Премини към съдържанието

Collins

Потребител
  • Публикации

    709
  • Регистрация

  • Последно онлайн

  • Топ дни

    1

Всичко публикувано от Collins

  1. Шрифта се променя в настройките, а отметките са разделени в три подпапки - мобилни, тези които си направил в браузъра от компютъра и други. Какви други папки искаш да направиш? За мен хром-а е доста добър, проблем не съм имал до сега с него, използвам го на 3 устройства с андроид и едно с iOS.
  2. Аз бих избрал този , първия предложен от колегата е с 12.5 инчова матрица... ако размера не те притеснява, можеш да се ориентираш и към таблет. Иначе квантсервиз за мен са най-добрите
  3. Още веднъж, много ви благодаря!
  4. Няма кой да се сети за това Благодаря, всичко вече е наред!
  5. В горния ми пост, съм показал какво се случва при опит за деинсталация. Ще продължа да го мъча обаче.
  6. Не мога да го деинсталирам. Излиза това съобщение: В лог-а няма никаква информация. Това е след рестарт на системата.
  7. С последната версия съм, програмата изобщо не стартира, без грешка, без нищо. Ще опитам с преинсталация.
  8. Осезаемо по-добре, рекламите изчезнаха, но след последния рестарт (току-що) ми изчезна ленгуидж бара... И аваст не желае да се включи, снощи при проверката с ЕЕК, го спрях за да няма конфликти. Едит: Да опитам преинсталация на аваста? Едит2: Ленгуидж бара се появи.
  9. Съжалявам за късния отговор: Fix result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016 Ran by Phill (30-11-2016 00:57:56) Run:1 Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Boot Mode: Normal ============================================== fixlist content: ***************** start HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" GroupPolicy: Restriction - Chrome <======= ATTENTION CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\libeay32.dll C:\Users\Phill\AppData\Local\Temp\msvcr120.dll C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe C:\Users\Phill\AppData\Local\Temp cmd: netsh winsock reset catalog cmd: ipconfig /flushdns EmptyTemp: Reboot: end ***************** "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb638f9-2bd6-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{0bb638f9-2bd6-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bb63905-2bd6-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{0bb63905-2bd6-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1521a98d-c92c-11e5-8289-40e23059e252}" => key removed successfully HKCR\CLSID\{1521a98d-c92c-11e5-8289-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{251215bd-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{251215bd-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25121661-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{25121661-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25121b17-bd5d-11e5-8283-40e23059e252}" => key removed successfully HKCR\CLSID\{25121b17-bd5d-11e5-8283-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{395190d1-54da-11e5-8267-40e23059e252}" => key removed successfully HKCR\CLSID\{395190d1-54da-11e5-8267-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{413bd7d5-5951-11e5-8267-40e23059e252}" => key removed successfully HKCR\CLSID\{413bd7d5-5951-11e5-8267-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b5479d6-5743-11e6-82ad-40e23059e252}" => key removed successfully HKCR\CLSID\{7b5479d6-5743-11e6-82ad-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d64edde-e191-11e5-8293-40e23059e252}" => key removed successfully HKCR\CLSID\{7d64edde-e191-11e5-8293-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d64f000-e191-11e5-8293-40e23059e252}" => key removed successfully HKCR\CLSID\{7d64f000-e191-11e5-8293-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7fa52f3f-5de7-11e5-8269-40e23059e252}" => key removed successfully HKCR\CLSID\{7fa52f3f-5de7-11e5-8269-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9011868b-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{9011868b-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90118693-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{90118693-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{901186ac-9bb1-11e6-82b3-40e23059e252}" => key removed successfully HKCR\CLSID\{901186ac-9bb1-11e6-82b3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b9e783-259c-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{93b9e783-259c-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93b9f31e-259c-11e6-82a8-40e23059e252}" => key removed successfully HKCR\CLSID\{93b9f31e-259c-11e6-82a8-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a843e16-8fc9-11e6-82b1-40e23059e252}" => key removed successfully HKCR\CLSID\{9a843e16-8fc9-11e6-82b1-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af58f2ad-e7e8-11e5-8295-40e23059e252}" => key removed successfully HKCR\CLSID\{af58f2ad-e7e8-11e5-8295-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b00206a9-3c0a-11e5-825d-40e23059e252}" => key removed successfully HKCR\CLSID\{b00206a9-3c0a-11e5-825d-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0020723-3c0a-11e5-825d-40e23059e252}" => key removed successfully HKCR\CLSID\{b0020723-3c0a-11e5-825d-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b244836b-9abf-11e5-827c-40e23059e252}" => key removed successfully HKCR\CLSID\{b244836b-9abf-11e5-827c-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4d39be5-1241-11e6-82a3-40e23059e252}" => key removed successfully HKCR\CLSID\{d4d39be5-1241-11e6-82a3-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2243fdb-3afa-11e5-8259-40e23059e252}" => key removed successfully HKCR\CLSID\{e2243fdb-3afa-11e5-8259-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecd28198-fd92-11e5-829c-40e23059e252}" => key removed successfully HKCR\CLSID\{ecd28198-fd92-11e5-829c-40e23059e252} => key not found. "HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecd2889f-fd92-11e5-829c-40e23059e252}" => key removed successfully HKCR\CLSID\{ecd2889f-fd92-11e5-829c-40e23059e252} => key not found. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully C:\Users\Phill\AppData\Local\Temp\AutoRun.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\CH.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\EAInstall.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\eauninstall.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\Gw2.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\libeay32.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\msvcr120.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\sqlite3.dll => moved successfully C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_is4B86.