Премини към съдържанието

Дъст Массакре

Потребител
  • Публикации

    15
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за Дъст Массакре

  • Титла
    Потребител
  1. Дъст Массакре

    Инфектирани браузъри

    Това е "зоека" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bonjour Service deleted successfully ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [14.04.2013 Ј. 17:30] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "DSE"="true" [] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339 - ABV Notifier - %ProfilePath%\extensions\abvnotifier@netinfo.bg.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat C2D756C95D5AE3D030E7D394B9C771B9 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin A06C5E4980D2B235B510E3EBB6183446 - C:\Program Files\Google\Update\1.3.28.17\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin F114FBA6246530B89DD1E04351E0EAC5 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-us" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-us" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{793940E2-D8CE-4707-9D01-B3EFF05F249F} - http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=71 folders=51 12245247 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Administrator\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\UpdatusUser\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on 02.12.2015 Ј. at 19:47:38,68 ======================
  2. Дъст Массакре

    Инфектирани браузъри

    Наистина в диск Ц го има: Zoek.exe v5.0.0.1 Updated 28-November-2015 Tool run by Administrator on 29.11.2015 Ј. at 20:27:06,71. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Administrator\My Documents\И·тµі»яЅёя\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 29.11.2015 г. 20:28:12 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\FreeTime deleted successfully C:\Program Files\GRETECH deleted successfully C:\Program Files\Winamp deleted successfully C:\Documents and Settings\Administrator\Start Menu\Programs\Counter-Strike 1.6 deleted successfully C:\Documents and Settings\Administrator\Start Menu\Programs\CS-RELOAD Final Edition deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\cache deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Unity deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files deleted successfully
  3. Дъст Массакре

