Премини към съдържанието

Collins

Потребител
  • Публикации

    709
  • Регистрация

  • Последно онлайн

  • Топ дни

    1

Collins е топ потребител на 16 ноември 2015

Collins имаше най-много харесвания

Харесвания

1711 Жестока репутация

5 Последователи

Всичко за Collins

  • Титла
    kaldata приятел
  • Рожден ден 21.12.1994

Информация

  • Пол
    Мъж
  • Град
    Анкх-Морпорк
  • Интереси
    Опитвам се да се откажа от гравитацията...

Последни посетители

2992 прегледа на профила
  1. Chrome - мобилен браузър

    Шрифта се променя в настройките, а отметките са разделени в три подпапки - мобилни, тези които си направил в браузъра от компютъра и други. Какви други папки искаш да направиш? За мен хром-а е доста добър, проблем не съм имал до сега с него, използвам го на 3 устройства с андроид и едно с iOS.
  2. Аз бих избрал този , първия предложен от колегата е с 12.5 инчова матрица... ако размера не те притеснява, можеш да се ориентираш и към таблет. Иначе квантсервиз за мен са най-добрите
  3. Още веднъж, много ви благодаря!
  4. Няма кой да се сети за това Благодаря, всичко вече е наред!
  5. В горния ми пост, съм показал какво се случва при опит за деинсталация. Ще продължа да го мъча обаче.
  6. Не мога да го деинсталирам. Излиза това съобщение: В лог-а няма никаква информация. Това е след рестарт на системата.
  7. С последната версия съм, програмата изобщо не стартира, без грешка, без нищо. Ще опитам с преинсталация.
  8. Осезаемо по-добре, рекламите изчезнаха, но след последния рестарт (току-що) ми изчезна ленгуидж бара... И аваст не желае да се включи, снощи при проверката с ЕЕК, го спрях за да няма конфликти. Едит: Да опитам преинсталация на аваста? Едит2: Ленгуидж бара се появи.
  9. Съжалявам за късния отговор: Fix result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016 Ran by Phill (30-11-2016 00:57:56) Run:1 Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Boot Mode: Normal ============================================== fixlist content: ***************** start HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" GroupPolicy: Restriction - Chrome <======= ATTENTION CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\libeay32.dll C:\Users\Phill\AppData\Local\Temp\msvcr120.dll C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe C:\Users\Phill\AppData\Local\Temp cmd: netsh winsock reset catalog cmd: ipconfig /flushdns EmptyTemp: Reboot: end ***************** "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb638f9-2bd6-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{0bb638f9-2bd6-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb63905-2bd6-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{0bb63905-2bd6-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1521a98d-c92c-11e5-8289-40e23059e252}" => key removed successfully HKCR\CLSID\{1521a98d-c92c-11e5-8289-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{251215bd-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{251215bd-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25121661-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{25121661-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25121b17-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{25121b17-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{395190d1-54da-11e5-8267-40e23059e252}" => key removed successfully HKCR\CLSID\{395190d1-54da-11e5-8267-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{413bd7d5-5951-11e5-8267-40e23059e252}" => key removed successfully HKCR\CLSID\{413bd7d5-5951-11e5-8267-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b5479d6-5743-11e6-82ad-40e23059e252}" => key removed successfully HKCR\CLSID\{7b5479d6-5743-11e6-82ad-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d64edde-e191-11e5-8293-40e23059e252}" => key removed successfully HKCR\CLSID\{7d64edde-e191-11e5-8293-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d64f000-e191-11e5-8293-40e23059e252}" => key removed successfully HKCR\CLSID\{7d64f000-e191-11e5-8293-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7fa52f3f-5de7-11e5-8269-40e23059e252}" => key removed successfully HKCR\CLSID\{7fa52f3f-5de7-11e5-8269-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9011868b-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{9011868b-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90118693-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{90118693-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{901186ac-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{901186ac-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b9e783-259c-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{93b9e783-259c-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b9f31e-259c-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{93b9f31e-259c-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a843e16-8fc9-11e6-82b1-40e23059e252}" => key removed successfully HKCR\CLSID\{9a843e16-8fc9-11e6-82b1-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af58f2ad-e7e8-11e5-8295-40e23059e252}" => key removed successfully HKCR\CLSID\{af58f2ad-e7e8-11e5-8295-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b00206a9-3c0a-11e5-825d-40e23059e252}" => key removed successfully HKCR\CLSID\{b00206a9-3c0a-11e5-825d-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0020723-3c0a-11e5-825d-40e23059e252}" => key removed successfully HKCR\CLSID\{b0020723-3c0a-11e5-825d-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b244836b-9abf-11e5-827c-40e23059e252}" => key removed successfully HKCR\CLSID\{b244836b-9abf-11e5-827c-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4d39be5-1241-11e6-82a3-40e23059e252}" => key removed successfully HKCR\CLSID\{d4d39be5-1241-11e6-82a3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2243fdb-3afa-11e5-8259-40e23059e252}" => key removed successfully HKCR\CLSID\{e2243fdb-3afa-11e5-8259-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecd28198-fd92-11e5-829c-40e23059e252}" => key removed successfully HKCR\CLSID\{ecd28198-fd92-11e5-829c-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecd2889f-fd92-11e5-829c-40e23059e252}" => key removed successfully HKCR\CLSID\{ecd2889f-fd92-11e5-829c-40e23059e252} => key not found. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully C:\Users\Phill\AppData\Local\Temp\AutoRun.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\CH.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\EAInstall.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\eauninstall.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\Gw2.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\libeay32.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\msvcr120.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\sqlite3.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_is4B86.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe => moved successfully C:\Users\Phill\AppData\Local\Temp => moved successfully ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49314511 B Java, Flash, Steam htmlcache => 356398641 B Windows/system/drivers => 1082917771 B Edge => 0 B Chrome => 879288106 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 451004 B NetworkService => 90568 B Phill => 230526108 B RecycleBin => 2450727 B EmptyTemp: => 2.4 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 00:59:13 ==== Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 30.11.2016 г. Scan Time: 1:08 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.11.29.13 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Phill Scan Type: Threat Scan Result: Completed Objects Scanned: 283852 Time Elapsed: 10 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 6 PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\INTERFACE\{B28F9114-243E-4046-B173-11825352D18A}, Quarantined, [fb16ac1a6e2c53e385f7f5b3fb06a957], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\TypeLib\{CCA2A357-CCB4-41C9-B6F5-4F202B8CDC82}, Quarantined, [8e83b80e9703b284ea92c4e44fb2a25e], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\INTERFACE\{B910D9A1-9F21-484A-8650-82250DABF38E}, Quarantined, [62af46803d5d3afc65185e4ae61b16ea], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\TypeLib\{D5397E85-8AF4-414B-90FC-9F4244CD46FA}, Quarantined, [3bd6dbeb8d0df14593eae2c614edc33d], PUP.Optional.YTAdBlocker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}, Quarantined, [828f24a213871521585c9e3c48bbd030], PUP.Optional.YTAdBlocker, HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}, Quarantined, [977adaec99013600ddd86a70cb38b34d], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 3 Trojan.Agent.H, C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP\cdhack.dll, Quarantined, [71a0b70fff9b64d277ccf5747d8425db], HackTool.HotKeysHook, C:\Users\Phill\Downloads\NFSPS.US.EU.v1.0.Plus14.Trainer-bleep.zip, Quarantined, [f21fc501c9d1bb7bb2bc9d6751b2be42], PUP.Optional.OpenCandy, C:\Users\Phill\Downloads\CheatEngine651.exe, Quarantined, [6aa7c7ff5545ac8ae48a35d28b76e31d], Physical Sectors: 0 (No malicious items detected) (end) Emsisoft Emergency Kit - Version 11.9 Last update: 30.11.2016 г. 1:31:16 User account: ASUNATOR\Phill Computer name: ASUNATOR OS version: Windows 8.1x64 Scan settings: Scan type: Custom Scan Objects: Rootkits, Memory, Traces, C:\ Detect PUPs: On Scan archives: On ADS Scan: On File extension filter: Off Advanced caching: On Direct disk access: Off Scan start: 30.11.2016 г. 14:57:51 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842} detected: Application.Toolbar (A) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mwesmanager.exe detected: Application.Generic.1667496 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mweshield.exe detected: Application.Generic.1666829 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mweshieldup.exe detected: Application.Generic.1666830 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mwessweeper.exe detected: Gen:Variant.Mikey.52823 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mweshield.exe detected: Application.Generic.1666829 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mweshieldup.exe detected: Application.Generic.1666830 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mwesmanager.exe detected: Application.Generic.1667496 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mwessweeper.exe detected: Gen:Variant.Mikey.52823 (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\2F12D46A-F48B-48A7-954C-6909616703DB\9b33448929168974fa305a0ec4a35bc9.exe detected: Adware.Mewishid.A (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\3CB0BBE3-4434-4ECB-A6F4-36DD84C5FD67\yt.exe detected: Gen:Variant.Graftor.313780 (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\HYD6A33.tmp.1441051528\HTA\3rdparty\OCComSDK.dll detected: Application.InstallAd (A) C:\Program Files\KMSpico\AutoPico.exe detected: Trojan.Generic.10016734 (B) C:\Program Files\KMSpico\Service_KMS.exe detected: Trojan.GenericKD.1417921 (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1426841414_001_1\libexploit.so detected: Android.Exploit.Root.A (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1446539077_001_1\Kinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1446539077_001_1\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1449720219_001_1\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1463642178_343264_1_bat2exe\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\Downloads\FaceNiff-2.4.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\avc-free.exe detected: Application.InstallAd (A) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\DROID SNIFF STUFF\Droid sheep+ Droid sheep guard\droidsheep-current.apk -> classes.dex detected: Android.Hacktool.DroidSheep.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\GAME CHEATING APPS\GameKiller\GameKiller_2.50.apk -> META-INF/CERT.RSA detected: Android.Trojan.SMSSend.KW (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\USB\USB Cleaver\USB Cleaver.apk -> META-INF/CERT.RSA detected: Android.Hacktool.UsbCleaver.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Faceniff\FaceNiff-2.1b.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Netspoof\android-netspoof-0.9.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gXXGA (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Anit\Anti.apk -> META-INF/CERT.RSA detected: Android.Hacktool.ZAnti.