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe => moved successfully C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe => moved successfully C:\Users\Phill\AppData\Local\Temp => moved successfully ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49314511 B Java, Flash, Steam htmlcache => 356398641 B Windows/system/drivers => 1082917771 B Edge => 0 B Chrome => 879288106 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 451004 B NetworkService => 90568 B Phill => 230526108 B RecycleBin => 2450727 B EmptyTemp: => 2.4 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 00:59:13 ==== Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 30.11.2016 г. Scan Time: 1:08 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.11.29.13 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Phill Scan Type: Threat Scan Result: Completed Objects Scanned: 283852 Time Elapsed: 10 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 6 PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\INTERFACE\{B28F9114-243E-4046-B173-11825352D18A}, Quarantined, [fb16ac1a6e2c53e385f7f5b3fb06a957], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\TypeLib\{CCA2A357-CCB4-41C9-B6F5-4F202B8CDC82}, Quarantined, [8e83b80e9703b284ea92c4e44fb2a25e], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\INTERFACE\{B910D9A1-9F21-484A-8650-82250DABF38E}, Quarantined, [62af46803d5d3afc65185e4ae61b16ea], PUP.Optional.ContentDefender, HKLM\SOFTWARE\CLASSES\TypeLib\{D5397E85-8AF4-414B-90FC-9F4244CD46FA}, Quarantined, [3bd6dbeb8d0df14593eae2c614edc33d], PUP.Optional.YTAdBlocker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}, Quarantined, [828f24a213871521585c9e3c48bbd030], PUP.Optional.YTAdBlocker, HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}, Quarantined, [977adaec99013600ddd86a70cb38b34d], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 3 Trojan.Agent.H, C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP\cdhack.dll, Quarantined, [71a0b70fff9b64d277ccf5747d8425db], HackTool.HotKeysHook, C:\Users\Phill\Downloads\NFSPS.US.EU.v1.0.Plus14.Trainer-bleep.zip, Quarantined, [f21fc501c9d1bb7bb2bc9d6751b2be42], PUP.Optional.OpenCandy, C:\Users\Phill\Downloads\CheatEngine651.exe, Quarantined, [6aa7c7ff5545ac8ae48a35d28b76e31d], Physical Sectors: 0 (No malicious items detected) (end) Emsisoft Emergency Kit - Version 11.9 Last update: 30.11.2016 г. 1:31:16 User account: ASUNATOR\Phill Computer name: ASUNATOR OS version: Windows 8.1x64 Scan settings: Scan type: Custom Scan Objects: Rootkits, Memory, Traces, C:\ Detect PUPs: On Scan archives: On ADS Scan: On File extension filter: Off Advanced caching: On Direct disk access: Off Scan start: 30.11.2016 г. 14:57:51 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{8772EB82-7261-4CD9-8A86-DE155B461D9E} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{8E76BEF1-650D-4C37-92CA-301FE1715505} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{AE293C34-0380-4BEB-B499-003F0A34605C} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\INTERFACE\{EC137CF8-6A75-47AE-958A-6127DE633658} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842} detected: Application.Toolbar (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842} detected: Application.Toolbar (A) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mwesmanager.exe detected: Application.Generic.1667496 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mweshield.exe detected: Application.Generic.1666829 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mweshieldup.exe detected: Application.Generic.1666830 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\mwessweeper.exe detected: Gen:Variant.Mikey.52823 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mweshield.exe detected: Application.Generic.1666829 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mweshieldup.exe detected: Application.Generic.1666830 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mwesmanager.exe detected: Application.Generic.1667496 (B) C:\AdwCleaner\quarantine\files\udnpajajugzxfshtftexlabvlzuxbdhf\My Web Shield.zip -> mwessweeper.exe detected: Gen:Variant.Mikey.52823 (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\2F12D46A-F48B-48A7-954C-6909616703DB\9b33448929168974fa305a0ec4a35bc9.exe detected: Adware.Mewishid.A (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\3CB0BBE3-4434-4ECB-A6F4-36DD84C5FD67\yt.exe detected: Gen:Variant.Graftor.313780 (B) C:\FRST\Quarantine\C\Users\Phill\AppData\Local\Temp\Temp\HYD6A33.tmp.1441051528\HTA\3rdparty\OCComSDK.dll detected: Application.InstallAd (A) C:\Program Files\KMSpico\AutoPico.exe detected: Trojan.Generic.10016734 (B) C:\Program Files\KMSpico\Service_KMS.exe detected: Trojan.GenericKD.1417921 (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1426841414_001_1\libexploit.so detected: Android.Exploit.Root.A (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1446539077_001_1\Kinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1446539077_001_1\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1449720219_001_1\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\AppData\Roaming\KingRoot\3.2.0\root\root_1_1463642178_343264_1_bat2exe\xkinguser.apk -> resources.arsc detected: Android.Riskware.Downloader.gMKNZ (B) C:\Users\Phill\Downloads\FaceNiff-2.4.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\avc-free.exe detected: Application.InstallAd (A) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\DROID SNIFF STUFF\Droid sheep+ Droid sheep guard\droidsheep-current.apk -> classes.dex detected: Android.Hacktool.DroidSheep.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\GAME CHEATING APPS\GameKiller\GameKiller_2.50.apk -> META-INF/CERT.RSA detected: Android.Trojan.SMSSend.KW (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\USB\USB Cleaver\USB Cleaver.apk -> META-INF/CERT.RSA detected: Android.Hacktool.UsbCleaver.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Faceniff\FaceNiff-2.1b.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Netspoof\android-netspoof-0.9.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gXXGA (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\Anit\Anti.apk -> META-INF/CERT.RSA detected: Android.Hacktool.ZAnti.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\WiFi kil\WiFiKill-1.7.apk -> META-INF/CERT.RSA detected: Android.Hacktool.WifiKill.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\DROID SNIFF STUFF\Droid sheep+ Droid sheep guard\DroidSheepGuard FREE_3.apk -> classes.dex detected: Android.Riskware.Agent.gVUS (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> GAME CHEATING APPS/GameKiller/GameKiller_2.50.apk -> META-INF/CERT.RSA detected: Android.Trojan.SMSSend.KW (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> USB/USB Cleaver/USB Cleaver.apk -> META-INF/CERT.RSA detected: Android.Hacktool.UsbCleaver.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0\WIFI STUFF\dSploit\dSploit-1.0.31b.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gVTO (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Anit/Anti.apk -> META-INF/CERT.RSA detected: Android.Hacktool.ZAnti.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/dSploit/dSploit-1.0.31b.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gVTO (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Faceniff/FaceNiff-2.1b.apk -> META-INF/CERT.RSA detected: Android.Hacktool.Faceniff.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/Netspoof/android-netspoof-0.9.apk -> META-INF/CERT.RSA detected: Android.Riskware.Agent.gXXGA (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> WIFI STUFF/WiFi kil/WiFiKill-1.7.apk -> META-INF/CERT.RSA detected: Android.Hacktool.WifiKill.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> DROID SNIFF STUFF/Droid sheep+ Droid sheep guard/droidsheep-current.apk -> classes.dex detected: Android.Hacktool.DroidSheep.A (B) C:\Users\Phill\Downloads\Sniffing+Apps+By+Flashalot+v6.0.zip -> DROID SNIFF STUFF/Droid sheep+ Droid sheep guard/DroidSheepGuard FREE_3.apk -> classes.dex detected: Android.Riskware.Agent.gVUS (B) Scanned 262828 Found 48 Scan end: 30.11.2016 г. 15:50:52 Scan time: 0:53:01