    Инфектирани браузъри

    http://www.bergdorfgoodman.com/error.jsp Този адрес ми се появява като търся мобиле или олх, никаква промяна. Като пусна ZOEK програмата работи 15-20 мин но после няма лог файл никъде. Не знам на какво се дължи. Ето лога на ZHPCleaner ~ ZHPCleaner v2015.11.28.386 by Nicolas Coolman (2015/11/28) ~ Run by Administrator (Administrator) (29/11/2015 20:20:50) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Documents and Settings\Administrator\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (19) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (191) FOUND folder: C:\WINDOWS\Installer\MSI10.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI11.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI12.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI13.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI14.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI15.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI15.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI16.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI16.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI16.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI17.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI18.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI19.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1B.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1D.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1D.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1E.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1F.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1F.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI1.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI20.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI20.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI21.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI21.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI21.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI22.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI22.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI22.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI22.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI23.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI23.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI23.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI23.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI24.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI24.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI24.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI24.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI25.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI25.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI25.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI26.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI26.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI27.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI27.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI27.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI28.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI28.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI28.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI28.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI29.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI29.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI29.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2A.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2A.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2A.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2A.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2B.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2B.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2C.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2C.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2C.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2C.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2D.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2D.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2D.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2D.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2E.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2E.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2E.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2F.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI2F.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI30.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI30.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI30.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI31.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI31.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI31.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI31.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI32.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI32.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI32.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI32.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI33.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI33.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI33.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI34.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI34.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI34.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI35.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI35.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI35.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI35.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI36.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI36.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI36.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI36.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI37.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI39.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI39.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3A.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3A.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3A.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3B.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3B.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3C.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3C.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3C.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3C.tmp-2 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3D.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3D.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3E.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI3.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI42.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI42.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI43.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI43.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI44.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI44.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI44.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI45.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI46.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI46.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI47.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI47.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI47.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI48.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI48.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI49.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI49.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4A.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4A.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4A.tmp-1 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4B.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4C.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4C.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4D.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI4D.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI51.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI51.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI52.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI52.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI53.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI54.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI54.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI55.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI55.tmp-0 =>Empty FOUND folder: C:\WINDOWS\Installer\MSI58.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI5A.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI5B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI5F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI60.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI61.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI63.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI65.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI67.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI68.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI69.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6A.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6B.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6C.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6D.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6E.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI6F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI73.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI8F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI90.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI91.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI96.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSI9F.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIA0.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIA2.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIA3.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIAA.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIAC.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIAE.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB0.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB2.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB3.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB4.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB5.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIB9.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIBA.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIBB.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIBC.tmp- =>Empty FOUND folder: C:\WINDOWS\Installer\MSIF.tmp- =>Empty ---\\ Registry ( Key, Value, Data) (259) FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{106F264-266E-45DE-8416-93E61BBA4C97} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{107261FD-7D1F-4151-B2A8-83827448E88F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10A4F44-911-4DED-9A76-1134396C52A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{111E2F3D-4C9F-46E4-8269-F888C50D67F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15419791-9E58-4903-B90-6B1BB0FCE0A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1603D237-1DB9-48C9-8B43-A41A849E08} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{169BBC45-2D7C-44DC-A54-9B5892C7EF30} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EEC039-8F7E-478F-901-207B4A7182C6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17D6D831-58BD-4D65-BC78-9E799CDA529C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18DD9B46-8C8F-4807-B732-A7E942F4171} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A7A54DE-4554-44DC-9AC9-1C5B3EA78689} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AFE4398-867-4B06-A85E-CA1CAC5A66} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5E1B76-2C1F-4727-A841-21624352D7D3} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B68EA0B-9D54-47CB-B668-17E886F8569A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BA7F097-605F-4B9D-BA6E-12B4CD4FC1F9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D2B3A6B-DEE9-45F9-9DF0-1C4010F3872F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E18E071-B202-4293-8275-21B8F91F4AF6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21D717B5-BCFD-449F-A084-49A88D6E68F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22931BB1-31F0-4891-B52D-20C04476F0AC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23622BA8-358C-4F91-93BD-45276DC67} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2477B2E8-DBB-4382-B697-93A5F6E35BAC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2634A939-C2B3-4EF8-A7C4-8EFD3EB9C3D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26BE57F8-18EF-48DE-BF56-4B793139C699} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6BCE05-7D24-468C-9C52-929AF03A36A8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6C64E4-4147-4278-836D-E29DAEA50DA} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E0B248C-55CE-43C7-A29C-135F79C045F4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E66B30D-D524-4518-83E4-559D3D3F6A1C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F057323-6F92-48EE-A81C-954A8377AF9E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F15FA86-8A6D-4351-B1F0-8DF1FCF4D18D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F290E8B-A77A-4CEF-AC60-F126949B1746} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{303EE477-B3A3-4C91-A6EE-AD216629691} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32A1E159-7220-4C60-927E-A3A13C9E7AF3} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{330683EB-191E-42E3-9DA9-614EC84E65C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{337FB243-D57C-4490-89CD-AD8D77C1F99E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33D9FF6F-F545-46AC-86BA-65DD5EC0130} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33E1EBE-FEBD-4241-B549-DD13F219E23} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37A42D1C-8D1B-4024-9FB0-DCF7725D7C1C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39C38652-80F4-4749-9253-71831D260ED} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A563251-B7B5-4D43-82DC-2A22A341F7DA} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C15C072-4156-41EA-A4C1-AD5E30FA8A1D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CA403FB-9837-47AA-953-548EFD986FC8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CC8CBD9-5AE2-4788-80D4-FBC63D28ED3F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CCAE6ED-15A0-4795-9425-966F92713EA} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F291123-8228-421A-91AB-C4AD4B78EF9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40B17647-3E3F-46A7-B3FF-7C274D96380} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4158AA16-3B32-446E-80B4-70A1232AF28C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4258386A-5112-4F5B-B7D4-1A2EF279E915} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42CF39FD-9FE4-4F62-BBD5-5BB47A62C12} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4420158F-DB5E-4B18-89F3-5AEA393642AE} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D5CD03-D1EA-4394-AF54-5216C4F9A6B6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45E08F50-76B1-4904-B17A-B7C873A73038} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47EAD1C-54B1-4976-9A11-73BDDD1840B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{480A4805-54A1-459A-8CEB-FF26DEA289} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48201ABF-F33A-4178-BC5A-492515FF67} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48515818-842C-4E9B-BF71-7729AC3B39E0} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48E4DFB6-FFE7-469B-863E-BFBEB3285ED} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A812CDB-43B-40B5-96C0-1C63429C2B3B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B181623-79A0-4390-AB74-A09D597F466F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BACF48D-159C-47A2-914B-58538CC39DD} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CCAF36F-6462-422D-8E9D-7335CFAEE6B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E0100FB-762A-44CB-89F-75DF18D3DF4A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ECCDF3D-B809-4A76-8FCE-DA989A84D05E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F3FE277-1BB-4855-8CA8-A5B4EF1A442} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F50CF91-3C2F-4FDD-AC72-BDA3A8FD77F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53097AD1-D03F-4EEB-BD2C-36DED9E4C32A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5310D152-AD55-494D-878F-C86BFA4F1314} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{534909C9-5CB7-417A-9E1A-7651CE1AFB11} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{544E645A-3EE1-43C3-BB45-BB20FA8DE71} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5468BD20-3031-49CD-B91A-D17CA2545D5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