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\WiFi kil\WiFiKill-1.7.apk -> META-INF/CERT.RSA detected: Android.Hacktool.WifiKill.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\DROID SNIFF STUFF\Droid sheep+ Droid sheep guard\DroidSheepGuard FREE_3.apk -> classes.dex detected: Android.Riskware.Agent.gVUS (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> GAME CHEATING APPS/GameKiller/GameKiller_2.50.apk -> META-INF/CERT.RSA detected: Android.Trojan.SMSSend.KW (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> USB/USB Cleaver/USB Cleaver.apk -> META-INF/CERT.RSA detected: Android.Hacktool.UsbCleaver.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\dSploit\dSploit-1.0.31b.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gVTO (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Anit/Anti.apk -> META-INF/CERT.RSA detected: Android.Hacktool.ZAnti.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/dSploit/dSploit-1.0.31b.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gVTO (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Faceniff/FaceNiff-2.1b.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Netspoof/android-netspoof-0.9.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gXXGA (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/WiFi kil/WiFiKill-1.7.apk -> META-INF/CERT.RSA detected: Android.Hacktool.WifiKill.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> DROID SNIFF STUFF/Droid sheep+ Droid sheep guard/droidsheep-current.apk -> classes.dex detected: Android.Hacktool.DroidSheep.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> DROID SNIFF STUFF/Droid sheep+ Droid sheep guard/DroidSheepGuard FREE_3.apk -> classes.dex detected: Android.Riskware.Agent.gVUS (B) Scanned 262828 Found 48 Scan end: 30.11.2016 г. 15:50:52 Scan time: 0:53:01
  10. AdwCleaner[C0] # AdwCleaner v6.030 - Logfile created 29/11/2016 at 13:58:52 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-28.2 [Server] # Operating System : Windows 8.1 Pro (X64) # Username : Phill - ASUNATOR # Running from : C:\Users\Phill\Desktop\adwcleaner_6.030.exe # Mode: Clean # Support : hxxps://www.malwarebytes.com/support ***** [ Services ] ***** [-] Service deleted: mweshield [-] Service deleted: mweshieldup [-] Service deleted: mwescontroller ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Phill\AppData\Roaming\Tencent [-] Folder deleted: C:\Program Files\My Web Shield [-] Folder deleted: C:\Program Files (x86)\ProcessMaker [-] Folder deleted: C:\Users\Phill\AppData\Local\Temp\Tencent ***** [ Files ] ***** [-] File deleted: C:\WINDOWS\SysNative\drivers\mwescontroller.sys ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock [#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock_is1 [-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4} [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B28F9114-243E-4046-B173-11825352D18A} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B910D9A1-9F21-484A-8650-82250DABF38E} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{CCA2A357-CCB4-41C9-B6F5-4F202B8CDC82} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{D5397E85-8AF4-414B-90FC-9F4244CD46FA} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1} [-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock [-] Key deleted: [x64] HKLM\SOFTWARE\mweshield [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mweshield [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com [-] Key deleted: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E [-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe] ***** [ Web browsers ] ***** [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: delta-homes [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.delta-homes.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: omiga-plus [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: cheat-engine.en.softonic.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: istart.webssearches.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: isearch.omiga-plus.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mystartsearch [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mystartsearch.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: dts.search.ask.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: anidb.net [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kpocjpoifmommoiiiamepombpeoaehfh ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6440 Bytes] - [29/11/2016 13:58:52] C:\AdwCleaner\AdwCleaner[S0].txt - [6363 Bytes] - [29/11/2016 13:56:40] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6586 Bytes] ########## JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 8.1 Pro x64 Ran by Phill (Administrator) on ўв 29.11.2016 Ј. at 14:03:58,41 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ўв 29.11.2016 Ј. at 14:06:17,85 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016 Ran by Phill (administrator) on ASUNATOR (29-11-2016 14:08:10) Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files\KMSpico\Service_KMS.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe () C:\Windows\System32\KMSServer.exe Failed to access process -> Service_KMS.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SrTasks.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-13] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Steam] => D:\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [uTorrent] => C:\Users\Phill\AppData\Roaming\uTorrent\uTorrent.exe [2145472 2016-11-22] (BitTorrent Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify Web Helper] => C:\Users\Phill\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify] => C:\Users\Phill\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [RGSC] => D:\Games\Rockstar Games\GTA lV\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-28] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A78E9DE8-6EE8-49F6-B263-76182DBC8CD1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C2B264B5-2EB0-48D7-B271-33A5B8566016}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4","hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5","hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.istartsurf.com/?type=hp&ts=1437087111&z=bc30721319c3a4577d4c330g1z6cam3e5b0maefzfz&from=obw&uid=ST1000LM024XHN-M101MBB_S32XJ9HFA06771" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default [2016-11-29] CHR Extension: (Adblock Plus) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-11-12] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (TunnelBear VPN) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2016-07-24] CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-28] (AVAST Software) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) S2 GLOBUL Connection Manager. RunOuc; C:\Program Files (x86)\GLOBUL Connection Manager\UpdateDog\ouc.exe [655712 2016-03-08] () R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-11-17] () R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [File not signed] S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-08-18] (RealVNC Ltd) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-28] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-28] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-28] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-18] (AVAST Software) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-10-07] (ASUS Corporation) R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros) S3 cmnxusbser; C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device) S3 cpuz138; C:\Users\Phill\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-23] (CPUID) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2015-08-05] (DT Soft Ltd) U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2016-03-08] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [243712 2014-05-23] (QUALCOMM Incorporated) [File not signed] R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation) S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 14:06 - 2016-11-29 14:06 - 00000559 _____ C:\Users\Phill\Desktop\JRT.txt 2016-11-29 13:54 - 2016-11-29 13:58 - 00000000 ____D C:\AdwCleaner 2016-11-29 13:46 - 2016-11-29 13:46 - 01631928 _____ (Malwarebytes) C:\Users\Phill\Desktop\JRT.exe 2016-11-29 13:43 - 2016-11-29 13:44 - 03910208 _____ C:\Users\Phill\Desktop\adwcleaner_6.030.exe 2016-11-29 13:09 - 2016-11-29 14:08 - 00021137 _____ C:\Users\Phill\Desktop\FRST.txt 2016-11-29 13:09 - 2016-11-29 14:08 - 00000000 ____D C:\FRST 2016-11-29 13:08 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Downloads\FRST64 (1).exe 2016-11-29 13:07 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Desktop\FRST64.exe 2016-11-23 16:33 - 2016-11-23 16:33 - 00001148 _____ C:\Users\Phill\Desktop\Assassins Creed II.lnk 2016-11-23 16:33 - 2016-11-23 16:33 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Ubisoft 2016-11-23 16:27 - 2016-10-28 23:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-11-23 16:27 - 2016-10-28 23:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-23 13:54 - 2016-11-02 22:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-23 13:54 - 2016-11-02 22:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-23 13:54 - 2016-11-02 16:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-23 13:54 - 2016-11-02 16:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-23 13:54 - 2016-10-27 20:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-11-23 13:54 - 2016-10-27 20:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-23 13:54 - 2016-10-27 20:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-11-23 13:54 - 2016-10-27 20:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-23 13:54 - 2016-10-27 20:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-23 13:54 - 2016-10-27 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-23 13:54 - 2016-10-27 20:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-23 13:54 - 2016-10-27 20:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-23 13:54 - 2016-10-27 19:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-23 13:54 - 2016-10-27 19:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-11-23 13:54 - 2016-10-27 19:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-11-23 13:54 - 2016-10-27 19:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-11-23 13:54 - 2016-10-27 19:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-23 13:54 - 2016-10-27 19:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-23 13:54 - 2016-10-27 19:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-23 13:54 - 2016-10-27 18:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-23 13:54 - 2016-10-27 17:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-23 13:54 - 2016-10-25 16:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-23 13:54 - 2016-10-22 19:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-11-23 13:54 - 2016-10-22 19:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-11-23 13:54 - 2016-10-22 19:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-23 13:54 - 2016-10-22 19:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-11-23 13:54 - 2016-10-22 18:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-23 13:54 - 2016-10-22 18:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-23 13:54 - 2016-10-22 18:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-23 13:54 - 2016-10-22 18:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-23 13:54 - 2016-10-22 18:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-11-23 13:54 - 2016-10-22 18:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-23 13:54 - 2016-10-22 18:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-11-23 13:54 - 2016-10-22 18:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-23 13:54 - 2016-10-22 18:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-23 13:54 - 2016-10-12 10:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-23 13:54 - 2016-10-11 22:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 22:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 20:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-23 13:54 - 2016-10-11 19:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-23 13:54 - 2016-10-11 18:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 00:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-23 13:54 - 2016-10-09 01:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-11-23 13:54 - 2016-10-09 00:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-09 00:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-23 13:54 - 2016-10-09 00:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-11-23 13:54 - 2016-10-09 00:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-23 13:54 - 2016-10-09 00:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-11-23 13:54 - 2016-10-08 23:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-08 23:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-23 13:54 - 2016-10-04 22:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-23 13:54 - 2016-10-04 22:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-23 13:54 - 2016-09-10 00:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2016-11-23 13:54 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2016-11-23 13:54 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-11-23 13:54 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 15:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-23 13:54 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2016-11-23 13:54 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 19:18 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2016-11-23 13:54 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-11-23 13:54 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-11-23 13:54 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-11-23 13:54 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2016-11-23 13:54 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2016-11-23 13:54 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2016-11-23 13:54 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-23 13:54 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-11-23 13:54 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-11-23 13:54 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Users\Phill\AppData\LocalLow\uTorrent 2016-11-22 22:15 - 2016-11-22 22:15 - 00159585 _____ C:\Users\Phill\Downloads\Suits.S02.720p.HDTV.x264.torrent 2016-11-22 00:06 - 2016-11-22 00:06 - 00000761 _____ C:\Users\Phill\Desktop\Assassins Crеed Brotherhood.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00002202 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 SteamRIP.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 SteamRIP 2016-11-17 01:12 - 2016-11-23 16:33 - 00000000 ____D C:\ProgramData\Ubisoft 2016-11-17 00:25 - 2016-11-17 00:25 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\PunkBuster 2016-11-17 00:24 - 2016-11-17 00:24 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-11-17 00:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2016-11-16 22:17 - 2016-11-16 22:17 - 00274155 _____ C:\Users\Phill\Downloads\Assassins.Creed.Collection-BlackEcho.torrent 2016-11-16 00:44 - 2016-11-16 00:44 - 00000258 __RSH C:\Users\Phill\ntuser.pol 2016-11-15 17:06 - 2016-11-15 17:06 - 00001548 __RSH C:\ProgramData\ntuser.pol 2016-11-14 18:35 - 2016-09-22 15:55 - 00102690 ____R C:\Users\Phill\Desktop\suits.s01e01.720p.hdtv.x264-orenji.srt 2016-11-11 01:58 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 00:37 - 2016-11-11 00:37 - 00000898 _____ C:\Users\Phill\Desktop\Start CSGO No Internet.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000895 _____ C:\Users\Phill\Desktop\Counter-Strike Global Offensive.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive 2016-11-10 21:19 - 2016-11-10 21:19 - 00014805 _____ C:\Users\Phill\Downloads\Crazy.Stupid.Love.2011.720p.BluRay.x264.DTS-WiKi.torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (4).torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00012555 _____ C:\Users\Phill\Downloads\Counter-Strike Global Offensive v1.35.5.6 [Repack].torrent 2016-11-10 20:13 - 2016-11-10 20:13 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (3).torrent 2016-11-10 20:01 - 2016-11-10 20:01 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP (1).torrent 2016-11-10 19:58 - 2016-11-21 16:03 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP 2016-11-10 19:12 - 2016-11-10 19:12 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP.torrent 2016-11-06 21:59 - 2016-11-06 21:59 - 00012642 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.BDRip.x264-WAR.torrent 2016-11-06 21:56 - 2016-11-06 21:56 - 00021610 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.1080p.BluRay.x264-WARHD.torrent 2016-11-02 23:27 - 2016-11-02 23:27 - 00001007 _____ C:\Users\Public\Desktop\HiSuite.lnk 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\Documents\HiSuite 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2016-11-02 23:27 - 2016-05-25 12:53 - 02152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\AppData\Local\Hisuite 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Program Files (x86)\HiSuite 2016-10-30 21:24 - 2016-10-30 21:24 - 00023180 _____ C:\Users\Phill\Downloads\Beauty.and.the.Beast.Extended.Version.1991.1080p.BluRay.Bulgarian-PEPSi.mkv.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 14:08 - 2015-11-12 22:22 - 00000000 ___RD C:\Users\Phill\OneDrive 2016-11-29 14:03 - 2016-02-25 03:05 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2016-11-29 14:03 - 2015-11-16 20:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-29 14:02 - 2015-07-18 17:52 - 00000000 __SHD C:\Users\Phill\IntelGraphicsProfiles 2016-11-29 14:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-29 14:00 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-11-29 13:40 - 2015-08-05 03:06 - 01015296 ___SH C:\Users\Phill\Desktop\Thumbs.db 2016-11-29 13:32 - 2015-11-16 20:14 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-29 12:09 - 2015-08-05 00:49 - 00000000 ____D C:\Users\Phill\AppData\Local\CrashDumps 2016-11-29 00:25 - 2015-09-05 07:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\vlc 2016-11-24 21:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-11-23 21:56 - 2015-08-04 23:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3535237292-2376840269-2226161949-1000 2016-11-23 16:31 - 2015-08-05 02:04 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-23 16:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-11-23 16:25 - 2013-08-22 16:44 - 00337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-23 16:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-11-23 