bluetooth Folder 2014-10-02 21:00 - 2013-10-15 07:03 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Atheros 2014-10-02 20:59 - 2014-01-02 22:06 - 00001417 _____ () C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-02 20:57 - 2014-02-23 13:27 - 00000000 ____D () C:\Program Files\WinRAR 2014-10-02 20:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-10-01 19:56 - 2014-02-23 13:27 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-10-01 19:56 - 2014-02-23 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-10-01 19:56 - 2014-01-03 13:24 - 00000000 ____D () C:\Users\Maria\AppData\Roaming\Malwarebytes 2014-10-01 19:56 - 2014-01-03 13:23 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-01 19:31 - 2014-01-02 21:56 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-10-01 19:31 - 2013-12-04 13:15 - 00038543 _____ () C:\Windows\IE11_main.log 2014-10-01 19:08 - 2014-01-16 12:12 - 00421960 _____ (www.patchmypc.net) C:\Users\Maria\Downloads\PatchMyPC.exe 2014-09-25 20:39 - 2014-01-05 23:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-25 10:33 - 2014-09-15 11:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-22 14:44 - 2013-10-15 06:56 - 00000000 ____D () C:\Users\Maria 2014-09-22 14:43 - 2010-11-21 05:47 - 01228364 _____ () C:\Windows\PFRO.log 2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Some content of TEMP: ==================== C:\Users\Maria\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqxbpoj.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-17 00:04 ==================== End Of Log ============================ Addition.txt
  7. Здравейте, дръпнах си приложението Samsung Smart View на телефона и го свързах с телевизора за да гледам картина, но то работи само като дистанционно. Пробвах и през Wi-Fi Direct, за по-устойчива връзка, но не стана. Изчистих кеша и данните от приложението, но няма резултат. Показва ми съобщение че трябва да настроя Универсалното дистанционно. Някой да има подобен проблем или пък идеи как да се гледа телевизия?
  8. Здравейте, изпълних 4-те стъпки, стартирах експлорера и началната страница е вече msn.com, delta-homes.com е премахнат! Мога ли да съм сигурен, че проблема е решен? Благодаря! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.9 (01.01.2014:1)OS: Windows 7 Home Premium x64Ran by Maria on ­Ґ¤ 05.01.2014 Ј. at 13:44:22,45~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ FilesSuccessfully deleted: [File] "C:Program Files (x86)mozilla firefoxpluginsnpcouponprinter.dll"Successfully deleted: [File] "C:Program Files (x86)mozilla firefoxpluginsnpmozcouponprinter.dll"~~~ FoldersSuccessfully deleted: [Folder] "C:Program Files (x86)coupons"Successfully deleted: [Empty Folder] C:UsersMariaappdatalocal{3F29B976-651D-473A-8948-F1B06F5A923A}Successfully deleted: [Empty Folder] C:UsersMariaappdatalocal{780E6384-CC89-4C0C-917C-E8D96272F594}~~~ FireFoxEmptied folder: C:UsersMariaAppDataRoamingmozillafirefoxprofileswaha7wag.defaultminidumps [1 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on ­Ґ¤ 05.01.2014 Ј. at 13:55:11,88End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleanerS0.txt mbam-log-2014-01-05 (14-03-36).txt FRST.txt Addition.txt
  9. Здравейте, имам проблем с IE и началната страница, на която се е забила търсачката Delta Homes. От bing.com внезапно беше променена на delta-homes.com. Опитах се по няколко начина да променя стартовата страница, но каквото и да направя, не мога. На няколко пъти ми забиваше и нета. Моля ви за помощ! DDS (Ver_2011-09-30.01) - NTFS_AMD64Internet Explorer: 8.0.7601.17514Run by Maria at 23:16:18 on 2014-01-04Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.5938.3510 [GMT 2:00].AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k RPCSSc:Program FilesMicrosoft Security ClientMsMpEng.exeC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Program FilesNVIDIA CorporationDisplaynvxdsync.exeC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32WLANExt.exeC:Windowssystem32conhost.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkc:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exeC:Program Files (x86)Bluetooth Suiteadminservice.exeC:Program FilesBonjourmDNSResponder.exeC:Program Files (x86)Launch Managerdsiwmis.exeC:Program FilesAcerAcer ePower ManagementePowerSvc.exeC:Program Files (x86)Launch ManagerLMutilps32.