{551037B0-2AF6-4871-8354-2F48B5C327F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{565470A0-801-4EA3-8446-7A4A314C51A2} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{565E0339-ACC1-4BAD-A7ED-D18D34D1C9E5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{571ACB2A-18DB-46D1-BEB0-C824D735A50} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5761FB18-CC24-4566-A055-5C351D52BC7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57FB0CE4-9F72-4C55-8378-7E8595CA234D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5826D27C-5997-4F77-9B74-CCF1A38C7238} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A1CA5AB-5D89-45F8-874-2B37477BF912} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D7C87D3-4CE1-4BED-81D3-35F8B9FD9B8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EF11450-FAC0-4B67-AF3A-CE1EEF49FB6F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F8D4196-1263-4101-80E2-E07920C33B4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{601497E3-C2FA-4E0A-B44F-22BA3B8979D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60A2DB8B-2969-45BF-AFA6-6E5B8A305047} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60C7482-25D3-4B09-BF65-B6E7E5F81F4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60C883A0-E5D2-48B3-9A19-A91F4A3BA4E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63D181D9-3C09-4410-A03C-36241B990DD} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64D25E6D-62D8-4592-BE38-806C853412} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64E14AF2-7688-436F-8A9C-C81FA42C5D2D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64EEB96A-9B60-4D60-86E7-B1692CEF65B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6668F43-336F-4B6D-A1C5-635795F65C3A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{683CF69-649C-4CAB-B6A4-FE1D22C37C1} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{686B663C-FEA0-45F9-826A-2E388FE3EA21} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A61E783-B0E3-4EE9-8AB2-997D84CF9167} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BEC60CB-5223-41A4-A54D-3CC9BFDCEB8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C06D71F-6B14-4276-82E6-3D36AA4FC66E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E95AD5A-5C9C-4F46-940-DFF73037F74B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ED527D6-88AD-44D7-B1A9-CB1D15274D18} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EED7C4C-E097-4F32-85D0-C2943036D7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{710B222D-990B-420D-847D-2222595AD454} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72351097-2C3A-4535-B357-99B61FF7483D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7254A413-8880-4395-BD21-12C377997FBF} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A4A093-D6DB-42DE-BD3C-A81E5EBA937C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72D9E7C1-4EB1-49FE-B667-A9F239BE943C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73098A62-D071-4473-86AB-1580A5A010E4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734B8051-E9F7-4EF3-8339-ED4A4A57625} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7361C02A-D3F3-43D2-B180-635CFD3349A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74AFEAAB-6D1F-4D47-A2C3-3C4E7AFB2E2A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74DA0B82-DAEA-4833-B714-5F88866D87EE} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77A755DC-EE93-43D7-96AA-70852FA1C7AC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{789CCE85-4C58-4FB9-8A9F-26CF5DFB36D9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7984AA6E-DB2B-4244-AED5-856F566C3A1} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BEBEB76-A6DB-459B-8C25-4563DD40DF7F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C66C027-4C56-4287-AFA3-DEB34649FCA4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81D9A19E-489F-477D-B1BA-D993D89DEBE9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{820375BD-5C25-4A46-A3B8-62D83314D3F5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8256E46-E6F6-404D-B7F-2A3AB9E8652B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{839DB0FA-9B84-4B01-BFD4-6CFF01FFFA9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86EE1FFB-D468-4FE9-9DBA-D5DB541C7142} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8843ECF3-8337-467E-9638-1ADD50CE4AC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88641E03-88BF-41BD-A072-D798A991E878} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89C621ED-856-470C-8F11-B3A66AE716B2} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B4B4CF7-1265-439C-A325-FE17CD57F36B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BE3A5A0-D484-432C-919-54FF737CBB1F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D1579A9-B99A-4831-905F-F78CC39323} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D274C8E-E3E5-46F9-BD95-752486588} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E2D12B2-BBE2-4B57-8834-E57FAA67236} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9013D003-9727-411B-9C31-CA4731C24EB8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92A45A31-5F9E-46DF-A663-799FBE7E135E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92BB0B6D-D536-4CC8-AB2B-3ED1DF582C1} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{935D6F1B-7697-4FF2-8B3D-B3BDCC8BA3D7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9547DEFB-5CED-4EA1-A19A-DDC5C07A71} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{957DEFD3-9027-4E8D-BE47-49376954263} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96403A4B-D3CC-4248-A25C-25429FACE629} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{977D3D7-5B0A-4C63-8634-ED51D5B9647B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97F04D10-AE42-470A-8649-5B3E7BC05CA3} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{982616B3-F023-4599-9D9B-158F79D8E58} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A69B6FD-64A4-4D2E-A0DC-2251ED282E1} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AD61B7B-2434-4E86-AC4B-4243DA3EF58D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BD80FCB-6EA3-4084-B7E1-C847952FAD5B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BE19489-B7AF-40ED-9842-9FB21E2C294F} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E50F2D6-50A3-4208-A7B3-4664C6C83D8B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F35B2EF-4B99-465D-9520-F604ECE1B12} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F4CA450-5725-40BA-9FBC-7CD24AFC16FF} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1D6E3FF-CA41-44C9-9B2D-FD94AEB3C3BE} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2860810-A1A5-409C-87E4-E79DC84A6691} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3233BF1-DDDB-40AB-8B4C-86EB23701111} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A54E6ACA-E8C2-476D-AE14-B087441B93E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A574C179-EC2D-455F-A257-6D21DEFB89BC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A798913D-B545-4FA2-8913-E9552355D5D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A863D431-10E5-4144-A076-9C74C0861399} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A993FCB8-DFFD-45EB-89B9-7FA4FCB2CD15} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA5E5072-426B-4771-AE89-6BC0B58BCA76} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA88B842-9444-44D8-AC4E-3BF954A59890} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AADCCA46-9DB3-4ADC-857E-E8EAE6CEA2CF} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD05F9BF-E834-4B2F-B7B5-E342B7C7CEA6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADE26C23-35C5-410C-96F6-419E3E0B241} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADEF5AA3-7D5B-40E1-80BD-69BFCDA9A5D6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE46CB7B-A808-440B-96D-BACCD9E0FF} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEF93A45-D89-438C-98AC-161C12A8DF16} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF170220-685E-4112-96E4-76DF8670F63} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF948DCA-5C02-45FB-9521-D5E8F01A976} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B12681EF-5A31-4986-B3A7-75CE5F2EA9A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1BD1B24-F300-421D-A81A-4110E56A66C9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B279ABF6-F596-475F-AFBF-C89BEB94878} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B287E109-1E24-4466-A433-6BE390F2A72} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D86615-288A-4F75-BEE7-A15919A8595} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3EFE6F1-6B84-49DA-8DEC-C062174942B4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B41D2A80-90F7-46CB-A5BF-374ADB5C6518} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B65F3980-6657-49A8-A127-2B3DE3DE397} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6BC28C4-CFD3-4572-A0E4-C54C77174395} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8A5A5C4-3C40-4185-8937-8AEE74B9F2D6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B93CB239-8E2F-474C-B27F-C88D40AC50F4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA7A46-8EA7-4423-AF9-989DB9C93024} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBF39DF9-8288-42F9-A5A2-3AE7C8775F33} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC49E77A-798A-4807-A4C3-1C2D33228FE0} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD5E4C38-5364-4061-8A99-62A15390B580} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEBB9DC3-9F44-4E30-A00-248278412169} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEF0BC5E-AA51-487B-B5D1-58C0A33046BB} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF0B9693-49C0-49B2-9C8B-9BBA96C2FD4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF660C1B-21DC-44C0-A54F-2755635ECF8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C378331E-2D8-40AA-8376-F6AF2AF04542} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5862F00-C473-4C9C-AB41-CDFA4A30C77C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C59D8D0D-FCBB-436B-8780-B8364404436} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C646B052-83C8-4FA2-B64D-BE5969B2394} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C712C800-C7B7-48B3-9841-47E9FC4EBEDA} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA125AE6-B5F2-4A95-ABF0-F56F1DDBB8F3} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA2AADDB-9413-4188-ADC5-ADC1A1444A7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB2A22B-95EC-4732-9340-093308D253A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCEED6D8-6203-4E40-9218-167742569715} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD88197F-B5FB-4F0F-B15-82B2A0E43772} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEE22A0B-2001-40B4-BB40-BDA2D8E1B7DB} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA65D25-98C7-438D-BEC6-F7BD2EFF3C25} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D12DA1EA-452E-43BE-8163-33C9C89ADD5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D31FC22D-2A0E-4C8E-A372-E991CFAF4EC4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D339EE31-A990-46C4-9692-2494BE7C9393} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5087FB6-47EA-486C-AC54-FE66C8FAC1C9} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FA1143-B3E1-457B-8442-725B9C86E010} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7F40D3F-7E8-4AF5-9763-F47077CE249E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7F4EF74-8C5F-4FDD-817D-9B42A85F4066} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8366E23-39CC-4741-A56F-221387B9E265} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D88DCDA6-A457-4E70-ACFE-549E961185B8} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8C43A6A-806D-408C-9272-F3706D7DDF14} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D92D4922-F195-48CD-A54A-4A70A3D4A1F5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9A48612-E497-4C1B-B0B9-BFFE8FD426A5} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB02116B-C893-4756-A4D0-9017902EA4EC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBCE0F63-DCEC-4ACC-9A81-5DECA9744254} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC9CFEFA-F338-44E4-9D7E-7E346A23E8E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCD9E624-D646-4594-8A3B-792FF3D9017} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDA66ECC-1C64-4BC7-A94A-B2338E5AE485} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEEC249-F741-4960-9990-A3FB25BCF65A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF31FE62-2E08-4669-AD94-D9811584CBF6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF613B7D-1DB1-4AB8-BEB3-F32DE1F5769} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0E9D07E-B9CF-4026-92BA-5D4D82117D65} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E105FB18-BBAE-4F48-B4E5-123B7ED365AD} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E10A1FE0-344C-4625-ADA0-DAFDCE58FA7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E21224EA-F44E-4962-92AF-1C39D82C6FDB} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E23BDE77-2822-4837-BD7D-61FE77A9DE60} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2D48A0E-B299-4BDD-9570-6FA93FEFBDC0} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E50907AE-5605-4A34-A0DE-CF496DBFF8A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5B8ECED-9976-4614-BD32-51201DE87F22} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5DD27C2-5872-48DC-872-5BE945577EFF} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E60C09F1-98C2-434B-9920-D0F0728C72D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6996E05-53EC-482D-BFB9-412673C4EF34} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E898C90C-D234-4332-99CF-26606B227C67} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E957335-7861-4DC0-87B7-6862F23F914} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA1E28E6-6EA4-40CE-9B5B-58AE7D48E1BE} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC0A530-D49F-4B51-93D0-DE7C68A2855} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC98B02-77E6-4B2E-8FAD-68E152CED62A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECCAAA6D-E11F-4CEA-A196-8FBB3960AF84} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED546D66-F1AB-497A-A213-EE4A7E0AABC} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDAA053-BD2-4C43-BC47-8796EC6DB851} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0958DB-20BF-4DD2-9857-9B99534BA739} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE89C4DD-507F-4F0D-B31-C68EB64E1FD} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F134BEA5-78CF-4159-804F-9B2B364FD1B7} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F259E120-D24E-419F-9B23-4E51941FCF3E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2F4EE2A-A356-4924-8117-214A10A8BAC4} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2F9F6B0-28A1-43DF-90EA-4AB495A6C564} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F37EC315-CA85-45B6-A72B-9FD771C558B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3947CEF-D33E-4CBD-AB35-8BB51A7B9744} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3B0F689-508D-4C1A-A0AE-C6E51C5C4C4E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4824A75-1148-4AAB-887-ECDA2FA72D75} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F586D8FB-F7B4-4C4E-A142-3F9929DA41C1} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5B4EF0B-E32-417C-89A8-7A491BC4A25E} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5E1C084-F6C7-4F9F-AED4-A657FEBD34D2} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F76D4F18-7F37-42F3-9D52-BA6B6C23303B} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8221F1F-AC57-4D25-A077-6136B9F9920} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9F2F6FE-2CC1-4644-B3FF-18A71FC48B7A} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB2D5F80-8FB0-467D-B47A-4F8258884F87} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBB801E5-C27D-43F5-BBB-3081712D87F6} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC17389A-7404-45C6-80E3-A965967481FE} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE2C06F0-2973-4899-AE8-69501C955C2C} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF034210-D0B2-4E97-BD3A-5534695CF22} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCEF8AA-101-4CD0-83D-2CB83D34BE8D} [C:\Program Files\Plus-HD-8.1 (Not File)] =>PUP.Optional.CrossRider FOUND key: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [SearchAssistantOC] =>PUP.Optional.SearchAssist FOUND key: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [SearchAssistantOC] =>PUP.Optional.SearchAssist FOUND key: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant [Search Assistant Control] =>PUP.Optional.SearchAssist FOUND key: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant.1 [Search Assistant Control] =>PUP.Optional.SearchAssist FOUND key: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC] =>PUP.Optional.SearchAssist FOUND key: HKLM\SOFTWARE\Classes\CLSID\{940D6050-66DF-4126-AABE-C346DB1AACC1} [NMCFEventManager Class] =>PUP.Optional.CrossRider FOUND key: HKLM\SOFTWARE\Classes\CLSID\{940D6050-66DF-4126-AABE-C346DB1AACC1}\InprocServer32 [C:\Program Files\Common Files\Ahead\lib\NMCoFoundation.dll] =>PUP.Optional.CrossRider ---\\ Summary of the elements found (2) http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchAssist
  4. Дъст Массакре