  10. AdwCleaner[C0] # AdwCleaner v6.030 - Logfile created 29/11/2016 at 13:58:52 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-28.2 [Server] # Operating System : Windows 8.1 Pro (X64) # Username : Phill - ASUNATOR # Running from : C:\Users\Phill\Desktop\adwcleaner_6.030.exe # Mode: Clean # Support : hxxps://www.malwarebytes.com/support ***** [ Services ] ***** [-] Service deleted: mweshield [-] Service deleted: mweshieldup [-] Service deleted: mwescontroller ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Phill\AppData\Roaming\Tencent [-] Folder deleted: C:\Program Files\My Web Shield [-] Folder deleted: C:\Program Files (x86)\ProcessMaker [-] Folder deleted: C:\Users\Phill\AppData\Local\Temp\Tencent ***** [ Files ] ***** [-] File deleted: C:\WINDOWS\SysNative\drivers\mwescontroller.sys ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock [#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock_is1 [-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4} [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B28F9114-243E-4046-B173-11825352D18A} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B910D9A1-9F21-484A-8650-82250DABF38E} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{CCA2A357-CCB4-41C9-B6F5-4F202B8CDC82} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{D5397E85-8AF4-414B-90FC-9F4244CD46FA} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1} [-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube AdBlock [-] Key deleted: [x64] HKLM\SOFTWARE\mweshield [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mweshield [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com [-] Key deleted: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E [-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe] ***** [ Web browsers ] ***** [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: delta-homes [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.delta-homes.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: omiga-plus [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: cheat-engine.en.softonic.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: istart.webssearches.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: isearch.omiga-plus.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mystartsearch [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mystartsearch.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: dts.search.ask.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: anidb.net [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470 [-] [C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kpocjpoifmommoiiiamepombpeoaehfh ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6440 Bytes] - [29/11/2016 13:58:52] C:\AdwCleaner\AdwCleaner[S0].txt - [6363 Bytes] - [29/11/2016 13:56:40] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6586 Bytes] ########## JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 8.1 Pro x64 Ran by Phill (Administrator) on ўв 29.11.2016 Ј. at 14:03:58,41 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ўв 29.11.2016 Ј. at 14:06:17,85 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016 Ran by Phill (administrator) on ASUNATOR (29-11-2016 14:08:10) Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files\KMSpico\Service_KMS.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe () C:\Windows\System32\KMSServer.exe Failed to access process -> Service_KMS.exe (Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SrTasks.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-13] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Steam] => D:\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [uTorrent] => C:\Users\Phill\AppData\Roaming\uTorrent\uTorrent.exe [2145472 2016-11-22] (BitTorrent Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify Web Helper] => C:\Users\Phill\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify] => C:\Users\Phill\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [RGSC] => D:\Games\Rockstar Games\GTA lV\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-28] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A78E9DE8-6EE8-49F6-B263-76182DBC8CD1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C2B264B5-2EB0-48D7-B271-33A5B8566016}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4","hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5","hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.istartsurf.com/?type=hp&ts=1437087111&z=bc30721319c3a4577d4c330g1z6cam3e5b0maefzfz&from=obw&uid=ST1000LM024XHN-M101MBB_S32XJ9HFA06771" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default [2016-11-29] CHR Extension: (Adblock Plus) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-11-12] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (TunnelBear VPN) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2016-07-24] CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-28] (AVAST Software) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) S2 GLOBUL Connection Manager. RunOuc; C:\Program Files (x86)\GLOBUL Connection Manager\UpdateDog\ouc.exe [655712 2016-03-08] () R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-11-17] () R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [File not signed] S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-08-18] (RealVNC Ltd) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-28] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-28] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-28] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-18] (AVAST Software) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-10-07] (ASUS Corporation) R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros) S3 cmnxusbser; C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device) S3 cpuz138; C:\Users\Phill\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-23] (CPUID) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2015-08-05] (DT Soft Ltd) U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2016-03-08] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [243712 2014-05-23] (QUALCOMM Incorporated) [File not signed] R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation) S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 14:06 - 2016-11-29 14:06 - 00000559 _____ C:\Users\Phill\Desktop\JRT.txt 2016-11-29 13:54 - 2016-11-29 13:58 - 00000000 ____D C:\AdwCleaner 2016-11-29 13:46 - 2016-11-29 13:46 - 01631928 _____ (Malwarebytes) C:\Users\Phill\Desktop\JRT.exe 2016-11-29 13:43 - 2016-11-29 13:44 - 03910208 _____ C:\Users\Phill\Desktop\adwcleaner_6.030.exe 2016-11-29 13:09 - 2016-11-29 14:08 - 