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:Program Files (x86)AcerRegistrationGREGsvc.exeC:Program FilesInteliCLS ClientHeciServer.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exeC:Program FilesAcerAcer UpdaterUpdaterService.exeC:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exeC:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exeC:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exeC:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exeC:Windowssystem32taskhost.exeC:Windowssystem32svchost.exe -k imgsvcC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program Files (x86)AtherosAth_WlanAgent.exeC:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exeC:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXEC:Windowssystem32SearchIndexer.exeC:WindowsSystem32igfxtray.exeC:Windowssystem32svchost.exe -k bthsvcsC:WindowsSystem32hkcmd.exeC:Windowssystem32svchost.exe -k NetworkServiceNetworkRestrictedC:WindowsSystem32igfxpers.exeC:Program FilesRealtekAudioHDARAVCpl64.exeC:Program FilesRealtekAudioHDARAVBg64.exeC:Program Files (x86)Bluetooth SuiteBtvStack.exeC:Program Files (x86)Bluetooth SuiteAthBtTray.exeC:Program FilesSynapticsSynTPSynTPEnh.exeC:Program FilesAcerAcer ePower ManagementePowerTray.exeC:Program FilesMicrosoft Security Clientmsseces.exeC:UsersMariaAppDataRoaminguTorrentuTorrent.exeC:Program FilesNVIDIA CorporationDisplaynvtray.exeC:WindowsSystem32StikyNot.exeC:UsersMariaAppDataRoamingSpotifyDataSpotifyWebHelper.exeC:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exeC:Dolby PCEE4pcee4.exeC:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exeC:Program Files (x86)Launch ManagerLManager.exeC:Windowssystem32igfxext.exeC:Windowssystem32taskeng.exeC:Program Files (x86)HPHP Software Updatehpwuschd2.exeC:Windowssystem32igfxsrvc.exeC:Program Files (x86)iTunesiTunesHelper.exeC:Program Files (x86)Launch ManagerMMDx64Fx.exeC:WindowsSystem32svchost.exe -k LocalServicePeerNetC:Windowssystem32wbemunsecapp.exeC:Program Files (x86)Launch ManagerLMworker.exeC:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXEC:Windowssystem32wbemwmiprvse.exeC:Program Files (x86)CyberlinkMediaEspressoDeviceDetectorDeviceDetector.exeC:Program FilesiPodbiniPodService.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Program FilesAcerAcer ePower ManagementePowerEvent.exeC:Windowssystem32DllHost.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:Program Files (x86)NeroUpdateNASvc.exeC:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exeC:Program FilesAcerAcer Instant ServiceInstantUpdateiuBrowserIEAgent.exeC:Windowssystem32conhost.exeC:Program FilesAcerAcer Instant ServiceInstantUpdateiuEmailOutlookAgent.exeC:Windowssystem32conhost.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:Program FilesEgisTec IPSPMMUpdate.exeC:Program FilesEgisTec IPSEgisUpdate.exeC:Windowssystem32wuauclt.exeC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exeC:Windowssystem32svchost.exe -k SDRSVCC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://msn.com/uSearch Bar = PreserveuSearch Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRmSearch Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}mDefault_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}mWinlogon: Userinit = userinit.exe,TB: @C:Program Files (x86)MSN ToolbarPlatform6.3.2291.0npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:Program Files (x86)MSN ToolbarPlatform6.3.2291.0npwinext.dlluRun: [uTorrent] "C:UsersMariaAppDataRoaminguTorrentuTorrent.exe" /MINIMIZEDuRun: [DAEMON Tools Lite] "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorunuRun: [RESTART_STICKY_NOTES] C:WindowsSystem32StikyNot.exeuRun: [spotify Web Helper] "C:UsersMariaAppDataRoamingSpotifyDataSpotifyWebHelper.exe"uRun: [spotify] "C:UsersMariaAppDataRoamingSpotifyspotify.exe" /uri spotify:autostartmRun: [Norton Online Backup] C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exemRun: [backupManagerTray] "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -kmRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostartmRun: [uSB3MON] "C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe"mRun: [LManager] C:Program Files (x86)Launch ManagerLManager.exemRun: [suiteTray] "C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe"mRun: [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exemRun: [Microsoft Default Manager] "C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe" -resumemRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottimemRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"mRun: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204TCP: NameServer = 95.169.200.3 95.169.200.4TCP: Interfaces{68859187-D387-4013-8A93-72D7ED5C7549} : DHCPNameServer = 95.169.200.3 95.169.200.4Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livesspx64-mSearch Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}x64-mDefault_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exex64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exex64-Run: [Persistence] C:WindowsSystem32igfxpers.exex64-Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -sx64-Run: [RtHDVBg_Dolby] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE4x64-Run: [AtherosBtStack] "C:Program Files (x86)Bluetooth SuiteBtvStack.exe"x64-Run: [AthBtTray] "C:Program Files (x86)Bluetooth SuiteAthBtTray.exe"x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exex64-Run: [Power Management] C:Program FilesAcerAcer ePower ManagementePowerTray.exex64-Run: [instantUpdate] C:Program FilesAcerAcer Instant ServiceInstantUpdateiuDaemon.exex64-Run: [MSC] "c:Program FilesMicrosoft Security Clientmsseces.exe" -hide -runkeyx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:UsersMariaAppDataRoamingMozillaFirefoxProfileswaha7wag.defaultFF - plugin: C:PROGRA~2COMMON~1NeroBROWSE~1npBrowserPlugin.dllFF - plugin: C:PROGRA~2MICROS~4Office14NPSPWRAP.DLLFF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dllFF - plugin: C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dllFF - plugin: C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dllFF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrlui.dllFF - plugin: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered0NP_wtapp.dllFF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dllFF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_9_900_170.dll.============= SERVICES / DRIVERS ===============.R0 gfibto;gfibto;C:WindowsSystem32driversgfibto.sys [2013-10-31 14456]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:WindowsSystem32driversiusb3hcs.sys [2012-6-14 16152]R0 MpFilter;Microsoft Malware Protection Driver;C:WindowsSystem32driversMpFilter.sys [2013-9-27 248240]R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2012-6-14 28992]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2013-10-16 283200]R1 mwlPSDFilter;mwlPSDFilter;C:WindowsSystem32driversmwlPSDFilter.sys [2012-6-14 22648]R1 mwlPSDNServ;mwlPSDNServ;C:WindowsSystem32driversmwlPSDNserv.sys [2012-6-14 20520]R1 mwlPSDVDisk;mwlPSDVDisk;C:WindowsSystem32driversmwlPSDVDisk.sys [2012-6-14 62776]R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904]R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2013-9-3 65640]R2 AtherosSvc;AtherosSvc;C:Program Files (x86)Bluetooth SuiteAdminService.exe [2012-3-9 107648]R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2013-4-22 822504]R2 DsiWMIService;Dritek WMI Service;C:Program Files (x86)Launch Managerdsiwmis.exe [2012-6-14 355920]R2 ePowerSvc;ePower Service;C:Program FilesAcerAcer ePower ManagementePowerSvc.exe [2012-6-14 871296]R2 GREGService;GREGService;C:Program Files (x86)AcerRegistrationGREGsvc.exe [2012-2-29 28264]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-3 628448]R2 Intel® ME Service;Intel® ME Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [2012-6-14 127320]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2012-6-14 162648]R2 Live Updater Service;Live Updater Service;C:Program FilesAcerAcer UpdaterUpdaterService.exe [2012-3-28 255376]R2 NAUpdate;Nero Update;C:Program Files (x86)NeroUpdateNASvc.exe [2012-7-13 769432]R2 NOBU;Norton Online Backup;C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe [2010-6-2 2804568]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe [2012-1-5 256536]R2 nvUpdatusService;NVIDIA Update Service Daemon;C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [2012-6-14 2458944]R2 sftlist;Application Virtualization Client;C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [2013-6-26 523944]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2012-6-14 362840]R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:Program Files (x86)AtherosAth_WlanAgent.exe [2012-6-14 76960]R3 AthBTPort;Atheros Virtual Bluetooth Class;C:WindowsSystem32driversbtath_flt.sys [2012-3-9 36480]R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:WindowsSystem32driversbtath_a2dp.sys [2012-3-9 340096]R3 btath_avdt;Atheros Bluetooth AVDT Service;C:WindowsSystem32driversbtath_avdt.sys [2012-3-9 111232]R3 BTATH_BUS;Atheros Bluetooth Bus;C:WindowsSystem32driversbtath_bus.sys [2012-3-9 30848]R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:WindowsSystem32driversbtath_hcrp.sys [2012-3-9 168064]R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:WindowsSystem32driversbtath_lwflt.sys [2012-3-9 68736]R3 BTATH_RCP;Bluetooth AVRCP Device;C:WindowsSystem32driversbtath_rcp.sys [2012-3-9 281472]R3 BtFilter;BtFilter;C:WindowsSystem32driversbtfilter.sys [2012-3-9 551552]R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2012-6-14 331264]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:WindowsSystem32driversiusb3hub.sys [2012-6-14 356120]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:WindowsSystem32driversiusb3xhc.sys [2012-6-14 788760]R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2012-6-14 60184]R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:WindowsSystem32driversRtsBaStor.sys [2012-6-14 292968]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-6-14 685160]R3 Sftfs;Sftfs;C:WindowsSystem32driversSftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:WindowsSystem32driversSftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:WindowsSystem32driversSftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:WindowsSystem32driversSftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [2013-6-26 207528]RUnknown SASKUTIL;SASKUTIL; [x]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-3-28 257416]S3 cphs;Intel® Content Protection HECI Service;C:WindowsSysWOW64IntelCpHeciSvc.exe [2012-6-14 276248]S3 EgisTec Ticket Service;EgisTec Ticket Service;C:Program Files (x86)Common FilesEgisTecServicesEgisTicketService.exe [2011-6-21 173424]S3 GamesAppIntegrationService;GamesAppIntegrationService;C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [2013-10-7 240736]S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:WindowsSystem32driversANDROIDUSB.sys [2009-11-2 33736]S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2014-1-4 119408]S3 NisDrv;Microsoft Network Inspection System;C:WindowsSystem32driversNisDrvWFP.sys [2013-9-27 134944]S3 NisSrv;Microsoft Network Inspection;C:Program FilesMicrosoft Security ClientNisSrv.exe [2013-10-23 348376]S3 osppsvc;Office Software Protection Platform;C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-1-9 4925184]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2010-11-21 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2013-10-16 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2014-01-04 19:27:44 75888 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{009ED515-19A0-4AF1-93AC-075642AA091F}offreg.dll2014-01-04 18:39:33 10315576 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{009ED515-19A0-4AF1-93AC-075642AA091F}mpengine.dll2014-01-03 14:50:47 -------- d-----w- C:UsersMariaAppDataRoamingSUPERAntiSpyware.com2014-01-03 11:24:09 -------- d-----w- C:UsersMariaAppDataRoamingMalwarebytes2014-01-03 11:23:37 -------- d-----w- C:ProgramDataMalwarebytes2014-01-03 11:23:34 -------- d-----w- C:Program Files (x86)Malwarebytes' Anti-Malware2014-01-03 11:23:18 -------- d-----w- C:UsersMariaAppDataLocalPrograms2014-01-03 11:21:50 965000 ------w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{3BEF8CD9-188B-4693-ABED-D96E694CE31D}gapaengine.dll2014-01-03 11:21:43 10315576 ------w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll2014-01-03 11:12:27 -------- d-----w- C:Program Files (x86)Microsoft Security Client2014-01-03 11:12:24 -------- d-----w- C:Program FilesMicrosoft Security Client2014-01-03 10:59:41 -------- d-----w- C:UsersMariaAppDataLocalElevatedDiagnostics2014-01-02 19:56:31 -------- d--h--w- C:Windowsmsdownld.tmp2014-01-02 16:37:01 -------- d-----w- C:WindowsSysWow64log2014-01-02 16:36:03 -------- d-----w- C:ProgramDataWPM2013-12-31 13:44:30 10315576 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{7F0AD7D0-E965-4297-80F9-A832103860F7}mpengine.dll2013-12-21 11:01:54 -------- d-----w- C:Program Files (x86)MSXML 4.02013-12-18 16:39:05 -------- d-----w- C:UsersMariaAppDataLocalNero2013-12-18 16:38:20 -------- d-----w- C:UsersMariaAppDataLocalNero_AG2013-12-18 16:04:42 -------- d-----w- C:Program Files (x86)Nero2013-12-18 16:04:29 -------- d-----w- C:ProgramDataNero2013-12-18 15:47:10 248672 ----a-w- C:WindowsSysWow64d3dx11_43.dll2013-12-18 15:46:30 470880 ----a-w- C:WindowsSysWow64d3dx10_43.dll2013-12-18 15:45:52 1998168 ----a-w- C:WindowsSysWow64D3DX9_43.dll2013-12-18 15:45:20 1868128 ----a-w- C:WindowsSysWow64d3dcsx_43.dll2013-12-18 15:44:42 2106216 ----a-w- C:WindowsSysWow64D3DCompiler_43.dll2013-12-18 11:43:27 -------- d-----w- C:UsersMariaAppDataLocalSpotify2013-12-18 11:27:13 -------- d-----w- C:UsersMariaAppDataRoamingSpotify2013-12-16 21:32:52 -------- d-----w- C:UsersMariaAppDataLocalApple Computer2013-12-16 21:32:37 33240 ----a-w- C:WindowsSystem32driversGEARAspiWDM.sys2013-12-16 21:31:30 -------- d-----w- C:Program FilesiPod2013-12-16 21:31:29 -------- d-----w- C:ProgramData34BE82C4-E596-4e99-A191-52C6199EBF692013-12-16 21:31:29 -------- d-----w- C:Program FilesiTunes2013-12-16 21:31:29 -------- d-----w- C:Program Files (x86)iTunes2013-12-16 21:30:54 -------- d-----w- C:Program FilesBonjour2013-12-16 21:30:54 -------- d-----w- C:Program Files (x86)Bonjour2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin7.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin6.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin5.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin4.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin3.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin2.dll2013-12-16 21:13:23 159744 ----a-w- C:Program FilesInternet ExplorerPluginsnpqtplugin.dll2013-12-16 21:12:44 -------- d-----w- C:UsersMariaAppDataLocalApple2013-12-16 10:04:59 167424 ----a-w- C:Program FilesWindows Media Playerwmplayer.exe2013-12-16 10:04:59 164864 ----a-w- C:Program Files (x86)Windows Media Playerwmplayer.exe2013-12-16 10:04:58 12625920 ----a-w- C:WindowsSystem32wmploc.DLL2013-12-16 10:04:57 12625408 ----a-w- C:WindowsSysWow64wmploc.DLL2013-12-12 15:53:08 -------- d-----w- C:UsersMariaMediaEspresso2013-12-12 08:30:01 335360 ----a-w- C:WindowsSystem32msieftp.dll2013-12-12 08:30:01 301568 ----a-w- C:WindowsSysWow64msieftp.dll.==================== Find3M ====================.2013-12-25 21:53:34 439648 ----a-w- C:WindowsSystem32driversaswNdisFlt.sys2013-12-24 22:04:21 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-12-24 22:04:21 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-11-23 18:26:20 417792 ----a-w- C:WindowsSysWow64WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:WindowsSystem32WMPhoto.dll2013-11-19 10:21:41 267936 ------w- C:WindowsSystem32MpSigStub.exe2013-11-12 02:23:09 2048 ----a-w- C:WindowsSystem32tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:WindowsSysWow64tzres.dll2013-10-31 08:16:35 47496 ----a-w- C:WindowsSystem32sbbd.exe2013-10-31 08:16:35 14456 ----a-w- C:WindowsSystem32driversgfibto.sys2013-10-30 01:24:31 3155968 ----a-w- C:WindowsSystem32win32k.sys2013-10-19 02:18:57 81408 ----a-w- C:WindowsSystem32imagehlp.dll2013-10-19 01:36:59 159232 ----a-w- C:WindowsSysWow64imagehlp.dll2013-10-16 13:38:27 283200 ----a-w- C:WindowsSystem32driversdtsoftbus01.sys2013-10-14 18:41:56 131232 ----a-w- C:WindowsSystem32driversaswFW.sys2013-10-12 02:32:04 150016 ----a-w- C:WindowsSystem32wshom.ocx2013-10-12 02:31:04 202752 ----a-w- C:WindowsSystem32scrrun.dll2013-10-12 02:30:42 830464 ----a-w- C:WindowsSystem32nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:WindowsSystem32IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:WindowsSystem32FWPUCLNT.DLL2013-10-12 02:04:36 121856 ----a-w- C:WindowsSysWow64wshom.ocx2013-10-12 02:03:31 163840 ----a-w- C:WindowsSysWow64scrrun.dll2013-10-12 02:03:08 656896 ----a-w- C:WindowsSysWow64nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:WindowsSysWow64FWPUCLNT.DLL2013-10-12 01:33:39 156160 ----a-w- C:WindowsSystem32cscript.exe2013-10-12 01:33:26 168960 ----a-w- C:WindowsSystem32wscript.exe2013-10-12 01:15:48 141824 ----a-w- C:WindowsSysWow64wscript.exe2013-10-12 01:15:48 126976 ----a-w- C:WindowsSysWow64cscript.exe.============= FINISH: 23:17:00,99 =============== Давам линк към attach.txt файла, защото е много дълъг http://dox.bg/files/dw?a=bf1c040ce0
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.