    Инфектирани браузъри

    Заповядайте. # AdwCleaner v5.022 - Logfile created 28/11/2015 at 22:49:24 # Updated 22/11/2015 by Xplode # Database : 2015-11-22.2 [Server] # Operating system : Microsoft Windows XP Service Pack 3 (x86) # Username : Administrator - COMPUTEK-1DC5C0 # Running from : C:\Documents and Settings\Administrator\My Documents\Изтегляния\adwcleaner_5.022.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [-] Folder Deleted : C:\Documents and Settings\Administrator\My Documents\Updater ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\SiteSee [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E} ***** [ Web browsers ] ***** [-] [C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com [-] [C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd ************************* :: "Tracing" keys removed :: Proxy settings cleared :: Winsock settings cleared :: TCP/IP settings cleared :: Firewall settings cleared :: IPSec settings cleared :: BITS queue cleared :: Chrome policies deleted ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1657 bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.1 (11.24.2015) Operating System: Microsoft Windows XP x86 Ran by Administrator (Administrator) on 28.11.2015 Ј. at 22:54:42,26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 4 Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2KKC7WCM (Folder) Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3DXEV40K (Folder) Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\75GW4N1L (Folder) Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\N1FSU7IY (Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 28.11.2015 Ј. at 22:57:28,93 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  5. Вчера седнах пред компютъра и когато се опитах да отворя ОЛХ ми се отвори съвсем друга интернет страница. Работя с Мозила но имам и Гугъл хром и от него се опитвах със същия ефект. В мозилата имах отметка в лентата на отметките и през нея и през търсачката и в хрома винаги отваря същата страница- ето снимка http://prikachi.com/images/298/8485298J.jpg Забелязах че и с мобиле.бг е станало същото, нито от отметките нито през търсачката мога да вляза. Преинсталирах браузърите - пак същото. Явно сме лепнали нещо някъде. Моля за помощ и благодаря предварително защото и преди съм ползвал помоща на екипа Ви! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-11-2015 Ran by Administrator (administrator) on COMPUTEK-1DC5C0 (26-11-2015 23:32:37) Running from C:\Documents and Settings\Administrator\My Documents\Изтегляния Loaded Profiles: Administrator (Available Profiles: Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Google Inc.) C:\Program Files\Google\Update\1.3.28.17\GoogleCrashHandler.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe () C:\Program Files\Mtel NetAgent\MtelNetAgent_Launcher.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe () C:\WINDOWS\Datecs\Flex2K.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe () C:\WINDOWS\system32\PnkBstrA.exe () C:\Program Files\Mtel NetAgent\MtelNetAgent_Service.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-11-17] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2007-03-16] (Analog Devices, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKLM\...\Run: [TAG_MtelNetAgent_Launcher.exe] => C:\Program Files\Mtel NetAgent\MtelNetAgent_Launcher.exe [952888 2014-04-14] () HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-515967899-1979792683-842925246-500\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-515967899-1979792683-842925246-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd) HKU\S-1-5-21-515967899-1979792683-842925246-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-515967899-1979792683-842925246-500\...\MountPoints2: G - G:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-515967899-1979792683-842925246-500\...\MountPoints2: {3050ba0c-fe47-11e4-adcf-001d9204ec90} - G:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-12-18] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2012-11-17] ShortcutTarget: FlexType 2K.lnk -> C:\WINDOWS\Datecs\Flex2K.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-15] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-15] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-15] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-15] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 13 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-15] (Avira Operations GmbH & Co. KG) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{6562F65F-DD0F-4E59-B6C3-64283866C0C0}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-515967899-1979792683-842925246-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-us SearchScopes: HKU\S-1-5-21-515967899-1979792683-842925246-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-515967899-1979792683-842925246-500 -> {793940E2-D8CE-4707-9D01-B3EFF05F249F} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339 FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-11-26] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-11-26] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Extension: ABV Notifier - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339\extensions\abvnotifier@netinfo.bg.xpi [2015-11-24] FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qe4temke.default-1447773881339\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-14] [not signed] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-515967899-1979792683-842925246-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-09-16] (Microsoft Corporation) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-12-18] (Adobe Systems) [File not signed] S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [916968 2015-11-17] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-11-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-11-17] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1210512 2015-11-17] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-18] (Macrovision Europe Ltd.) [File not signed] R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-05-22] (Teruten) [File not signed] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2014-10-30] () R2 TAG_Service; C:\Program Files\Mtel NetAgent\MtelNetAgent_Service.exe [350776 2014-04-14] () ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-11-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-11-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-23] (Avira Operations GmbH & Co. KG) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-02] (Disc Soft Ltd) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed] S3 hwusb_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_cdcacm.sys [108032 2013-12-10] (Huawei Technologies Co., Ltd.) S3 hwusb_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_cdcecm.sys [117504 2013-12-10] (Huawei Technologies Co., Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) U3 PROCMON23; C:\WINDOWS\System32\Drivers\PROCMON23.SYS [65048 2013-11-19] (Sysinternals - www.sysinternals.com) R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [8704 2005-03-17] (Analog Devices, Inc.) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-09-16] (Microsoft Corporation) S3 VM30xx86; C:\WINDOWS\System32\Drivers\vm30xx86.sys [1294336 2007-03-20] (Vimicro Corporation) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249728 2013-11-30] (Huawei Technologies Co., Ltd.) S4 InCDFs; system32\drivers\InCDFs.sys [X] S4 IntelIde; no ImagePath U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-26 23:26 - 2015-11-26 23:32 - 00000000 ____D C:\FRST 2015-11-26 23:16 - 2015-11-26 23:16 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2015-11-26 23:16 - 2015-11-26 23:16 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk 2015-11-26 23:16 - 2015-11-26 23:16 - 00000000 ____D C:\WINDOWS\LastGood 2015-11-26 16:54 - 2015-11-26 16:54 - 06251688 _____ C:\Documents and Settings\Administrator\Desktop\куверт.psd 2015-11-24 20:21 - 2015-11-26 23:16 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-11-02 12:28 - 2015-11-02 12:28 - 00000383 _____ C:\ftconfig.ini ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-26 23:32 - 2012-10-18 16:02 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp 2015-11-26 23:26 - 2015-05-14 23:33 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Изтегляния 2015-11-26 23:26 - 2012-10-18 18:42 - 00000000 ____D C:\WINDOWS 2015-11-26 23:23 - 2012-10-18 18:42 - 00000000 ___HD C:\WINDOWS\inf 2015-11-26 23:19 - 2013-02-19 19:37 - 00022530 _____ C:\WINDOWS\system32\nvAppTimestamps 2015-11-26 23:16 - 2013-04-19 18:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-11-26 23:16 - 2013-02-09 15:06 - 00000000 ____D C:\Program Files\Google 2015-11-26 23:16 - 2012-10-18 18:48 - 00592240 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-26 23:16 - 2012-10-18 16:32 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2015-11-26 23:11 - 2014-12-27 13:40 - 00000316 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job 2015-11-26 23:11 - 2014-12-27 13:40 - 00000294 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job 2015-11-26 23:11 - 2013-02-09 15:06 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-26 23:11 - 2012-10-18 16:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-26 23:10 - 2012-10-18 16:02 - 00032528 _____ C:\WINDOWS\SchedLgU.Txt 2015-11-26 23:10 - 2012-10-18 16:02 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2015-11-26 23:10 - 2012-10-18 16:02 - 00000000 ____D C:\Documents and Settings\Administrator 2015-11-26 23:06 - 2012-12-01 23:25 - 00000000 ____D C:\Program Files\Real 2015-11-26 23:06 - 2012-12-01 23:25 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Real 2015-11-26 23:06 - 2012-12-01 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Real 2015-11-26 23:04 - 2013-02-09 15:06 - 00001000 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-26 23:04 - 2012-11-15 17:06 - 00000000 ____D C:\Program Files\Adobe Media Player 2015-11-26 23:04 - 2012-11-15 16:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Adobe 2015-11-26 21:55 - 2012-11-15 18:37 - 01834496 ___SH C:\Documents and Settings\Administrator\Desktop\Thumbs.db 2015-11-26 15:14 - 2014-12-27 13:40 - 00000302 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job 2015-11-26 15:13 - 2008-04-14 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-11-25 01:07 - 2012-11-08 00:28 - 01025410 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-515967899-1979792683-842925246-500-0.dat 2015-11-25 01:07 - 2012-11-08 00:28 - 00260322 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2015-11-18 18:41 - 2014-11-14 13:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache 2015-11-17 17:45 - 2014-12-27 13:40 - 00000324 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job 2015-11-17 17:34 - 2012-10-18 16:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avira 2015-11-17 17:31 - 2012-10-18 16:35 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-11-17 17:31 - 2012-10-18 16:35 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-11-16 22:34 - 2015-04-09 20:37 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\vlc 2015-11-16 22:18 - 2013-02-09 18:28 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\AIMP3 2015-11-16 22:18 - 2012-10-18 16:34 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\uTorrent 2015-11-02 22:09 - 2012-10-18 16:02 - 00000000 ___RD C:\Documents and Settings\Administrator\My Documents 2015-11-02 21:59 - 2012-11-03 16:38 - 00000116 _____ C:\WINDOWS\NeroDigital.ini ==================== Files in the root of some directories ======= 2014-10-30 13:38 - 2014-10-30 13:38 - 0138056 _____ () C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys 2012-11-01 21:48 - 2015-06-30 20:52 - 0065024 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-11-05 17:11 - 2012-11-05 17:11 - 0000090 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\FASTWiz.log Some files in TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt
  6. Дъст Массакре

    Изкачащи поп ъп реклами-"Ad by CinemaP-1.8cV27.03"