00021137 _____ C:\Users\Phill\Desktop\FRST.txt 2016-11-29 13:09 - 2016-11-29 14:08 - 00000000 ____D C:\FRST 2016-11-29 13:08 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Downloads\FRST64 (1).exe 2016-11-29 13:07 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Desktop\FRST64.exe 2016-11-23 16:33 - 2016-11-23 16:33 - 00001148 _____ C:\Users\Phill\Desktop\Assassins Creed II.lnk 2016-11-23 16:33 - 2016-11-23 16:33 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Ubisoft 2016-11-23 16:27 - 2016-10-28 23:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-11-23 16:27 - 2016-10-28 23:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-23 13:54 - 2016-11-02 22:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-23 13:54 - 2016-11-02 22:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-23 13:54 - 2016-11-02 16:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-23 13:54 - 2016-11-02 16:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-23 13:54 - 2016-10-27 20:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-11-23 13:54 - 2016-10-27 20:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-23 13:54 - 2016-10-27 20:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-11-23 13:54 - 2016-10-27 20:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-23 13:54 - 2016-10-27 20:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-23 13:54 - 2016-10-27 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-23 13:54 - 2016-10-27 20:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-23 13:54 - 2016-10-27 20:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-23 13:54 - 2016-10-27 19:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-23 13:54 - 2016-10-27 19:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-11-23 13:54 - 2016-10-27 19:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-11-23 13:54 - 2016-10-27 19:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-11-23 13:54 - 2016-10-27 19:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-23 13:54 - 2016-10-27 19:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-23 13:54 - 2016-10-27 19:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-23 13:54 - 2016-10-27 18:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-23 13:54 - 2016-10-27 17:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-23 13:54 - 2016-10-25 16:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-23 13:54 - 2016-10-22 19:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-11-23 13:54 - 2016-10-22 19:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-11-23 13:54 - 2016-10-22 19:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-23 13:54 - 2016-10-22 19:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-11-23 13:54 - 2016-10-22 18:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-23 13:54 - 2016-10-22 18:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-23 13:54 - 2016-10-22 18:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-23 13:54 - 2016-10-22 18:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-23 13:54 - 2016-10-22 18:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-11-23 13:54 - 2016-10-22 18:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-23 13:54 - 2016-10-22 18:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-11-23 13:54 - 2016-10-22 18:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-23 13:54 - 2016-10-22 18:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-23 13:54 - 2016-10-12 10:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-23 13:54 - 2016-10-11 22:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 22:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 20:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-23 13:54 - 2016-10-11 19:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-23 13:54 - 2016-10-11 18:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 00:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-23 13:54 - 2016-10-09 01:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-11-23 13:54 - 2016-10-09 00:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-09 00:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-23 13:54 - 2016-10-09 00:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-11-23 13:54 - 2016-10-09 00:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-23 13:54 - 2016-10-09 00:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-11-23 13:54 - 2016-10-08 23:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-08 23:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-23 13:54 - 2016-10-04 22:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-23 13:54 - 2016-10-04 22:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-23 13:54 - 2016-09-10 00:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2016-11-23 13:54 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2016-11-23 13:54 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-11-23 13:54 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 15:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-23 13:54 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2016-11-23 13:54 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 19:18 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2016-11-23 13:54 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-11-23 13:54 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-11-23 13:54 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-11-23 13:54 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2016-11-23 13:54 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2016-11-23 13:54 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2016-11-23 13:54 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-23 13:54 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-11-23 13:54 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-11-23 13:54 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Users\Phill\AppData\LocalLow\uTorrent 2016-11-22 22:15 - 2016-11-22 22:15 - 00159585 _____ C:\Users\Phill\Downloads\Suits.S02.720p.HDTV.x264.torrent 2016-11-22 00:06 - 2016-11-22 00:06 - 00000761 _____ C:\Users\Phill\Desktop\Assassins Crеed Brotherhood.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00002202 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 SteamRIP.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 SteamRIP 2016-11-17 01:12 - 2016-11-23 16:33 - 00000000 ____D C:\ProgramData\Ubisoft 2016-11-17 00:25 - 2016-11-17 00:25 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\PunkBuster 2016-11-17 00:24 - 2016-11-17 00:24 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-11-17 00:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2016-11-16 22:17 - 2016-11-16 22:17 - 00274155 _____ C:\Users\Phill\Downloads\Assassins.Creed.Collection-BlackEcho.torrent 2016-11-16 00:44 - 2016-11-16 00:44 - 00000258 __RSH C:\Users\Phill\ntuser.pol 2016-11-15 17:06 - 2016-11-15 17:06 - 00001548 __RSH C:\ProgramData\ntuser.pol 2016-11-14 18:35 - 2016-09-22 15:55 - 00102690 ____R C:\Users\Phill\Desktop\suits.s01e01.720p.hdtv.x264-orenji.srt 2016-11-11 01:58 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 00:37 - 2016-11-11 00:37 - 00000898 _____ C:\Users\Phill\Desktop\Start CSGO No Internet.