16:19 - 2015-08-05 05:27 - 00000000 ____D C:\Users\Phill\AppData\Roaming\uTorrent 2016-11-23 15:27 - 2015-08-04 23:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-23 14:24 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-23 14:02 - 2015-08-04 23:42 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-23 01:15 - 2014-11-21 09:38 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-23 00:53 - 2015-11-12 22:36 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Skype 2016-11-22 23:52 - 2015-11-12 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-22 23:52 - 2015-11-12 22:35 - 00000000 ____D C:\ProgramData\Skype 2016-11-16 00:44 - 2015-08-04 23:37 - 00000000 ____D C:\Users\Phill 2016-11-15 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-11-14 23:33 - 2015-08-05 01:37 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-11 01:58 - 2015-12-30 12:42 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-10 21:39 - 2015-08-05 03:18 - 00457216 ___SH C:\Users\Phill\Downloads\Thumbs.db 2016-11-10 20:00 - 2015-08-04 23:43 - 00000000 ____D C:\Users\Phill\AppData\Local\VirtualStore 2016-11-06 21:55 - 2015-08-05 00:57 - 00000000 ____D C:\Users\Phill\AppData\Local\Google 2016-11-02 23:45 - 2015-11-26 18:08 - 00000000 ____D C:\Temp ==================== Files in the root of some directories ======= 2015-10-08 02:56 - 2015-10-08 02:56 - 0007602 _____ () C:\Users\Phill\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\libeay32.dll C:\Users\Phill\AppData\Local\Temp\msvcr120.dll C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-11-24 21:43 ==================== End of FRST.txt ============================ Addition.txt
  11. Благодаря за бързата реакция, но не мога да изпълня първа стъпка. Не ми позволява да инсталирам нито една от двете програми, излиза ето този прозорец: И на двете програми излиза едно и също съобщение.
  12. Здравейте, от няколко дена имам проблем със адуеър, който не мога да открия от коя програма идва. Симптомите ги знаете, изкачат реклами, освен това в някои страници има думи, които са удебелени и препращат към друг сайт. Прикачвам скрийншот за да видите. Ето лога от frst: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016 Ran by Phill (administrator) on ASUNATOR (29-11-2016 13:19:51) Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe ("My Web Shield") C:\Program Files\My Web Shield\mweshield.exe ("My Web Shield") C:\Program Files\My Web Shield\mweshieldup.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-13] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Steam] => D:\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [uTorrent] => C:\Users\Phill\AppData\Roaming\uTorrent\uTorrent.exe [2145472 2016-11-22] (BitTorrent Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify Web Helper] => C:\Users\Phill\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify] => C:\Users\Phill\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [RGSC] => D:\Games\Rockstar Games\GTA lV\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-28] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A78E9DE8-6EE8-49F6-B263-76182DBC8CD1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C2B264B5-2EB0-48D7-B271-33A5B8566016}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4","hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5","hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.istartsurf.com/?type=hp&ts=1437087111&z=bc30721319c3a4577d4c330g1z6cam3e5b0maefzfz&from=obw&uid=ST1000LM024XHN-M101MBB_S32XJ9HFA06771" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default [2016-11-29] CHR Extension: (Adblock Plus) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-11-12] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (TunnelBear VPN) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2016-07-24] CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-28] (AVAST Software) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) S2 GLOBUL Connection Manager. RunOuc; C:\Program Files (x86)\GLOBUL Connection Manager\UpdateDog\ouc.exe [655712 2016-03-08] () R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 mweshield; C:\Program Files\My Web Shield\mweshield.exe [931640 2016-08-31] ("My Web Shield") <==== ATTENTION R2 mweshieldup; C:\Program Files\My Web Shield\mweshieldup.exe [348472 2016-08-31] ("My Web Shield") <==== ATTENTION R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-11-17] () S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [File not signed] S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-08-18] (RealVNC Ltd) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-28] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-28] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-28] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-18] (AVAST Software) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-10-07] (ASUS Corporation) R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros) S3 cmnxusbser; C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device) S3 cpuz138; C:\Users\Phill\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-23] (CPUID) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2015-08-05] (DT Soft Ltd) U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2016-03-08] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R1 mwescontroller; C:\WINDOWS\system32\drivers\mwescontroller.sys [57680 2016-08-31] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [243712 2014-05-23] (QUALCOMM Incorporated) [File not signed] R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation) S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 13:09 - 2016-11-29 13:20 - 00022435 _____ C:\Users\Phill\Desktop\FRST.txt 2016-11-29 13:09 - 2016-11-29 13:19 - 00000000 ____D C:\FRST 2016-11-29 13:08 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Downloads\FRST64 (1).exe 2016-11-29 13:07 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Desktop\FRST64.exe 2016-11-23 16:33 - 2016-11-23 16:33 - 00001148 _____ C:\Users\Phill\Desktop\Assassins Creed II.lnk 2016-11-23 16:33 - 2016-11-23 16:33 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Ubisoft 2016-11-23 16:27 - 2016-10-28 23:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-11-23 16:27 - 2016-10-28 23:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-23 13:54 - 2016-11-02 22:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-23 13:54 - 2016-11-02 22:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-23 13:54 - 2016-11-02 16:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-23 13:54 - 2016-11-02 16:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-23 13:54 - 2016-10-27 20:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-11-23 13:54 - 2016-10-27 20:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-23 13:54 - 2016-10-27 20:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-11-23 13:54 - 2016-10-27 20:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-23 13:54 - 2016-10-27 20:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-23 13:54 - 2016-10-27 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-23 13:54 - 2016-10-27 20:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-23 13:54 - 2016-10-27 20:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-23 13:54 - 2016-10-27 19:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-23 13:54 - 2016-10-27 19:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-11-23 13:54 - 2016-10-27 19:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-11-23 13:54 - 2016-10-27 19:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-11-23 13:54 - 2016-10-27 19:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-23 13:54 - 2016-10-27 19:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-23 13:54 - 2016-10-27 19:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-23 13:54 - 2016-10-27 18:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-23 13:54 - 2016-10-27 17:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-23 13:54 - 2016-10-25 16:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-23 13:54 - 2016-10-22 19:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-11-23 13:54 - 2016-10-22 19:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-11-23 13:54 - 2016-10-22 19:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-23 13:54 - 2016-10-22 19:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-11-23 13:54 - 2016-10-22 18:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-23 13:54 - 2016-10-22 18:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-23 13:54 - 2016-10-22 18:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-23 13:54 - 2016-10-22 18:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-23 13:54 - 2016-10-22 18:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-11-23 13:54 - 2016-10-22 18:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-23 13:54 - 2016-10-22 18:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-11-23 13:54 - 2016-10-22 18:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-23 13:54 - 2016-10-22 18:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-23 13:54 - 2016-10-12 10:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-23 13:54 - 2016-10-11 22:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 22:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 20:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-23 13:54 - 2016-10-11 19:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-23 13:54 - 2016-10-11 18:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 00:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-23 13:54 - 2016-10-09 01:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-11-23 13:54 - 2016-10-09 00:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-09 00:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-23 13:54 - 2016-10-09 00:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-11-23 13:54 - 2016-10-09 00:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-23 13:54 - 2016-10-09 00:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-11-23 13:54 - 2016-10-08 23:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-08 23:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-23 13:54 - 2016-10-04 22:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-23 13:54 - 2016-10-04 22:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-23 13:54 - 2016-09-10 00:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2016-11-23 13:54 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2016-11-23 13:54 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-11-23 13:54 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 15:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-23 13:54 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2016-11-23 13:54 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 19:18 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2016-11-23 13:54 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-11-23 13:54 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-11-23 13:54 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-11-23 13:54 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2016-11-23 13:54 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2016-11-23 13:54 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2016-11-23 13:54 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-23 13:54 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-11-23 13:54 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-11-23 13:54 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Users\Phill\AppData\LocalLow\uTorrent 2016-11-22 22:15 - 2016-11-22 22:15 - 00159585 _____ C:\Users\Phill\Downloads\Suits.S02.720p.HDTV.x264.torrent 2016-11-22 00:06 - 2016-11-22 00:06 - 00000761 _____ C:\Users\Phill\Desktop\Assassins Crеed Brotherhood.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00002202 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 SteamRIP.