    Хрумна ми да се опитам да си възстановя първоначалната конфигурация на системата преди заразяването. Мисля че трябва да свърши работа. Ще опитам. Поздрави!
  7. Здравейте, приятели. Проблема е следния - наскоро се с сдобих с лаптоп с уин 8.1 и след като инсталирах мозила почнаха проблеми - изкачащи поп ъп реклами под които има надпис Ad by CinemaP-1.8cV27.03 | Close . Прилагам и нужните файлове: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Емил Вълков (administrator) on LENOVO-PC on 03-04-2015 09:53:32 Running from C:\Users\Емил Вълков\Downloads Loaded Profiles: Емил Вълков (Available profiles: Емил Вълков) Platform: Windows 8.1 Connected (X64) OS Language: Английски (Съединени щати) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files (x86)\Mtel NetAgent\MtelNetAgent_Service.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Pokki) C:\Users\Емил Вълков\AppData\Local\Pokki\Engine\StartMenuIndexer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\Mtel NetAgent\MtelNetAgent_Launcher.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe (Pokki) C:\Users\Емил Вълков\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) C:\Users\Емил Вълков\AppData\Local\Pokki\Engine\HostAppService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe (ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.336.0\McCSPServiceHost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.0.2530.2317_x64__8wekyb3d8bbwe\Map.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe (McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.) C:\Program Files\mcafee\vul\McVulAlert.exe (Microsoft Corporation) C:\Windows\System32\dfrgui.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.) HKLM\...\Run: [btServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-07] (Realtek Semiconductor Corporation) HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor) HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-06-09] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-06-09] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-06-09] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.) HKLM-x32\...\Run: [updateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.) HKLM-x32\...\Run: [TAG_MtelNetAgent_Launcher.exe] => C:\Program Files (x86)\Mtel NetAgent\MtelNetAgent_Launcher.exe [952888 2014-04-14] () HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\...\Run: [skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\...\MountPoints2: {46493da0-d423-11e4-825b-90489a05e78e} - "F:\.\Autorun.exe" AUTORUN=1 HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\...\MountPoints2: {46494259-d423-11e4-825b-90489a05e78e} - "G:\.\Autorun.exe" AUTORUN=1 HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\...\MountPoints2: {526e302d-d422-11e4-825a-90489a05e78e} - "F:\.\Autorun.exe" AUTORUN=1 HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [130048 2013-08-22] (Microsoft Corporation) Startup: C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows 8.1 Final Activator 100% Working With All Windows Edition(1).lnk ShortcutTarget: Windows 8.1 Final Activator 100% Working With All Windows Edition(1).lnk -> C:\ProgramData\{9b2043ea-4eb6-6dde-9b20-043ea4eb0fa9}\Windows 8.1 Final Activator 100% Working With All Windows Edition(1).exe (No File) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com HKU\S-1-5-21-4079883155-4122363980-4031217907-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com SearchScopes: HKU\S-1-5-21-4079883155-4122363980-4031217907-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-4079883155-4122363980-4031217907-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} BHO: DealExpruessu -> {4e61c78d-86f2-40eb-889a-c198d79a5266} -> C:\Program Files (x86)\DealExpruessu\HgMMmS4fS9YFvL.x64.dll [2015-04-03] () BHO: PriceLesas -> {6caaf312-e208-4d75-88cc-35af62c39f62} -> C:\Program Files (x86)\PriceLesas\OQOpbY4PrjmP7D.x64.dll [2015-03-28] () BHO: SaaverEXtueension -> {96a0d097-fb13-400c-b8c4-166d731de575} -> C:\Program Files (x86)\SaaverEXtueension\lQB9dzXEKJUDrY.x64.dll [2015-04-03] () BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File BHO-x32: PriceLesas -> {6caaf312-e208-4d75-88cc-35af62c39f62} -> C:\Program Files (x86)\PriceLesas\OQOpbY4PrjmP7D.dll No File BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-01-13] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-01-13] (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{675E96AE-8A91-463C-BFA3-D742198B2933}: [NameServer] 10.250.238.3 10.250.238.4 Tcpip\..\Interfaces\{732D5C2B-67FA-4395-B353-DEF86E1124D7}: [NameServer] 10.250.238.3 10.250.238.4 FireFox: ======== FF ProfilePath: C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: https://www.google.bg/?gws_rd=ssl FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q= FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-29] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-29] () FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] () FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-13] (Nitro PDF) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-28] (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2015-03-28] (globalUpdate) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml [2015-03-27] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml [2015-03-27] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml [2015-03-27] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-03-27] FF Extension: Bing Search Engine - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\bingsearch.full@microsoft.com [2015-03-27] FF Extension: CinemaP-1.8cV27.03 - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-03-28] FF Extension: Mozilla Firefox Hotfixer - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\veggy@veggyAddon.com [2015-03-30] FF Extension: Zoom It - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\{d401849f-1f0d-7231-0af9-1c2b0ed5e420} [2015-03-31] FF Extension: ABV Notifier - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\abvnotifier@netinfo.bg.xpi [2015-04-03] FF Extension: Adblock Plus - C:\Users\Емил Вълков\AppData\Roaming\Mozilla\Firefox\Profiles\voyly9tc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-03] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-09] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Емил Вълков\AppData\Local\Google\Chrome\User Data\Default Opera: ======= OPR Extension: (CinemaP-1.8cV27.03) - C:\Users\Емил Вълков\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-03-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 be0fb33b; c:\Program Files (x86)\Supporter\Supporter.dll [1629696 2015-03-28] () [File not signed] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-23] () [File not signed] R2 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2490184 2014-03-13] (ClientConnect LTD) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.) S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-28] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-03-28] (globalUpdate) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation) R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-20] () R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited) R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1851192 2015-03-28] (Maxthon) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-13] (Nitro PDF Software) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-06-09] (Lenovo) R3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-06-09] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 TAG_Service; C:\Program Files (x86)\Mtel NetAgent\MtelNetAgent_Service.exe [536632 2014-04-14] () R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-06-09] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S2 c2cautoupdatesvc; "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [X] S2 c2cpnrsvc; "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service [X] S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-14] (Realtek Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation ) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-03 09:53 - 2015-04-03 09:56 - 00021440 _____ () C:\Users\Емил Вълков\Downloads\FRST.txt 2015-04-03 09:53 - 2015-04-03 09:53 - 00000000 ____D () C:\FRST 2015-04-03 09:51 - 2015-04-03 09:51 - 02095616 _____ (Farbar) C:\Users\Емил Вълков\Downloads\FRST64.exe 2015-04-03 09:28 - 2015-04-03 09:29 - 00000000 ____D () C:\Program Files (x86)\DealExpruessu 2015-04-03 09:28 - 2015-04-03 09:28 - 00000000 ____D () C:\Program Files (x86)\Pirate Bay Advanced Search 2015-04-03 09:27 - 2015-04-03 09:28 - 00000000 ____D () C:\Program Files (x86)\SaaverEXtueension 2015-04-03 09:23 - 2015-04-03 09:23 - 00001186 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-04-03 09:23 - 2015-04-03 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-03 09:23 - 2015-04-03 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-02 20:02 - 2015-04-02 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-04-02 19:52 - 2015-04-02 19:54 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Google 2015-04-02 19:51 - 2015-04-02 19:54 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-01 20:22 - 2015-04-01 20:22 - 00000000 ____D () C:\ProgramData\Yellow AdBlocker 2015-04-01 20:04 - 2015-04-01 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mtel NetAgent 2015-04-01 19:58 - 2015-04-01 19:58 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-04-01 19:58 - 2015-04-01 19:58 - 00000000 ____D () C:\Program Files\Unlocker 2015-04-01 19:56 - 2015-04-01 19:57 - 01681749 _____ () C:\Users\Емил Вълков\Downloads\Unlocker1.9.1-x64.exe 2015-03-31 23:34 - 2015-03-31 23:34 - 01151388 _____ () C:\Users\Емил Вълков\Documents\ALL music.aimppl 2015-03-31 15:30 - 2015-03-31 16:02 - 43074952 _____ () C:\Users\Емил Вълков\Downloads\firefox-40.0a1.en-US.win64.installer.exe 2015-03-31 15:07 - 2015-03-31 15:07 - 00000000 ____D () C:\windows\SysWOW64\Drivers\bg-BG 2015-03-31 15:07 - 2015-03-31 15:07 - 00000000 ____D () C:\windows\system32\Drivers\bg-BG 2015-03-31 15:07 - 2015-03-31 15:07 - 00000000 ____D () C:\windows\system32\bg 2015-03-31 15:07 - 2015-03-31 15:07 - 00000000 ____D () C:\windows\bg-BG 2015-03-31 15:05 - 2015-04-01 20:10 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-03-31 15:05 - 2015-03-31 15:05 - 00003834 _____ () C:\windows\System32\Tasks\Opera scheduled Autoupdate 1427803505 2015-03-31 15:05 - 2015-03-31 15:05 - 00001162 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-03-31 15:05 - 2015-03-31 15:05 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Opera Software 2015-03-31 15:05 - 2015-03-31 15:05 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Opera Software 2015-03-31 15:04 - 2015-03-31 15:04 - 32664584 _____ (Opera Software) C:\Users\Емил Вълков\Downloads\Opera_28.0.1750.48_Setup.exe 2015-03-31 00:31 - 2015-03-31 00:30 - 00492957 ____N () C:\Users\Емил Вълков\Desktop\Dzhek_London_-_Tom_4._Razkazi_i_noveli_-331-b.txt.zip 2015-03-29 22:08 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys 2015-03-29 20:27 - 2015-03-29 20:27 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-03-29 09:40 - 2015-03-29 09:40 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Macromedia 2015-03-29 00:05 - 2015-04-03 09:00 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-03-29 00:05 - 2015-04-02 19:51 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-03-28 18:37 - 2015-03-28 18:37 - 00000000 ____D () C:\Program Files (x86)\Supporter 2015-03-28 18:35 - 2015-04-03 09:28 - 00000000 ____D () C:\ProgramData\2177943551573595904 2015-03-28 18:35 - 2015-03-31 09:44 - 00000000 ____D () C:\Program Files (x86)\PriceLesas 2015-03-28 18:33 - 2015-03-31 09:44 - 00000000 ____D () C:\ProgramData\{9bf90369-82a2-bade-9bf9-9036982a0da6} 2015-03-28 18:32 - 2015-04-02 23:32 - 00002472 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5.job 2015-03-28 18:32 - 2015-03-28 18:32 - 00005476 _____ () C:\windows\System32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5 2015-03-28 18:32 - 2015-03-28 18:32 - 00002472 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-5_user.job 2015-03-28 18:31 - 2015-04-03 09:31 - 00003164 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-6.job 2015-03-28 18:31 - 2015-04-02 23:36 - 00001006 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-03-28 18:31 - 2015-04-02 23:31 - 00005210 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-11.job 2015-03-28 18:31 - 2015-04-02 23:31 - 00004520 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-4.job 2015-03-28 18:31 - 2015-04-02 23:31 - 00003500 _____ () C:\windows\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-7.job 2015-03-28 18:31 - 2015-04-02 17:36 - 00001002 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-03-28 18:31 - 2015-03-28 18:31 - 02045952 _____ (Cinema PlusV27.03) C:\Users\Емил Вълков\AppData\Roaming\XBSK.exe 2015-03-28 18:31 - 2015-03-28 18:31 - 01554432 _____ (Cinema PlusV27.03) C:\Users\Емил Вълков\AppData\Roaming\ZQK.exe 2015-03-28 18:31 - 2015-03-28 18:31 - 00008214 _____ () C:\windows\System32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-11 2015-03-28 18:31 - 2015-03-28 18:31 - 00007524 _____ () C:\windows\System32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-4 2015-03-28 18:31 - 2015-03-28 18:31 - 00006504 _____ () C:\windows\System32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-7 2015-03-28 18:31 - 2015-03-28 18:31 - 00006168 _____ () C:\windows\System32\Tasks\45bccf4b-4c7e-4c60-9c9e-1ea97b543050-1-6 2015-03-28 18:31 - 2015-03-28 18:31 - 00003978 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2015-03-28 18:31 - 2015-03-28 18:31 - 00003742 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2015-03-28 18:31 - 2015-03-28 18:31 - 00001378 _____ () C:\windows\Tasks\XBSK.job 2015-03-28 