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000895 _____ C:\Users\Phill\Desktop\Counter-Strike Global Offensive.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive 2016-11-10 21:19 - 2016-11-10 21:19 - 00014805 _____ C:\Users\Phill\Downloads\Crazy.Stupid.Love.2011.720p.BluRay.x264.DTS-WiKi.torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (4).torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00012555 _____ C:\Users\Phill\Downloads\Counter-Strike Global Offensive v1.35.5.6 [Repack].torrent 2016-11-10 20:13 - 2016-11-10 20:13 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (3).torrent 2016-11-10 20:01 - 2016-11-10 20:01 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP (1).torrent 2016-11-10 19:58 - 2016-11-21 16:03 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP 2016-11-10 19:12 - 2016-11-10 19:12 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP.torrent 2016-11-06 21:59 - 2016-11-06 21:59 - 00012642 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.BDRip.x264-WAR.torrent 2016-11-06 21:56 - 2016-11-06 21:56 - 00021610 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.1080p.BluRay.x264-WARHD.torrent 2016-11-02 23:27 - 2016-11-02 23:27 - 00001007 _____ C:\Users\Public\Desktop\HiSuite.lnk 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\Documents\HiSuite 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2016-11-02 23:27 - 2016-05-25 12:53 - 02152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\AppData\Local\Hisuite 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Program Files (x86)\HiSuite 2016-10-30 21:24 - 2016-10-30 21:24 - 00023180 _____ C:\Users\Phill\Downloads\Beauty.and.the.Beast.Extended.Version.1991.1080p.BluRay.Bulgarian-PEPSi.mkv.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 14:08 - 2015-11-12 22:22 - 00000000 ___RD C:\Users\Phill\OneDrive 2016-11-29 14:03 - 2016-02-25 03:05 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2016-11-29 14:03 - 2015-11-16 20:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-29 14:02 - 2015-07-18 17:52 - 00000000 __SHD C:\Users\Phill\IntelGraphicsProfiles 2016-11-29 14:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-29 14:00 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-11-29 13:40 - 2015-08-05 03:06 - 01015296 ___SH C:\Users\Phill\Desktop\Thumbs.db 2016-11-29 13:32 - 2015-11-16 20:14 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-29 12:09 - 2015-08-05 00:49 - 00000000 ____D C:\Users\Phill\AppData\Local\CrashDumps 2016-11-29 00:25 - 2015-09-05 07:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\vlc 2016-11-24 21:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-11-23 21:56 - 2015-08-04 23:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3535237292-2376840269-2226161949-1000 2016-11-23 16:31 - 2015-08-05 02:04 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-23 16:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-11-23 16:25 - 2013-08-22 16:44 - 00337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-23 16:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-11-23 16:19 - 2015-08-05 05:27 - 00000000 ____D C:\Users\Phill\AppData\Roaming\uTorrent 2016-11-23 15:27 - 2015-08-04 23:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-23 14:24 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-23 14:02 - 2015-08-04 23:42 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-23 01:15 - 2014-11-21 09:38 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-23 00:53 - 2015-11-12 22:36 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Skype 2016-11-22 23:52 - 2015-11-12 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-22 23:52 - 2015-11-12 22:35 - 00000000 ____D C:\ProgramData\Skype 2016-11-16 00:44 - 2015-08-04 23:37 - 00000000 ____D C:\Users\Phill 2016-11-15 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-11-14 23:33 - 2015-08-05 01:37 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-11 01:58 - 2015-12-30 12:42 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-10 21:39 - 2015-08-05 03:18 - 00457216 ___SH C:\Users\Phill\Downloads\Thumbs.db 2016-11-10 20:00 - 2015-08-04 23:43 - 00000000 ____D C:\Users\Phill\AppData\Local\VirtualStore 2016-11-06 21:55 - 2015-08-05 00:57 - 00000000 ____D C:\Users\Phill\AppData\Local\Google 2016-11-02 23:45 - 2015-11-26 18:08 - 00000000 ____D C:\Temp ==================== Files in the root of some directories ======= 2015-10-08 02:56 - 2015-10-08 02:56 - 0007602 _____ () C:\Users\Phill\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\libeay32.dll C:\Users\Phill\AppData\Local\Temp\msvcr120.dll C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-11-24 21:43 ==================== End of FRST.txt ============================ Addition.txt
  11. Благодаря за бързата реакция, но не мога да изпълня първа стъпка. Не ми позволява да инсталирам нито една от двете програми, излиза ето този прозорец: И на двете програми излиза едно и също съобщение.
  12. Здравейте, от няколко дена имам проблем със адуеър, който не мога да открия от коя програма идва. Симптомите ги знаете, изкачат реклами, освен това в някои страници има думи, които са удебелени и препращат към друг сайт. Прикачвам скрийншот за да видите. Ето лога от frst: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2016 Ran by Phill (administrator) on ASUNATOR (29-11-2016 13:19:51) Running from C:\Users\Phill\Desktop Loaded Profiles: Phill (Available Profiles: Phill) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\ProgramData\GLOBUL Connection Manager\OnlineUpdate\ouc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe ("My Web Shield") C:\Program Files\My Web Shield\mweshield.exe ("My Web Shield") C:\Program Files\My Web Shield\mweshieldup.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-13] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Steam] => D:\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [uTorrent] => C:\Users\Phill\AppData\Roaming\uTorrent\uTorrent.exe [2145472 2016-11-22] (BitTorrent Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify Web Helper] => C:\Users\Phill\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Spotify] => C:\Users\Phill\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-08-08] (Spotify Ltd) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [RGSC] => D:\Games\Rockstar Games\GTA