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 SteamRIP 2016-11-17 01:12 - 2016-11-23 16:33 - 00000000 ____D C:\ProgramData\Ubisoft 2016-11-17 00:25 - 2016-11-17 00:25 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\PunkBuster 2016-11-17 00:24 - 2016-11-17 00:24 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-11-17 00:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2016-11-16 22:17 - 2016-11-16 22:17 - 00274155 _____ C:\Users\Phill\Downloads\Assassins.Creed.Collection-BlackEcho.torrent 2016-11-16 00:44 - 2016-11-16 00:44 - 00000258 __RSH C:\Users\Phill\ntuser.pol 2016-11-15 17:06 - 2016-11-15 17:07 - 00000000 ____D C:\Program Files\My Web Shield 2016-11-15 17:06 - 2016-11-15 17:06 - 00001548 __RSH C:\ProgramData\ntuser.pol 2016-11-15 17:06 - 2016-08-31 16:00 - 00057680 _____ C:\WINDOWS\system32\Drivers\mwescontroller.sys 2016-11-14 18:35 - 2016-09-22 15:55 - 00102690 ____R C:\Users\Phill\Desktop\suits.s01e01.720p.hdtv.x264-orenji.srt 2016-11-11 01:58 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 00:37 - 2016-11-11 00:37 - 00000898 _____ C:\Users\Phill\Desktop\Start CSGO No Internet.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000895 _____ C:\Users\Phill\Desktop\Counter-Strike Global Offensive.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive 2016-11-10 21:19 - 2016-11-10 21:19 - 00014805 _____ C:\Users\Phill\Downloads\Crazy.Stupid.Love.2011.720p.BluRay.x264.DTS-WiKi.torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (4).torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00012555 _____ C:\Users\Phill\Downloads\Counter-Strike Global Offensive v1.35.5.6 [Repack].torrent 2016-11-10 20:13 - 2016-11-10 20:13 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (3).torrent 2016-11-10 20:01 - 2016-11-10 20:01 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP (1).torrent 2016-11-10 19:58 - 2016-11-21 16:03 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP 2016-11-10 19:12 - 2016-11-10 19:12 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP.torrent 2016-11-06 21:59 - 2016-11-06 21:59 - 00012642 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.BDRip.x264-WAR.torrent 2016-11-06 21:56 - 2016-11-06 21:56 - 00021610 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.1080p.BluRay.x264-WARHD.torrent 2016-11-02 23:27 - 2016-11-02 23:27 - 00001007 _____ C:\Users\Public\Desktop\HiSuite.lnk 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\Documents\HiSuite 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2016-11-02 23:27 - 2016-05-25 12:53 - 02152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\AppData\Local\Hisuite 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Program Files (x86)\HiSuite 2016-10-30 21:24 - 2016-10-30 21:24 - 00023180 _____ C:\Users\Phill\Downloads\Beauty.and.the.Beast.Extended.Version.1991.1080p.BluRay.Bulgarian-PEPSi.mkv.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 13:14 - 2015-08-05 03:06 - 01007104 ___SH C:\Users\Phill\Desktop\Thumbs.db 2016-11-29 12:32 - 2015-11-16 20:14 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-29 12:09 - 2015-08-05 00:49 - 00000000 ____D C:\Users\Phill\AppData\Local\CrashDumps 2016-11-29 09:59 - 2016-02-25 03:05 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2016-11-29 09:59 - 2015-11-16 20:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-29 09:59 - 2015-11-12 22:22 - 00000000 ____D C:\Users\Phill\OneDrive 2016-11-29 09:58 - 2015-07-18 17:52 - 00000000 __SHD C:\Users\Phill\IntelGraphicsProfiles 2016-11-29 00:25 - 2015-09-05 07:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\vlc 2016-11-24 21:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-11-23 21:56 - 2015-08-04 23:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3535237292-2376840269-2226161949-1000 2016-11-23 16:31 - 2015-08-05 02:04 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-23 16:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-11-23 16:25 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-23 16:25 - 2013-08-22 16:44 - 00337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-23 16:23 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-11-23 16:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-11-23 16:19 - 2015-08-05 05:27 - 00000000 ____D C:\Users\Phill\AppData\Roaming\uTorrent 2016-11-23 15:27 - 2015-08-04 23:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-23 14:24 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-23 14:02 - 2015-08-04 23:42 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-23 01:15 - 2014-11-21 09:38 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-23 00:53 - 2015-11-12 22:36 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Skype 2016-11-22 23:52 - 2015-11-12 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-22 23:52 - 2015-11-12 22:35 - 00000000 ____D C:\ProgramData\Skype 2016-11-16 00:44 - 2015-08-04 23:37 - 00000000 ____D C:\Users\Phill 2016-11-15 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-11-14 23:33 - 2015-08-05 01:37 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-11 01:58 - 2015-12-30 12:42 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-10 21:39 - 2015-08-05 03:18 - 00457216 ___SH C:\Users\Phill\Downloads\Thumbs.db 2016-11-10 20:00 - 2015-08-04 23:43 - 00000000 ____D C:\Users\Phill\AppData\Local\VirtualStore 2016-11-06 21:55 - 2015-08-05 00:57 - 00000000 ____D C:\Users\Phill\AppData\Local\Google 2016-11-02 23:45 - 2015-11-26 18:08 - 00000000 ____D C:\Temp ==================== Files in the root of some directories ======= 2015-10-08 02:56 - 2015-10-08 02:56 - 0007602 _____ () C:\Users\Phill\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-11-24 21:43 ==================== End of FRST.txt ============================ Благодаря за отделеното време. Addition.txt Едит: Mywebshield очевидно е адуеъра... Нямам такава инсталирана програма в листа с програми обаче.
  13. Заслужава ли си ?

    Значиии, играл съм само 2-ката. Играта доста ме грабна, а аз по принцип не играя много fps. А да, играта е fps с може би малки закачки на rpg. Имаш прилична история, графиката е окей при всички положения. Имаш много опции за развиване, особено на оръжията, а споменах ли, че можеш да ги биеш с почти всичко, което намериш? Зомбитата стават по силни, със напредването на картата и историята. Няма да издавам някакви сюжетни моменти. Купи/свали си я и виж сам Най-малкото можеш да гледаш геймплей клипове в тубата Edit: Извинявам се за грешката, играл съм първата игра, а не втората.
  14. Раздумки без одумки

    Дубрутру ви!
  15. Раздумки без одумки

    Дор'ден! Нещо за политика ли отворихте разговор? Не сте толкоз пияни, че да говорите за нея
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.