18:31 - 2015-03-28 18:31 - 00001376 _____ () C:\windows\Tasks\ZQK.job 2015-03-28 18:30 - 2015-04-02 11:23 - 00000000 ____D () C:\Program Files (x86)\CinemaP-1.8cV27.03 2015-03-28 18:30 - 2015-03-28 18:30 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\globalUpdate 2015-03-28 18:30 - 2015-03-28 18:30 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2015-03-28 18:13 - 2015-03-28 18:14 - 00000000 ____D () C:\Program Files (x86)\Windows 8 n 8.1 Activator 2015-03-28 16:21 - 2015-04-02 12:41 - 00000000 ____D () C:\ProgramData\{e06253a9-4a99-1fca-e062-253a94a94ea5} 2015-03-28 16:20 - 2015-04-02 12:41 - 00000000 ____D () C:\ProgramData\{872ede43-ad2b-d5d3-872e-ede43ad2790e} 2015-03-28 16:20 - 2015-04-02 12:41 - 00000000 ____D () C:\ProgramData\{55694745-d63c-c12b-5569-94745d631d17} 2015-03-28 16:20 - 2015-03-30 01:12 - 00000000 ____D () C:\ProgramData\{9b2043ea-4eb6-6dde-9b20-043ea4eb0fa9} 2015-03-28 16:15 - 2015-04-02 12:42 - 00000000 ____D () C:\ProgramData\{15aa0734-c4c7-f61d-15aa-a0734c4c1cd3} 2015-03-28 16:15 - 2015-04-02 12:41 - 00000000 ____D () C:\ProgramData\{a941787d-775b-0a4e-a941-1787d775e1f5} 2015-03-28 16:15 - 2015-04-02 12:41 - 00000000 ____D () C:\ProgramData\{82ac96fc-46fa-0e0a-82ac-c96fc46f5bf1} 2015-03-28 11:01 - 2015-03-28 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter 2015-03-28 11:01 - 2015-03-28 11:01 - 00000000 ____D () C:\Program Files (x86)\SDA 2015-03-28 11:00 - 2015-03-28 11:00 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Downloaded Installations 2015-03-28 09:32 - 2015-04-01 20:02 - 00000000 __RDO () C:\Users\Емил Вълков\OneDrive 2015-03-28 00:56 - 2015-03-28 00:56 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\WebApp 2015-03-28 00:56 - 2015-03-28 00:56 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Cyberlink 2015-03-28 00:56 - 2015-03-28 00:56 - 00000000 ____D () C:\Users\Public\CyberLink 2015-03-28 00:55 - 2015-03-29 09:17 - 00000000 ____D () C:\Users\Емил Вълков\Documents\Lenovo 2015-03-28 00:55 - 2015-03-28 00:56 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\CyberLink 2015-03-28 00:55 - 2015-03-28 00:55 - 00000000 ____D () C:\Users\Емил Вълков\Documents\CyberLink 2015-03-28 00:55 - 2015-03-28 00:55 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Lenovo 2015-03-28 00:32 - 2015-03-28 00:32 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Maxthon3 2015-03-27 23:34 - 2015-03-27 23:34 - 00000000 ____D () C:\Users\Емил Вълков\Tracing 2015-03-27 23:24 - 2015-03-31 22:00 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Skype 2015-03-27 23:24 - 2015-03-27 23:24 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Skype 2015-03-27 23:24 - 2015-03-27 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-03-27 23:23 - 2015-03-27 23:24 - 00000000 ____D () C:\ProgramData\Skype 2015-03-27 23:03 - 2015-03-27 23:03 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-03-27 22:04 - 2015-04-01 19:44 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\AIMP3 2015-03-27 22:04 - 2015-03-27 22:04 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2015-03-27 21:43 - 2015-03-27 21:43 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Nitro 2015-03-27 21:40 - 2015-04-02 19:52 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Adobe 2015-03-27 21:39 - 2015-03-27 21:39 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\LSC 2015-03-27 14:43 - 2015-03-27 14:44 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Mozilla 2015-03-27 14:43 - 2015-03-27 14:44 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Mozilla 2015-03-27 14:43 - 2015-03-27 14:43 - 00000000 ____D () C:\Users\Public\Pokki 2015-03-27 14:43 - 2015-03-27 14:43 - 00000000 ____D () C:\ProgramData\Mozilla 2015-03-27 14:42 - 2015-04-01 20:02 - 00002180 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk 2015-03-27 14:42 - 2015-03-27 14:42 - 00002371 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk 2015-03-27 14:42 - 2015-03-27 14:42 - 00002311 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-03-27 14:11 - 2015-04-03 08:49 - 00003954 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{4A87ADAF-8289-4815-BFAA-28FEB3569C47} 2015-03-27 14:11 - 2015-03-27 14:11 - 00000000 __SHD () C:\Users\Емил Вълков\AppData\Local\EmieUserList 2015-03-27 14:11 - 2015-03-27 14:11 - 00000000 __SHD () C:\Users\Емил Вълков\AppData\Local\EmieSiteList 2015-03-27 14:03 - 2015-03-27 14:03 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\LenovoBrowserGuard 2015-03-27 14:00 - 2013-12-10 14:37 - 00376704 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_wwanecm.sys 2015-03-27 14:00 - 2013-12-10 14:36 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_cdcacm.sys 2015-03-27 14:00 - 2013-11-30 18:11 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_juwwanecm.sys 2015-03-27 14:00 - 2013-11-30 18:10 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcacm.sys 2015-03-27 14:00 - 2013-11-30 18:10 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jubusenum.sys 2015-03-27 14:00 - 2013-11-30 18:10 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_jucdcecm.sys 2015-03-27 14:00 - 2013-11-30 18:10 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_juextctrl.sys 2015-03-27 14:00 - 2013-11-30 18:01 - 00456704 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbwwan.sys 2015-03-27 14:00 - 2013-11-30 17:55 - 00226176 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ewusbmdm.sys 2015-03-27 14:00 - 2013-01-25 10:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwusbdev.sys 2015-03-27 14:00 - 2012-12-22 10:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_usbenumfilter.sys 2015-03-27 14:00 - 2012-08-20 09:37 - 01490656 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01007.dll 2015-03-27 14:00 - 2012-08-20 09:37 - 01490656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfCoInstaller01007.dll 2015-03-27 14:00 - 2010-10-08 17:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\windows\system32\Drivers\ewdcsc.sys 2015-03-27 14:00 - 2010-09-26 19:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\ew_hwupgrade.sys 2015-03-27 13:59 - 2015-03-31 01:04 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Nitro PDF 2015-03-27 13:59 - 2015-03-27 14:03 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\TAG 2015-03-27 13:59 - 2015-03-27 13:59 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Sierra Wireless 2015-03-27 13:59 - 2015-03-27 13:59 - 00000000 ____D () C:\Program Files (x86)\Mtel NetAgent 2015-03-27 04:58 - 2015-04-03 09:28 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4079883155-4122363980-4031217907-1001 2015-03-27 04:52 - 2015-03-27 04:52 - 00000000 ____D () C:\windows\System32\Tasks\WPD 2015-03-27 04:52 - 2015-03-27 04:52 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-03-27 04:51 - 2015-04-03 03:20 - 00046783 _____ () C:\Users\Емил Вълков\AppData\Local\BTServer.log 2015-03-27 04:51 - 2015-03-27 21:39 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Adobe 2015-03-27 04:51 - 2015-03-27 04:51 - 00001457 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-27 04:51 - 2015-03-27 04:51 - 00001264 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BTServer Toasts App.lnk 2015-03-27 04:51 - 2015-03-27 04:51 - 00000000 ____D () C:\Users\Емил Вълков\Documents\My Bluetooth 2015-03-27 04:51 - 2015-03-27 04:51 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\VirtualStore 2015-03-27 04:50 - 2015-04-02 19:40 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Packages 2015-03-27 04:50 - 2015-03-27 04:50 - 00000180 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-03-27 04:50 - 2015-03-27 04:50 - 00000020 ___SH () C:\Users\Емил Вълков\ntuser.ini 2015-03-27 04:49 - 2015-04-03 09:14 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Local\Pokki 2015-03-27 04:49 - 2015-03-28 09:32 - 00000000 ____D () C:\Users\Емил Вълков 2015-03-27 04:49 - 2014-06-09 19:10 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Macromedia 2015-03-27 04:49 - 2014-03-18 13:06 - 00000000 ___RD () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-27 04:49 - 2014-03-18 13:06 - 00000000 ___RD () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-03-27 04:49 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-03-27 04:49 - 2014-03-18 12:54 - 00000369 _____ () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-03-27 04:49 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-27 04:49 - 2013-08-22 18:36 - 00000000 ____D () C:\Users\Емил Вълков\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-27 04:46 - 2015-03-27 04:46 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-03-26 22:14 - 2015-03-26 22:14 - 00005542 _____ () C:\Users\Емил Вълков\AppData\Roaming\XBSK 2015-03-26 22:14 - 2015-03-26 22:14 - 00004185 _____ () C:\Users\Емил Вълков\AppData\Roaming\ZQK ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-03 09:03 - 2014-06-09 18:37 - 01730788 _____ () C:\windows\WindowsUpdate.log 2015-04-03 09:00 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\sru 2015-04-02 19:57 - 2014-06-09 19:18 - 00000000 ____D () C:\ProgramData\Office2013 2015-04-02 19:40 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\AppReadiness 2015-04-02 13:13 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\rescache 2015-04-01 20:10 - 2014-03-18 12:53 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI 2015-04-01 20:01 - 2014-06-09 19:16 - 00002560 _____ () C:\windows\system32\VfService.trf 2015-04-01 20:01 - 2013-08-22 17:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-04-01 20:01 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\BBI 2015-04-01 20:00 - 2014-06-09 18:32 - 00709952 _____ () C:\Users\Public\CAFADEBUG.log 2015-03-31 16:06 - 2014-03-18 12:44 - 00004078 _____ () C:\windows\PFRO.log 2015-03-31 15:10 - 2013-08-22 18:20 - 00000000 ____D () C:\windows\CbsTemp 2015-03-31 15:07 - 2014-03-18 12:38 - 00000000 ____D () C:\Program Files\Windows Journal 2015-03-31 15:07 - 2014-03-18 12:25 - 00000000 ____D () C:\windows\SysWOW64\WCN 2015-03-31 15:07 - 2014-03-18 12:25 - 00000000 ____D () C:\windows\SysWOW64\slmgr 2015-03-31 15:07 - 2014-03-18 12:25 - 00000000 ____D () C:\windows\system32\WCN 2015-03-31 15:07 - 2014-03-18 12:25 - 00000000 ____D () C:\windows\system32\slmgr 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\WinStore 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\SysWOW64\bg-BG 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\SystemResetPlatform 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\migwiz 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\bg-BG 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\PolicyDefinitions 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\Help 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\FileManager 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files\Common Files\System 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-03-31 15:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-31 15:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\SysWOW64\oobe 2015-03-31 15:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\Sysprep 2015-03-31 15:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\oobe 2015-03-31 15:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\servicing 2015-03-31 14:29 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\NDF 2015-03-31 09:39 - 2014-06-09 19:05 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-03-31 00:31 - 2013-08-22 17:46 - 00024605 _____ () C:\windows\setupact.log 2015-03-29 22:09 - 2014-06-09 19:04 - 00000000 ____D () C:\ProgramData\McAfee 2015-03-29 21:45 - 2014-06-09 19:05 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2015-03-29 21:44 - 2013-08-22 18:36 - 00000000 ___HD () C:\windows\ELAMBKUP 2015-03-28 11:00 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\restore 2015-03-28 00:56 - 2014-06-09 19:00 - 00000000 ____D () C:\ProgramData\CyberLink 2015-03-28 00:55 - 2014-06-09 19:10 - 00000000 ____D () C:\ProgramData\Lenovo 2015-03-27 04:51 - 2014-06-09 19:13 - 00098714 ____H () C:\windows\modules.log 2015-03-27 04:51 - 2014-04-02 20:34 - 00000000 ____D () C:\windows\Panther 2015-03-27 04:51 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\ELAM 2015-03-27 04:48 - 2013-08-22 17:44 - 00344624 _____ () C:\windows\system32\FNTCACHE.DAT ==================== Files in the root of some directories ======= 2015-03-26 22:14 - 2015-03-26 22:14 - 0005542 _____ () C:\Users\Емил Вълков\AppData\Roaming\XBSK 2015-03-28 18:31 - 2015-03-28 18:31 - 2045952 _____ (Cinema PlusV27.03) C:\Users\Емил Вълков\AppData\Roaming\XBSK.exe 2015-03-26 22:14 - 2015-03-26 22:14 - 0004185 _____ () C:\Users\Емил Вълков\AppData\Roaming\ZQK 2015-03-28 18:31 - 2015-03-28 18:31 - 1554432 _____ (Cinema PlusV27.03) C:\Users\Емил Вълков\AppData\Roaming\ZQK.exe 2015-03-27 04:51 - 2015-04-03 03:20 - 0046783 _____ () C:\Users\Емил Вълков\AppData\Local\BTServer.log 2014-06-09 18:32 - 2014-06-09 18:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Емил Вълков\AppData\Local\Temp\certutil.exe C:\Users\Емил Вълков\AppData\Local\Temp\KMS Windows 8 n 8.1 Activator__9771_il67290.exe C:\Users\Емил Вълков\AppData\Local\Temp\msvcr71.dll C:\Users\Емил Вълков\AppData\Local\Temp\nspr4.dll C:\Users\Емил Вълков\AppData\Local\Temp\nss3.dll C:\Users\Емил Вълков\AppData\Local\Temp\octE818.tmp.exe C:\Users\Емил Вълков\AppData\Local\Temp\Opera_NI_stable.exe C:\Users\Емил Вълков\AppData\Local\Temp\plc4.dll C:\Users\Емил Вълков\AppData\Local\Temp\plds4.dll C:\Users\Емил Вълков\AppData\Local\Temp\smime3.dll C:\Users\Емил Вълков\AppData\Local\Temp\softokn3.dll C:\Users\Емил Вълков\AppData\Local\Temp\Zzoomit_uninstall.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-09 18:15 ==================== End Of Log ============================ Addition.txt Addition.txt
  8. Дъст Массакре