lV\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb638f9-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {0bb63905-2bd6-11e6-82a8-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {1521a98d-c92c-11e5-8289-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {251215bd-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121661-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {25121b17-bd5d-11e5-8283-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {395190d1-54da-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {413bd7d5-5951-11e5-8267-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7b5479d6-5743-11e6-82ad-40e23059e252} - "G:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64edde-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7d64f000-e191-11e5-8293-40e23059e252} - "G:\AutoRun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {7fa52f3f-5de7-11e5-8269-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9011868b-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {90118693-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {901186ac-9bb1-11e6-82b3-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9e783-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {93b9f31e-259c-11e6-82a8-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {9a843e16-8fc9-11e6-82b1-40e23059e252} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {af58f2ad-e7e8-11e5-8295-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b00206a9-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b0020723-3c0a-11e5-825d-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {b244836b-9abf-11e5-827c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {d4d39be5-1241-11e6-82a3-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {e2243fdb-3afa-11e5-8259-40e23059e252} - "F:\autorun.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd28198-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\...\MountPoints2: {ecd2889f-fd92-11e5-829c-40e23059e252} - "G:\Lenovo_Suite.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-28] (AVAST Software) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A78E9DE8-6EE8-49F6-B263-76182DBC8CD1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C2B264B5-2EB0-48D7-B271-33A5B8566016}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3535237292-2376840269-2226161949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-27] (Oracle Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-27] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=n12521-347&t=4","hxxp://www.mystartsearch.com/?type=hp&ts=1416439125&from=amt&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.delta-homes.com/?type=hp&ts=1419445398&from=wpm12233&uid=ST3320620AS_5QF190G5XXXX5QF190G5","hxxp://isearch.omiga-plus.com/?type=hp&ts=1419544132&from=obw&uid=SAMSUNGXHM160HC_S12TJD0S966470","hxxp://www.istartsurf.com/?type=hp&ts=1437087111&z=bc30721319c3a4577d4c330g1z6cam3e5b0maefzfz&from=obw&uid=ST1000LM024XHN-M101MBB_S32XJ9HFA06771" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default [2016-11-29] CHR Extension: (Adblock Plus) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-11-12] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (TunnelBear VPN) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2016-07-24] CHR Extension: (Chrome Media Router) - C:\Users\Phill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-28] (AVAST Software) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) S2 GLOBUL Connection Manager. RunOuc; C:\Program Files (x86)\GLOBUL Connection Manager\UpdateDog\ouc.exe [655712 2016-03-08] () R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 mweshield; C:\Program Files\My Web Shield\mweshield.exe [931640 2016-08-31] ("My Web Shield") <==== ATTENTION R2 mweshieldup; C:\Program Files\My Web Shield\mweshieldup.exe [348472 2016-08-31] ("My Web Shield") <==== ATTENTION R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2016-11-17] () S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [File not signed] S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-08-18] (RealVNC Ltd) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-28] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-28] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-28] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-28] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-28] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-18] (AVAST Software) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-10-07] (ASUS Corporation) R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros) S3 cmnxusbser; C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device) S3 cpuz138; C:\Users\Phill\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-23] (CPUID) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2015-08-05] (DT Soft Ltd) U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2016-03-08] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R1 mwescontroller; C:\WINDOWS\system32\drivers\mwescontroller.sys [57680 2016-08-31] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [243712 2014-05-23] (QUALCOMM Incorporated) [File not signed] R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [827096 2015-03-12] (Realsil Semiconductor Corporation) S3 tap-tb-0901; C:\WINDOWS\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-10-02] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 13:09 - 2016-11-29 13:20 - 00022435 _____ C:\Users\Phill\Desktop\FRST.txt 2016-11-29 13:09 - 2016-11-29 13:19 - 00000000 ____D C:\FRST 2016-11-29 13:08 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Downloads\FRST64 (1).exe 2016-11-29 13:07 - 2016-11-29 13:08 - 02411520 _____ (Farbar) C:\Users\Phill\Desktop\FRST64.exe 2016-11-23 16:33 - 2016-11-23 16:33 - 00001148 _____ C:\Users\Phill\Desktop\Assassins Creed II.lnk 2016-11-23 16:33 - 2016-11-23 16:33 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Ubisoft 2016-11-23 16:27 - 2016-10-28 23:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-11-23 16:27 - 2016-10-28 23:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-23 13:54 - 2016-11-02 22:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-23 13:54 - 2016-11-02 22:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-23 13:54 - 2016-11-02 16:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-23 13:54 - 2016-11-02 16:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-23 13:54 - 2016-10-27 20:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-11-23 13:54 - 2016-10-27 20:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-23 13:54 - 2016-10-27 20:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-11-23 13:54 - 2016-10-27 20:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-23 13:54 - 2016-10-27 20:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-23 13:54 - 2016-10-27 20:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-23 13:54 - 2016-10-27 20:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-23 13:54 - 2016-10-27 20:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-23 13:54 - 2016-10-27 19:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-23 13:54 - 2016-10-27 19:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-11-23 13:54 - 2016-10-27 19:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-11-23 13:54 - 2016-10-27 19:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-11-23 13:54 - 2016-10-27 19:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-11-23 13:54 - 2016-10-27 19:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-23 13:54 - 2016-10-27 19:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-23 13:54 - 2016-10-27 19:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-23 13:54 - 2016-10-27 18:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-23 13:54 - 2016-10-27 17:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-23 13:54 - 2016-10-25 16:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-23 13:54 - 2016-10-22 19:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-11-23 13:54 - 2016-10-22 19:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-11-23 13:54 - 2016-10-22 19:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-23 13:54 - 2016-10-22 19:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-11-23 13:54 - 2016-10-22 18:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-23 13:54 - 2016-10-22 18:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-23 13:54 - 2016-10-22 18:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-23 13:54 - 2016-10-22 18:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-23 13:54 - 2016-10-22 18:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-11-23 13:54 - 2016-10-22 18:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-11-23 13:54 - 2016-10-22 18:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-23 13:54 - 2016-10-22 18:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-11-23 13:54 - 2016-10-22 18:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-23 13:54 - 2016-10-22 18:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-23 13:54 - 2016-10-22 18:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-23 13:54 - 2016-10-13 21:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-23 13:54 - 2016-10-12 10:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-23 13:54 - 2016-10-11 22:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 22:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-23 13:54 - 2016-10-11 20:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-23 13:54 - 2016-10-11 19:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-23 13:54 - 2016-10-11 18:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 23:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-23 13:54 - 2016-10-10 00:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-23 13:54 - 2016-10-09 01:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-11-23 13:54 - 2016-10-09 00:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-09 00:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-23 13:54 - 2016-10-09 00:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-11-23 13:54 - 2016-10-09 00:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-23 13:54 - 2016-10-09 00:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-11-23 13:54 - 2016-10-08 23:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-23 13:54 - 2016-10-08 23:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-23 13:54 - 2016-10-08 03:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-23 13:54 - 2016-10-04 22:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-23 13:54 - 2016-10-04 22:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-23 13:54 - 2016-10-04 22:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-23 13:54 - 2016-09-10 00:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2016-11-23 13:54 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2016-11-23 13:54 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2016-11-23 13:54 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-11-23 13:54 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-11-23 13:54 - 2016-09-09 15:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-23 13:54 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2016-11-23 13:54 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2016-11-23 13:54 - 2016-09-03 19:18 - 00825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2016-11-23 13:54 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-11-23 13:54 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-11-23 13:54 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-11-23 13:54 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2016-11-23 13:54 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2016-11-23 13:54 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2016-11-23 13:54 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2016-11-23 13:54 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-23 13:54 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-11-23 13:54 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-11-23 13:54 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-11-23 13:54 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-11-23 13:54 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2016-11-22 22:16 - 2016-11-22 22:16 - 00000000 ____D C:\Users\Phill\AppData\LocalLow\uTorrent 2016-11-22 22:15 - 2016-11-22 22:15 - 00159585 _____ C:\Users\Phill\Downloads\Suits.S02.720p.HDTV.x264.torrent 2016-11-22 00:06 - 2016-11-22 00:06 - 00000761 _____ C:\Users\Phill\Desktop\Assassins Crеed Brotherhood.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00002202 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 SteamRIP.lnk 2016-11-21 15:56 - 2016-11-21 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 SteamRIP 2016-11-17 01:12 - 2016-11-23 16:33 - 00000000 ____D C:\ProgramData\Ubisoft 2016-11-17 00:25 - 2016-11-17 00:25 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-11-17 00:25 - 2016-11-17 00:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\PunkBuster 2016-11-17 00:24 - 2016-11-17 00:24 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-11-17 00:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-11-17 00:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2016-11-16 22:17 - 2016-11-16 22:17 - 00274155 _____ C:\Users\Phill\Downloads\Assassins.Creed.Collection-BlackEcho.torrent 2016-11-16 00:44 - 2016-11-16 00:44 - 00000258 __RSH C:\Users\Phill\ntuser.pol 2016-11-15 17:06 - 2016-11-15 17:07 - 00000000 ____D C:\Program Files\My Web Shield 2016-11-15 17:06 - 2016-11-15 17:06 - 00001548 __RSH C:\ProgramData\ntuser.pol 2016-11-15 17:06 - 2016-08-31 16:00 - 00057680 _____ C:\WINDOWS\system32\Drivers\mwescontroller.sys 2016-11-14 18:35 - 2016-09-22 15:55 - 00102690 ____R C:\Users\Phill\Desktop\suits.s01e01.720p.hdtv.x264-orenji.srt 2016-11-11 01:58 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-11-11 01:58 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-11-11 00:37 - 2016-11-11 00:37 - 00000898 _____ C:\Users\Phill\Desktop\Start CSGO No Internet.