    Проблем с мозила

    Изтеглете следния архив и го разархивирайте в C:\Program Files\MyDefrag v4.3.1\Scripts Дава ми несъществуващ файл/папка.
  9. Дъст Массакре

    Проблем с мозила

    Ами не виждам някакви нередности в работата на компютъра засега, много благодаря за отделеното време и за помоща която ми оказахте. Радва ме факта, че има още добри и умни хора които биха помогнали на някой в беда, и при това безкористно. Още веднъж хиляди благодарности. С уважение: Е. Вълков AdwCleanerS2.txt Fixlog.txt
  10. Дъст Массакре

    Проблем с мозила

    Заповядайте лог файловете. Поздрави. AdwCleanerS0.txt JRT.txt Malwarebytes.txt HitmanPro_20141125_1741k.txt
  11. Дъст Массакре

    Проблем с мозила

    Много благодаря за помоща и отделеното време, а има ли начин за в бъдеще да мога да защитя компютъра си от подобни проблеми?
  12. Дъст Массакре

    Проблем с мозила

    Май единственото което забелязвам е че хард диска все едно зарежда нещо, т.е. по-шумен е от нормалното, но само като вкл мозила. Поздрави! Fixlog.txt
  13. Дъст Массакре

    Проблем с мозила

    Ето го. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-11-2014 Ran by Administrator (administrator) on COMPUTEK-1DC5C0 on 22-11-2014 01:47:35 Running from C:\Documents and Settings\Administrator\My Documents\Downloads Loaded Profiles: Administrator (Available profiles: Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe () C:\WINDOWS\system32\PnkBstrA.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe () C:\WINDOWS\Datecs\Flex2K.exe (Valve Corporation) C:\Program Files\Steam\Steam.exe (Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe (Valve) C:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe (Valve Corporation) C:\Program Files\Steam\GameOverlayUI.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) C:\Documents and Settings\Administrator\My Documents\Downloads\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [soundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352 2007-03-16] (Analog Devices, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-515967899-1979792683-842925246-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-515967899-1979792683-842925246-500\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-515967899-1979792683-842925246-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk ShortcutTarget: FlexType 2K.lnk -> C:\WINDOWS\Datecs\Flex2K.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) URLSearchHook: [s-1-5-21-515967899-1979792683-842925246-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ATTENTION ==> Default URLSearchHook is missing. HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com"<======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-515967899-1979792683-842925246-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://en.eazel.com/results.php?id=AAA797963e2ac2798c711550cf31b0ab429&oid=1&cat=web&co=&lg=en&q={searchTerms} BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.) Tcpip\..\Interfaces\{6562F65F-DD0F-4E59-B6C3-64283866C0C0}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default FF DefaultSearchEngine: Google (SSL) FF DefaultSearchUrl: FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Google (SSL) FF Homepage: https://www.google.bg/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\searchplugins\google-ssl.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml FF Extension: Avira Browser Safety - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\abs@avira.com [2014-11-20] FF Extension: Battlefield Play4Free - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\battlefieldplay4free@ea.com [2014-10-30] FF Extension: Settings Manager - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\{1ED03F15-1006-1C66-CCA5-15A00B80A7B7} [2014-05-19] FF Extension: Master-Site - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\{86d8f0b9-33a3-4fa5-b69b-dbf25a2cf543} [2014-11-17] FF Extension: ABV Notifier - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\abvnotifier@netinfo.bg.xpi [2013-10-22] FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-22] FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-03-22] FF Extension: Visitors Facebook - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\jid1-yuNlgYDr5nIP2w@jetpack.xpi [2014-01-01] FF Extension: Youtube To MP3 / x-MuZiC.cOm - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gy4hqjti.default\Extensions\support@x-muzic.com.xpi [2014-03-04] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-09] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-27] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: No Name - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} [Not Found] Chrome: ======= CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Презентации) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-21] CHR Extension: (Google Документи) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-21] CHR Extension: (Google Диск) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-21] CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-21] CHR Extension: (Google Търсене) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-21] CHR Extension: (Електронни таблици от Google) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-21] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-21] CHR Extension: (RealDownloader) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-11-21] CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-21] CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-21] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-09-16] (Microsoft Corporation) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-03-16] (Macrovision Europe Ltd.) [File not signed] R2 FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [233472 2013-05-22] (Teruten) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-06] (Oracle Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) S4 PanService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2014-10-30] () R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [98160 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-10-07] (Avira Operations GmbH & Co. KG) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-04-09] (DT Soft Ltd) R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) U3 PROCMON23; C:\WINDOWS\System32\Drivers\PROCMON23.SYS [65048 2013-11-19] (Sysinternals - www.sysinternals.com) R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [8704 2005-03-17] (Analog Devices, Inc.) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-09-16] (Microsoft Corporation) R3 VM30xx86; C:\WINDOWS\System32\Drivers\vm30xx86.sys [1294336 2007-03-20] (Vimicro Corporation) S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 InCDFs; system32\drivers\InCDFs.sys [X] S1 InCDPass; system32\drivers\InCDPass.sys [X] S1 InCDRm; system32\drivers\InCDRm.sys [X] S4 IntelIde; No ImagePath U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-22 01:47 - 2014-11-22 01:47 - 00000000 ____D () C:\FRST 2014-11-21 16:00 - 2014-11-21 16:00 - 00001216 _____ () C:\Documents and Settings\Administrator\Desktop\,,,,,,,,,,,,,,,,,,,,,,,,,,,.txt 2014-11-21 15:30 - 2014-11-21 15:30 - 00001811 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2014-11-21 15:30 - 2014-11-21 15:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2014-11-21 15:29 - 2014-11-21 15:29 - 00880784 _____ (Google Inc.) C:\Documents and Settings\Administrator\Desktop\ChromeSetup.exe 2014-11-21 00:42 - 2014-11-21 15:46 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-11-21 00:42 - 2014-11-21 15:46 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-21 00:42 - 2014-11-21 15:46 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-11-21 00:42 - 2014-11-21 15:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-21 00:42 - 2014-10-01 11:11 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-11-21 00:42 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-11-19 09:57 - 2014-11-19 09:57 - 09498679 _____ () C:\Documents and Settings\Administrator\Desktop\the-european-union-flag-1920x1200.psd 2014-11-19 09:23 - 2014-11-19 09:23 - 04528641 _____ () C:\Documents and Settings\Administrator\Desktop\Untitled-1.psd 2014-11-18 15:57 - 2014-11-18 15:58 - 00000858 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk 2014-11-18 10:25 - 2014-11-18 10:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AIMP3 2014-11-18 10:22 - 2014-11-18 10:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\Нова папка 2014-11-17 22:28 - 2014-11-17 22:29 - 12156771 _____ () C:\Documents and Settings\Administrator\Desktop\ЙОАННА СХ 2014 ЗАСЕТИ ПЛОЩИ.psd 2014-11-17 20:27 - 2014-11-17 20:27 - 191040615 _____ () C:\Documents and Settings\Administrator\Desktop\ЙОАННА СХ ЕООД 5.psd 2014-11-17 20:01 - 2014-11-17 20:02 - 00037967 _____ () C:\Documents and Settings\Administrator\Desktop\Untitled.FR12 2014-11-17 20:00 - 2014-11-17 20:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Canon 2014-11-17 19:54 - 2014-11-17 19:54 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\ABBYY 2014-11-17 19:41 - 2014-11-21 01:07 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY 2014-11-17 19:40 - 2014-11-17 19:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ABBYY 2014-11-17 19:39 - 2014-11-17 19:39 - 00000000 ____D () C:\Program Files\MSXML 6.0 2014-11-17 19:38 - 2014-11-17 19:38 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\WebExtend 2014-11-17 17:49 - 2014-11-19 09:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\ЙОАННА СХ АНКЕТНА КАРТА 2014 2014-11-17 17:47 - 2014-11-17 20:21 - 187543698 _____ () C:\Documents and Settings\Administrator\Desktop\ЙОАННА СХ ЕООД 8.psd 2014-11-17 17:39 - 2014-11-17 20:27 - 196656104 _____ () C:\Documents and Settings\Administrator\Desktop\ЙОАННА СХ ЕООД 6.psd 2014-11-17 14:38 - 2014-11-17 14:38 - 05895842 _____ () C:\Documents and Settings\Administrator\Desktop\12346copy.psd 2014-11-17 14:26 - 2014-11-17 14:26 - 06933988 _____ () C:\Documents and Settings\Administrator\Desktop\12345копие.psd 2014-11-17 14:25 - 2014-11-17 18:11 - 06933712 _____ () C:\Documents and Settings\Administrator\Desktop\12345.psd 2014-11-15 23:58 - 2014-11-15 23:58 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\Неизползвани клавишни комбинации на работния плот 2014-11-14 17:04 - 2014-11-14 17:04 - 00050346 _____ () C:\Documents and Settings\Administrator\Desktop\amx_gag.amxx 2014-11-14 13:08 - 2014-11-19 08:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache 2014-11-14 13:08 - 2014-11-14 13:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\CSO 2014-11-14 13:08 - 2014-11-14 13:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nexon 2014-11-13 21:20 - 2014-11-13 21:20 - 00001353 _____ () C:\Documents and Settings\Administrator\Desktop\plugins.ini 2014-11-10 20:00 - 2014-11-10 20:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-03 08:28 - 2014-03-19 03:27 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2014-11-03 08:28 - 2014-03-19 03:27 - 00088832 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2014-11-02 14:01 - 2014-11-02 14:01 - 00010730 _____ () C:\Documents and Settings\Administrator\Desktop\ISO1.nri 2014-10-30 13:41 - 2014-10-30 13:41 - 00234768 _____ () C:\WINDOWS\system32\PnkBstrB.xtr 2014-10-30 13:39 - 2014-10-30 13:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\PunkBuster 2014-10-30 13:38 - 2014-10-30 13:44 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Battlefield Play4Free 2014-10-30 13:38 - 2014-10-30 13:41 - 00138264 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys 2014-10-30 13:38 - 2014-10-30 13:38 - 00138056 _____ () C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys 2014-10-30 13:37 - 2014-10-30 13:41 - 00234768 _____ () C:\WINDOWS\system32\PnkBstrB.exe 2014-10-30 13:37 - 2014-10-30 13:37 - 00075136 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2014-10-30 13:37 - 2014-10-30 13:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\EA Games 2014-10-30 13:07 - 2014-10-30 13:07 - 00000000 ____D () C:\Program Files\EA Games 2014-10-30 08:37 - 2014-10-30 08:37 - 00000710 _____ () C:\Documents and Settings\Administrator\Desktop\HLSW.lnk 2014-10-30 08:37 - 2014-10-30 08:37 - 00000000 ___SD () C:\Documents and Settings\All Users\Start Menu\Programs\HLSW 2014-10-30 00:44 - 2014-10-30 00:44 - 00024303 _____ () C:\Documents and Settings\Administrator\Desktop\dracula_untold_2014_720p_hdcam_new_source_x264_pimp4003(subsunacs.net).rar 2014-10-29 20:32 - 2014-10-29 20:32 - 06243018 _____ () C:\Documents and Settings\Administrator\Desktop\motd.psd 2014-10-27 09:43 - 2014-10-27 09:43 - 00042925 _____ () C:\b29e41e8-fb30-4005-acaa-f943f487a8bd.dmp 2014-10-27 01:16 - 2014-10-27 01:16 - 00043803 _____ () C:\3045dba8-b90f-4969-bf67-dae1d5b203ec.dmp 2014-10-27 00:17 - 2014-11-21 01:15 - 00000000 ____D () C:\Program Files\WarThunder 2014-10-27 00:17 - 2014-10-27 00:17 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\My Games 2014-10-25 22:22 - 2014-10-25 22:22 - 00081924 _____ () C:\Documents and Settings\Administrator\Desktop\1217_Maleficent.2014.rar ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-22 01:48 - 2012-10-18 16:02 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp 2014-11-22 01:45 - 2012-10-18 17:37 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Skype 2014-11-22 01:44 - 2013-02-19 19:37 - 00018186 _____ () C:\WINDOWS\system32\nvAppTimestamps 2014-11-22 01:41 - 2012-12-08 12:07 - 00000498 _____ () C:\Documents and Settings\Administrator\Desktop\пассуорд.txt 2014-11-22 01:04 - 2012-10-18 16:55 - 01425816 _____ () C:\WINDOWS\system32\nvdrsdb1.bin 2014-11-22 01:04 - 2012-10-18 16:55 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin 2014-11-21 16:34 - 2013-12-04 22:36 - 00000000 ____D () C:\Program Files\Steam 2014-11-21 16:06 - 2012-10-18 18:48 - 00592240 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-11-21 16:03 - 2012-12-31 10:43 - 00000302 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-21 16:03 - 2012-12-31 10:43 - 00000294 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-21 16:03 - 2012-10-18 15:55 - 02057951 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-21 16:02 - 2013-01-21 15:38 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-21 16:02 - 2012-12-01 23:26 - 00000294 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-21 16:02 - 2012-10-18 18:51 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-11-21 16:02 - 2012-10-18 18:51 - 00000053 _____ () C:\WINDOWS\wiaservc.log 2014-11-21 16:02 - 2012-10-18 18:47 - 03655464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-21 16:02 - 2012-10-18 16:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-21 16:01 - 2012-11-08 00:28 - 02872830 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-515967899-1979792683-842925246-500-0.dat 2014-11-21 16:01 - 2012-11-08 00:28 - 00255798 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2014-11-21 16:01 - 2012-10-18 16:02 - 00032450 _____ () C:\WINDOWS\SchedLgU.Txt 2014-11-21 16:01 - 2012-10-18 16:02 - 00000278 ___SH () C:\Documents and Settings\Administrator\ntuser.ini 2014-11-21 16:01 - 2012-10-18 16:02 - 00000000 ____D () C:\Documents and Settings\Administrator 2014-11-21 15:30 - 2012-10-18 16:32 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google 2014-11-21 15:29 - 2013-02-09 15:06 - 00000000 ____D () C:\Program Files\Google 2014-11-21 10:07 - 2013-02-09 15:06 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-21 10:07 - 2013-02-09 15:06 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-21 10:06 - 2012-10-18 16:04 - 00031976 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2014-11-21 01:18 - 2013-04-09 22:56 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite 2014-11-21 01:18 - 2013-02-09 18:28 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AIMP3 2014-11-21 01:18 - 2012-11-12 22:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\FileZilla 2014-11-21 01:18 - 2012-10-18 16:34 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\uTorrent 2014-11-21 01:09 - 2013-05-26 09:26 - 00000000 ____D () C:\Program Files\Cs 1.6 Background Maker v3.0 2014-11-21 00:58 - 2013-01-10 06:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$ 2014-11-20 12:46 - 2012-11-15 18:37 - 01284032 ___SH () C:\Documents and Settings\Administrator\Desktop\Thumbs.db 2014-11-20 00:07 - 2012-10-18 16:55 - 01425816 _____ () C:\WINDOWS\system32\nvdrsdb0.bin 2014-11-18 15:58 - 2012-10-18 16:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avira 2014-11-18 15:58 - 2012-10-18 16:35 - 00000000 ____D () C:\Program Files\Avira 2014-11-18 15:57 - 2012-10-18 16:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira 2014-11-18 10:24 - 2013-02-09 18:28 - 00000000 ____D () C:\Program Files\AIMP3 2014-11-18 09:47 - 2008-04-14 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-11-17 19:37 - 2012-11-07 18:28 - 00000000 ____D () C:\Temp 2014-11-17 11:04 - 2013-01-21 15:38 - 00000342 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-17 10:40 - 2012-12-01 23:26 - 00000302 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job 2014-11-13 21:27 - 2013-01-04 18:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\HLSW 2014-11-13 13:25 - 2012-10-18 16:56 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-11-13 13:25 - 2012-10-18 16:56 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-11-12 08:56 - 2013-04-19 18:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-04 23:00 - 2012-11-03 16:38 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini 2014-11-04 23:00 - 2012-11-01 21:48 - 00044032 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-04 23:00 - 2012-10-18 16:33 - 00000000 ____D () C:\Program Files\The KMPlayer 2014-10-30 13:37 - 2012-12-12 18:00 - 00000000 ____D () C:\WINDOWS\system32\LogFiles 2014-10-30 08:37 - 2012-10-18 15:57 - 00000000 ____D () C:\Program Files\xerox 2014-10-27 09:43 - 2012-10-18 15:54 - 00000000 ____D () C:\WINDOWS\system32\DirectX 2014-10-27 00:13 - 2012-10-18 17:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype 2014-10-27 00:12 - 2013-01-23 14:46 - 00000000 ___RD () C:\Program Files\Skype Some content of TEMP: ==================== C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe C:\Documents and Settings\Administrator\Local Settings\Temp\DseShExt-x86.dll C:\Documents and Settings\Administrator\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe C:\Documents and Settings\Administrator\Local Settings\Temp\KMP_3.8.0.122.exe C:\Documents and Settings\Administrator\Local Settings\Temp\lowproc.exe C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\Administrator\Local Settings\Temp\SDShelEx-win32.dll C:\Documents and Settings\Administrator\Local Settings\Temp\SettingsManagerSetup.exe C:\Documents and Settings\Administrator\Local Settings\Temp\SHSetup.exe C:\Documents and Settings\Administrator\Local Settings\Temp\SimBundD.exe C:\Documents and Settings\Administrator\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\Administrator\Local Settings\Temp\stubhelper.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log = FRST.txt
  14. Дъст Массакре

    Проблем с мозила

    Много съжалявам, вината е моя - извинявайте. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-11-2014 Ran by Administrator at 2014-11-22 01:48:55 Running from C:\Documents and Settings\Administrator\My Documents\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 3.2.1.28086 - BitTorrent Inc.) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.7) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated) AIMP3 (HKLM\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira) Battlefield Play4Free (HKLM\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform) Counter Strike 1.6 p48 build 4554 2.1 (HKLM\...\Counter Strike 1.6 p48 build 4554 2.1) (Version: - ) Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) FileZilla Client 3.8.1 (HKLM\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse) FlexType 2K (HKLM\...\FlexType 2K) (Version: - ) Fraps (HKLM\...\Fraps) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden HLSW v1.4.0.2 (HKLM\...\HLSW_is1) (Version: - Stripf Software) Java 7 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle) KMP Service (HKLM\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION Malwarebytes Anti-Malware, версия 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation) Mozilla Firefox 33.1 (x86 bg) (HKLM\...\Mozilla Firefox 33.1 (x86 bg)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-515967899-1979792683-842925246-500\...\MyFreeCodec) (Version: - ) Nero 7 Premium (HKLM\...\{4781569D-5404-1F26-4B2B-6DF444441031}) (Version: 7.00.0087 - Nero AG) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA nView 141.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.24 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.6380 - Analog Devices) Steam (HKLM\...\Steam) (Version: - Valve Corporation) TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer) The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.8.0.120 - PandoraTV) Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Bulgarian Interface Pack (HKLM\...\{C408D81A-CB17-4CDF-98AF-2E64036B3F32}) (Version: 1.0.0.2600 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Архиватор WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-515967899-1979792683-842925246-500_Classes\CLSID\{0B090D40-DA26-5D4D-2509-B755873E337E}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2008-04-14 12:00 - 2008-04-14 12:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1979792683-842925246-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (whitelisted) ============= 2012-10-18 16:35 - 2000-12-13 00:55 - 00028672 _____ () C:\WINDOWS\system32\newdll.dll 2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\xampp\FileZillaFTP\FileZilla FTP Client\fzshellext.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\xampp\FileZillaFTP\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\xampp\FileZillaFTP\FileZilla FTP Client\libstdc++-6.dll 2014-10-30 13:37 - 2014-10-30 13:37 - 00075136 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2012-11-17 16:51 - 2000-12-30 12:39 - 00151552 _____ () C:\WINDOWS\Datecs\Flex2K.exe 2014-09-02 08:45 - 2014-11-11 20:48 - 01171456 _____ () C:\Program Files\Steam\libavcodec-56.dll 2014-09-02 08:45 - 2014-11-11 20:48 - 00442368 _____ () C:\Program Files\Steam\libavutil-54.dll 2014-09-02 08:45 - 2014-11-11 20:48 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll 2013-12-04 22:37 - 2014-11-11 20:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll 2014-05-22 12:52 - 2014-11-18 22:23 - 02227904 _____ () C:\Program Files\Steam\video.dll 2014-09-02 08:45 - 2014-11-11 20:48 - 00403968 _____ () C:\Program Files\Steam\libavformat-56.dll 2014-09-02 08:45 - 2014-11-11 20:48 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll 2013-12-04 22:37 - 2014-11-18 22:23 - 00690880 _____ () C:\Program Files\Steam\bin\chromehtml.dll 2014-11-21 16:33 - 2014-11-21 16:33 - 00155232 ___HT () C:\Documents and Settings\Administrator\Local Settings\Temp\~34.tmp 2013-12-04 22:37 - 2014-11-11 20:48 - 34589888 _____ () C:\Program Files\Steam\bin\libcef.dll 2014-08-26 09:24 - 2014-11-11 20:48 - 00837824 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00126496 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\filesystem_stdio.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 01625608 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\hw.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00400920 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\vgui.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00652800 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\SDL2.dll 2014-04-17 22:34 - 2014-04-17 22:34 - 01093128 _____ () c:\program files\steam\steamapps\common\half-life\cstrike\cl_dlls\client.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00081920 _____ () c:\program files\steam\steamapps\common\half-life\valve\cl_dlls\particleman.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00843264 _____ () c:\program files\steam\steamapps\common\half-life\valve\cl_dlls\GameUI.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00241152 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\vgui2.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00874496 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\chromehtml.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00338944 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\tier0.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 20320240 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\libcef.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 01100800 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\avcodec-53.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00124416 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\avutil-51.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00192000 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\avformat-53.dll 2013-12-04 22:41 - 2013-12-04 22:41 - 00071680 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\mssmp3.asi 2013-12-04 22:41 - 2013-12-04 22:41 - 00153088 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\mssvoice.asi 2013-12-04 22:41 - 2013-12-04 22:41 - 00138768 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\demoplayer.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00282112 _____ () C:\Program Files\Steam\steamapps\common\Half-Life\core.dll 2013-12-04 22:40 - 2013-12-04 22:41 - 00536576 _____ () c:\program files\steam\steamapps\common\half-life\platform\servers\serverbrowser.dll 2008-04-14 12:00 - 2008-04-14 12:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll 2008-04-14 12:00 - 2008-04-14 12:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2014-11-21 15:30 - 2014-11-14 23:15 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.65\pdf.dll 2014-11-21 15:30 - 2014-11-14 23:15 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll 2014-11-21 15:30 - 2014-11-14 23:15 - 14910280 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Clownfish => "C:\Program Files\Clownfish\Clownfish.exe" MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: TkBellExe => "C:\program files\real\realplayer\update\realsched.exe" -osboot MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-515967899-1979792683-842925246-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator ASPNET (S-1-5-21-515967899-1979792683-842925246-1004 - Limited - Enabled) Guest (S-1-5-21-515967899-1979792683-842925246-501 - Limited - Disabled) HelpAssistant (S-1-5-21-515967899-1979792683-842925246-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-515967899-1979792683-842925246-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/21/2014 00:08:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application nvbackend.exe, version 15.3.33.0, faulting module nvbackend.exe, version 15.3.33.0, fault address 0x0007240c. Processing media-specific event for [nvbackend.exe!ws!] Error: (11/19/2014 08:56:21 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application Photoshop.exe, version 10.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/31/2014 06:44:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application filezilla.exe, version 3.8.1.0, faulting module filezilla.exe, version 3.8.1.0, fault address 0x00081265. Processing media-specific event for [filezilla.exe!ws!] Error: (10/31/2014 00:43:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application filezilla.exe, version 3.8.1.0, faulting module filezilla.exe, version 3.8.1.0, fault address 0x00081265. Processing media-specific event for [filezilla.exe!ws!] Error: (10/30/2014 01:45:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application bfp4f.exe, version 1.0.0.4, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b. Processing media-specific event for [bfp4f.exe!ws!] Error: (10/30/2014 00:18:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application filezilla.exe, version 3.8.1.0, faulting module filezilla.exe, version 3.8.1.0, fault address 0x00081265. Processing media-specific event for [filezilla.exe!ws!] Error: (10/27/2014 10:09:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application launcher.exe, version 1.0.1.187, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00019fca. Processing media-specific event for [launcher.exe!ws!] Error: (10/26/2014 03:13:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application nero.exe, version 7.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/26/2014 02:31:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application nero.exe, version 7.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/26/2014 02:31:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application nero.exe, version 7.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System errors: ============= Error: (11/10/2014 07:32:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service. Error: (11/06/2014 04:23:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service. Error: (11/04/2014 09:28:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service. Microsoft Office Sessions: ========================= Error: (11/21/2014 00:08:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvbackend.exe15.3.33.0nvbackend.exe15.3.33.00007240c Error: (11/19/2014 08:56:21 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Photoshop.exe10.0.0.0hungapp0.0.0.000000000 Error: (10/31/2014 06:44:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: filezilla.exe3.8.1.0filezilla.exe3.8.1.000081265 Error: (10/31/2014 00:43:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: filezilla.exe3.8.1.0filezilla.exe3.8.1.000081265 Error: (10/30/2014 01:45:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bfp4f.exe1.0.0.4ntdll.dll5.1.2600.60550000100b Error: (10/30/2014 00:18:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: filezilla.exe3.8.1.0filezilla.exe3.8.1.000081265 Error: (10/27/2014 10:09:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: launcher.exe1.0.1.187ntdll.dll5.1.2600.605500019fca Error: (10/26/2014 03:13:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: nero.exe7.0.0.0hungapp0.0.0.000000000 Error: (10/26/2014 02:31:19 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: nero.exe7.0.0.0hungapp0.0.0.000000000 Error: (10/26/2014 02:31:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: nero.exe7.0.0.0hungapp0.0.0.000000000 ==================== Memory info =========================== Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz Percentage of memory in use: 62% Total physical RAM: 2046.04 MB Available physical RAM: 757.45 MB Total Pagefile: 3939.01 MB Available Pagefile: 2064.47 MB Total Virtual: 2047.88 MB Available Virtual: 1947.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:53.94 GB) (Free:22.82 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:244.14 GB) (Free:157.2 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 5724DA06) Partition 1: (Active) - (Size=53.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244.1 GB) - (Type=OF Extended) ==================== End Of Log ============================ Addition.txt
  15. Здравейте. Проблема ми е следния - след посещение някъде (на компа сме 3 човека) сме лепнали нещо на Мозилата - отварят се някакви прозорци с реклами, и отделно някакви игри в нов прозорец. С Гугъл Хром нямам проблеми ама Аз съм си привърженик на Мозилата. Опитах някакви програми от нета ама нищо не се получи и за това съм тук. Предварително благодаря на хората които ще ми обърнат внимание, дори и да не помогнат. Качвам и снимка да видите как изглеждат:
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.