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000895 _____ C:\Users\Phill\Desktop\Counter-Strike Global Offensive.lnk 2016-11-11 00:37 - 2016-11-11 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive 2016-11-10 21:19 - 2016-11-10 21:19 - 00014805 _____ C:\Users\Phill\Downloads\Crazy.Stupid.Love.2011.720p.BluRay.x264.DTS-WiKi.torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (4).torrent 2016-11-10 20:16 - 2016-11-10 20:16 - 00012555 _____ C:\Users\Phill\Downloads\Counter-Strike Global Offensive v1.35.5.6 [Repack].torrent 2016-11-10 20:13 - 2016-11-10 20:13 - 00013713 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 Mega Edition (3).torrent 2016-11-10 20:01 - 2016-11-10 20:01 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP (1).torrent 2016-11-10 19:58 - 2016-11-21 16:03 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 SteamRIP 2016-11-10 19:12 - 2016-11-10 19:12 - 00013693 _____ C:\Users\Phill\Downloads\Counter-Strike 1.6 SteamRIP.torrent 2016-11-06 21:59 - 2016-11-06 21:59 - 00012642 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.BDRip.x264-WAR.torrent 2016-11-06 21:56 - 2016-11-06 21:56 - 00021610 _____ C:\Users\Phill\Downloads\Dirty.Dancing.1987.1080p.BluRay.x264-WARHD.torrent 2016-11-02 23:27 - 2016-11-02 23:27 - 00001007 _____ C:\Users\Public\Desktop\HiSuite.lnk 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\Documents\HiSuite 2016-11-02 23:27 - 2016-11-02 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2016-11-02 23:27 - 2016-05-25 12:53 - 02152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll 2016-11-02 23:27 - 2016-05-25 12:53 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-11-02 23:27 - 2016-05-25 12:53 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Users\Phill\AppData\Local\Hisuite 2016-11-02 23:26 - 2016-11-02 23:27 - 00000000 ____D C:\Program Files (x86)\HiSuite 2016-10-30 21:24 - 2016-10-30 21:24 - 00023180 _____ C:\Users\Phill\Downloads\Beauty.and.the.Beast.Extended.Version.1991.1080p.BluRay.Bulgarian-PEPSi.mkv.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-29 13:14 - 2015-08-05 03:06 - 01007104 ___SH C:\Users\Phill\Desktop\Thumbs.db 2016-11-29 12:32 - 2015-11-16 20:14 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-29 12:09 - 2015-08-05 00:49 - 00000000 ____D C:\Users\Phill\AppData\Local\CrashDumps 2016-11-29 09:59 - 2016-02-25 03:05 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2016-11-29 09:59 - 2015-11-16 20:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-29 09:59 - 2015-11-12 22:22 - 00000000 ____D C:\Users\Phill\OneDrive 2016-11-29 09:58 - 2015-07-18 17:52 - 00000000 __SHD C:\Users\Phill\IntelGraphicsProfiles 2016-11-29 00:25 - 2015-09-05 07:25 - 00000000 ____D C:\Users\Phill\AppData\Roaming\vlc 2016-11-24 21:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-11-23 21:56 - 2015-08-04 23:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3535237292-2376840269-2226161949-1000 2016-11-23 16:31 - 2015-08-05 02:04 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-23 16:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-11-23 16:25 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-23 16:25 - 2013-08-22 16:44 - 00337808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-23 16:23 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-11-23 16:20 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-11-23 16:19 - 2015-08-05 05:27 - 00000000 ____D C:\Users\Phill\AppData\Roaming\uTorrent 2016-11-23 15:27 - 2015-08-04 23:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-23 14:24 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-23 14:02 - 2015-08-04 23:42 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-23 01:15 - 2014-11-21 09:38 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-23 00:53 - 2015-11-12 22:36 - 00000000 ____D C:\Users\Phill\AppData\Roaming\Skype 2016-11-22 23:52 - 2015-11-12 22:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-11-22 23:52 - 2015-11-12 22:35 - 00000000 ____D C:\ProgramData\Skype 2016-11-16 00:44 - 2015-08-04 23:37 - 00000000 ____D C:\Users\Phill 2016-11-15 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-11-14 23:33 - 2015-08-05 01:37 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-11 01:58 - 2015-12-30 12:42 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-10 21:39 - 2015-08-05 03:18 - 00457216 ___SH C:\Users\Phill\Downloads\Thumbs.db 2016-11-10 20:00 - 2015-08-04 23:43 - 00000000 ____D C:\Users\Phill\AppData\Local\VirtualStore 2016-11-06 21:55 - 2015-08-05 00:57 - 00000000 ____D C:\Users\Phill\AppData\Local\Google 2016-11-02 23:45 - 2015-11-26 18:08 - 00000000 ____D C:\Temp ==================== Files in the root of some directories ======= 2015-10-08 02:56 - 2015-10-08 02:56 - 0007602 _____ () C:\Users\Phill\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Phill\AppData\Local\Temp\AutoRun.exe C:\Users\Phill\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Phill\AppData\Local\Temp\CH.dll C:\Users\Phill\AppData\Local\Temp\drm_dialogs.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7340014.dll C:\Users\Phill\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Phill\AppData\Local\Temp\EAInstall.dll C:\Users\Phill\AppData\Local\Temp\eauninstall.exe C:\Users\Phill\AppData\Local\Temp\Gw2.exe C:\Users\Phill\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Phill\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Phill\AppData\Local\Temp\Need for Speed Carbon_uninst.exe C:\Users\Phill\AppData\Local\Temp\Nexus Mod Manager-0.61.15.exe C:\Users\Phill\AppData\Local\Temp\pylE938.tmp.exe C:\Users\Phill\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Phill\AppData\Local\Temp\sqlite3.dll C:\Users\Phill\AppData\Local\Temp\vcredist_x64.exe C:\Users\Phill\AppData\Local\Temp\vcredist_x86.exe C:\Users\Phill\AppData\Local\Temp\_is4B86.exe C:\Users\Phill\AppData\Local\Temp\_isA1BD.exe C:\Users\Phill\AppData\Local\Temp\_isA6D8.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-11-24 21:43 ==================== End of FRST.txt ============================ Благодаря за отделеното време. Addition.txt Едит: Mywebshield очевидно е адуеъра... Нямам такава инсталирана програма в листа с програми обаче.
  13. Collins

    Зависимост от МАРИХУАНА

    Като за начало, опитай се да преодолееш тази депресия сам, прояви воля, смени песните, които слушаш постоянно спри да пушиш трева, излизай с приятели които не пушат Преди 3 години и аз си пафках трева, но просто в един момент осъзнах, че това това е абсолютно излишен разход и човек може да си направи кефа и без да е напушен или пиян, или под въздействието на психотропни вещества... Шизофренията си я избий от главата, но ако наистина горните съвети не ти помогнат и продължаваш с тази паника и изолиране от останалия свят, може и наистина да си започнал да развиваш параноидна шизофрения (от честата употреба на тревата). В този случай задължително посети психолог, който ще ти помогне повече от всеки един съфорумец тук Успех!
  14. Collins

    Проблем с влизането в Google Play

    Обясни процеса на преинсталация, през който си преминал
  15. Брускети с песто от рукола и сурово телешко бонфиле
  16. Малко по-подробна информация? Проца какъв е? Модела на видеото? Или направо ми дай линк
  17. Питка Лучник или зелник?
  18. Сетих се за Луи Дьо Фюнес, айде подайте кълката Пилешка или пуешка?
  19. Коледа Ред Бул или Шарк?
  20. Среден-пухкав Рейнбоу или Хелоуин?
  21. Боби Турбото с трите синджира... Я кажете - цици или гъз?
  22. Брус Уилис Кафе или чай?
  23. Казах, че питам за обща култура и защото ми се иска да експериментирам, за игри дори не си го мисля имам си и компютър и конзола за тази работа
  24. Четох в друг форум, че на таблети със ARM базирани процесори, може да се инсталира RT версия на уиндоус, така че предполагам RT версия. Acer Iconia A1 810, за този четох, че не може да се инсталира уиндоус, но въпроса ми е за обща култура... естествено ако има някакъв начин да инсталирам на този таб уиндоус, ще експериментирам
  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване