Премини към съдържанието

Rada Beliata

VIP Потребител
  • Публикации

    184
  • Регистрация

  • Последно онлайн

Харесвания

40 Добра репутация

1 Последовател

Всичко за Rada Beliata

  • Титла
    Почетен потребител
  • Рожден ден 4 юни

Последни посетители

1119 прегледа на профила
  1. Благодаря много ! Топла и усмихната вечер да имате!
  2. Вече бях деинсталирала , но приложих сега и инструмента и ето файла: # DelFix v1.013 - Logfile created 10/03/2018 at 18:52:28 # Updated 17/04/2016 by Xplode # Username : User - USER-PC # Operating System : Windows 7 Professional Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\AdwCleanerDebug.txt Deleted : C:\ComboFix.txt Deleted : C:\Users\User\Desktop\Addition.txt Deleted : C:\Users\User\Desktop\Addition1.txt Deleted : C:\Windows\grep.exe Deleted : C:\Windows\PEV.exe Deleted : C:\Windows\NIRCMD.exe Deleted : C:\Windows\MBR.exe Deleted : C:\Windows\SED.exe Deleted : C:\Windows\SWREG.exe Deleted : C:\Windows\SWSC.exe Deleted : C:\Windows\SWXCACLS.exe Deleted : C:\Windows\Zip.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #457 [Windows Update | 02/25/2018 16:40:18] Deleted : RP #458 [Installed Jeppesen Program and Data Installation | 02/26/2018 09:14:39] Deleted : RP #459 [Windows Update | 03/05/2018 12:59:27] Deleted : RP #460 [Windows Update | 03/09/2018 07:57:38] Deleted : RP #462 [Restore Point Created by FRST | 03/10/2018 12:11:06] Deleted : RP #464 [Restore Point Created by FRST | 03/10/2018 14:22:13] New restore point created ! ########## - EOF - ########## Сърдечно благодаря за многото отделено време и то през почивен ден! Весел и ползотеорен остатък от почивните дни и на вас! Аз съм в болнини и се възстановявам от тежка операция, така , че следващите седмици за мен ще са все почивни
  3. Много блюгодаря! Предполагам сега трябва да изтрия всички инструменти . Компа работи значително по добре! Сърдечно благодаря!
  4. Много благодаря! Сега ще рестартна да видя какво се случва с бързината, но до тук , колкото го ползвах вървеше по-леко. Открих от къде прави бъг на ФБ - има инзталиран някакъв Ad Block, който бъгва визуалния вид на страницата на ФБ и не се виждат половината опции- например , коментари, опции за изход - излизат само празни черти > Нужна ли е тази програма Add block или да я деинсталирам?
  5. не поиска рестарт, ето файла: Fix result of Farbar Recovery Scan Tool (x64) Version: 10.03.2018 Ran by User (10-03-2018 16:22:10) Run:3 Running from C:\Users\User\Desktop\New folder Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" Startbatch: @echo off net stop BITS ipconfig /flushdns ren "%programdata%\Microsoft\Network\Downloader\qmgr0.dat" qmgr0.dat.old ren "%programdata%\Microsoft\Network\Downloader\qmgr1.dat" qmgr1.dat.old net start BITS Endbatch: Powershell: Get-BitsTransfer -AllUsers Powershell: Get-BitsTransfer -AllUsers | select -ExpandProperty FileList CMD: bitsadmin /reset /allusers end ***************** Restore point was successfully created. ========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" ========= Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation. ========= End of CMD: ========= ========= Batch: ========= The Background Intelligent Transfer Service service is stopping.. The Background Intelligent Transfer Service service was stopped successfully. Windows IP Configuration Successfully flushed the DNS Resolver Cache. The Background Intelligent Transfer Service service is starting. The Background Intelligent Transfer Service service was started successfully. ========= End of Batch: ========= ========= Get-BitsTransfer -AllUsers ========= ========= End of Powershell: ========= ========= Get-BitsTransfer -AllUsers | select -ExpandProperty FileList ========= ========= End of Powershell: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ==== End of Fixlog 16:24:34 ====
  6. Fix result of Farbar Recovery Scan Tool (x64) Version: 10.03.2018 Ran by User (10-03-2018 14:11:03) Run:2 Running from C:\Users\User\Desktop\New folder Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION Task: {4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1} - System32\Tasks\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\ Task: {74A1E32B-5FCE-472C-94C5-A07EDA38D14F} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION Task: {8911747D-DBA5-4C16-B055-1736416D2688} - System32\Tasks\{BF876EFA-AAC2-4AAE-83EC-85158C195963} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\ Task: {B388DC38-3B20-41ED-9530-7AAB6E414D12} - System32\Tasks\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\BluetoothDriverInstaller.exe -d C:\Users\User\Downloads AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116] AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [128] cmd: bitsadmin /reset /allusers cmd: netsh winsock reset catalog cmd: ipconfig /flushdns RemoveProxy: EmptyTemp: End ***************** Restore point was successfully created. Processes closed successfully. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully C:\Windows\system32\GroupPolicy\User => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1}" => removed successfully C:\Windows\System32\Tasks\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74A1E32B-5FCE-472C-94C5-A07EDA38D14F}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74A1E32B-5FCE-472C-94C5-A07EDA38D14F}" => removed successfully C:\Windows\System32\Tasks\YTAUpdate => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8911747D-DBA5-4C16-B055-1736416D2688}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8911747D-DBA5-4C16-B055-1736416D2688}" => removed successfully C:\Windows\System32\Tasks\{BF876EFA-AAC2-4AAE-83EC-85158C195963} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF876EFA-AAC2-4AAE-83EC-85158C195963}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B388DC38-3B20-41ED-9530-7AAB6E414D12}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B388DC38-3B20-41ED-9530-7AAB6E414D12}" => removed successfully C:\Windows\System32\Tasks\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5}" => removed successfully C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully C:\ProgramData\TEMP => ":DBC416F8" ADS removed successfully ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {3F6239DB-8F2A-495C-936D-000E3F67903F}. Unable to cancel {21A77507-8AB3-4865-BE77-11AEBCEFEFC7}. Unable to cancel {779C1EF9-0AD4-47F2-889D-8D50C30F80DF}. Unable to cancel {6FDE9AA9-8441-4145-B6FE-490F4C6D6592}. Unable to cancel {A59F42DA-552E-427E-85C1-E232E2FA9A96}. Unable to cancel {1A77A6DA-38E2-4C92-A907-9FBD3A59754A}. Unable to cancel {0B06DFE5-229C-4827-98A3-6C7BA22EC6B2}. Unable to cancel {75C69611-827C-4543-8FFB-1D0D76641F77}. Unable to cancel {20015205-E21E-4858-BD92-530D9D4E23B8}. Unable to cancel {33339BB4-B8A7-4F73-B779-2D010D0F0750}. Unable to cancel {02A6E665-12B7-4F32-8F05-5A8507E66664}. Unable to cancel {40EF12FE-0A78-4306-8DD3-FBA8BFA27FAA}. Unable to cancel {36588530-0783-41A1-BA20-3FE240409116}. Unable to cancel {A7608D4C-2157-4DFE-BB1A-0C8BBA7FCF6C}. Unable to cancel {DD7B09C9-5F7E-4F9E-94A4-218068400D51}. Unable to cancel {BA76B98B-DB64-47D5-9651-8734BE30AD85}. Unable to cancel {51B3854F-63B7-4E6F-979A-7E47244ECF96}. Unable to cancel {1A34F497-4FDB-406B-B638-7FF4C3804B37}. Unable to cancel {510B17C5-F571-42D0-9BB1-8639A134A852}. Unable to cancel {F8D8A3CA-55B5-4933-AE20-8C57559D0F2D}. Unable to cancel {AB50FED1-E4E3-4B51-A74F-1F948131E9F0}. Unable to cancel {67FA677B-BD19-44BE-A3D6-C8EA87DF0393}. Unable to cancel {25F9976C-7C63-433C-8747-C9A542B62759}. Unable to cancel {91DDDED9-1910-49D2-BD0D-1755D23C64C0}. Unable to cancel {62E32DD3-0C80-4B0E-A233-0549C981A7B9}. Unable to cancel {5EFE4E7E-EE7B-4FFC-B248-DDA15C9903A6}. Unable to cancel {29F50E05-BF4E-4898-9992-0371A0B78874}. 0 out of 27 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: =========
  7. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018 Ran by User (administrator) on USER-PC (09-03-2018 22:13:25) Running from C:\Users\User\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Opera\Opera.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Jeppesen) C:\Jeppesen\JWC\JWC.exe (VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe () C:\ProgramData\MTN High Speed Internet\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Viber Media S.Ã r.l.) C:\Users\User\AppData\Local\Viber\Viber.exe (Huawei Technologies Co., Ltd.) C:\Users\User\AppData\Roaming\Zain Connect\ouc.exe (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-05] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-25] (Synaptics Incorporated) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [*LABAL*] => [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-05-14] (VoipConnect) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [HW_OPENEYE_OUC_Zain Connect] => C:\Program Files (x86)\Zain Connect\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Viber] => C:\Users\User\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.Ã r.l.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [58899912 2018-02-16] (Skype Technologies S.A.) GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7019DF92-BFEA-4C0F-A4AA-C467798353EB}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E4892BF8-78CB-47BB-A25E-41FFC8B7FFE9}: [NameServer] 41.95.252.117 41.95.252.116 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://online.bulbank.bg/capicom.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File FireFox: ======== FF DefaultProfile: aewkzmml.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aewkzmml.default [2017-07-11] FF NetworkProxy: Mozilla\Firefox\Profiles\aewkzmml.default -> autoconfig_url", "hxxp://aiidatapro.net/proxy2.js" FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-03-09] CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Skype Calling) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-09-06] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-03-09] CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24] CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-07] CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-27] CHR HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 JWC; C:\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-01] (Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) S2 MTN High Speed Internet. RunOuc; C:\Program Files (x86)\MTN High Speed Internet\UpdateDog\ouc.exe [657504 2016-02-08] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-05] (IDT, Inc.) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-04-10] (Advanced Micro Devices, Inc.) S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-25] (Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-03-09] () S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2016-02-08] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-09] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-09] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45960 2018-03-09] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-09] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-09] (Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [444632 2013-09-26] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 22:10 - 2018-03-09 22:10 - 000001232 _____ C:\Users\User\Desktop\3.txt 2018-03-09 20:13 - 2018-03-09 20:13 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000045960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-03-09 19:03 - 2018-03-09 19:03 - 000002337 _____ C:\Users\User\Desktop\1.txt 2018-03-09 18:40 - 2018-03-09 18:40 - 000298306 _____ C:\Users\User\Desktop\Presentation1.pptx 2018-03-09 18:07 - 2018-03-09 20:12 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-03-09 18:07 - 2018-03-09 18:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-03-09 18:07 - 2018-03-09 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-03-09 18:07 - 2018-03-09 18:07 - 000000000 ____D C:\Program Files\Malwarebytes 2018-03-09 18:06 - 2018-03-09 18:07 - 068692288 _____ (Malwarebytes ) C:\Users\User\Downloads\mb3-setup-consumer-3.4.3.2394-1.0.320-1.0.4164.exe 2018-03-09 14:28 - 2018-03-09 14:28 - 000030687 _____ C:\Users\User\Desktop\Addition.txt 2018-03-09 14:20 - 2018-03-09 22:13 - 000018683 _____ C:\Users\User\Downloads\FRST.txt 2018-03-09 14:20 - 2018-03-09 14:21 - 000030684 _____ C:\Users\User\Downloads\Addition.txt 2018-03-09 14:19 - 2018-03-09 14:19 - 002403328 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2018-03-07 16:26 - 2018-03-07 16:26 - 000000000 ____D C:\Users\User\Desktop\Flying Book R.I 2018-03-06 18:57 - 2018-03-06 18:57 - 000033280 _____ C:\Users\User\Downloads\STATUS NC 2016.xls 2018-03-06 12:57 - 2018-03-06 12:57 - 000012669 _____ C:\Users\User\Downloads\Tablica-Taksi.xlsx 2018-03-06 12:56 - 2018-03-06 12:56 - 000426596 _____ C:\Users\User\Downloads\Info_Sformirane_na_Taksi.pdf 2018-03-06 12:50 - 2018-03-06 12:50 - 000974647 _____ C:\Users\User\Downloads\18 - 053 - Diana Vitanova - Profesionalen Domoupravitel - VHODOVE.bg.pdf 2018-03-05 15:04 - 2018-03-05 15:05 - 000035970 _____ C:\Users\User\Downloads\Invoce_1020013384913_01032018.pdf 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Roaming\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Local\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\ProgramData\ATI 2018-02-25 19:00 - 2018-02-25 19:00 - 001558479 _____ C:\Users\User\Downloads\OMM_amend.1.pdf 2018-02-25 18:28 - 2018-02-25 18:28 - 000000000 ____D C:\Users\User\AppData\Local\Viber 2018-02-16 20:44 - 2018-02-16 20:44 - 000066536 _____ C:\Users\User\Downloads\Crew forms 2018 (1).xlsx 2018-02-16 20:39 - 2018-02-16 20:39 - 000321093 _____ C:\Users\User\Downloads\Analiz 12 2017.pdf 2018-02-16 20:28 - 2018-02-16 20:28 - 000630954 _____ C:\Users\User\Downloads\Analiz 2017.pdf 2018-02-16 20:11 - 2018-02-16 20:11 - 009960037 _____ C:\Users\User\Downloads\SOP S Sudan amendm.2.pdf 2018-02-16 19:57 - 2018-02-16 19:58 - 000095847 _____ C:\Users\User\Downloads\RZFZ31019 (7).PDF 2018-02-14 09:49 - 2018-02-10 21:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 21:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 10:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-02-14 09:49 - 2018-02-10 09:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 09:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-02-14 09:49 - 2018-02-10 09:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-02-14 09:49 - 2018-02-10 09:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-02-14 09:49 - 2018-02-10 09:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-02-14 09:49 - 2018-02-10 09:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 09:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-02-14 09:49 - 2018-02-10 09:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-02-14 09:49 - 2018-02-10 08:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 08:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-02-14 09:49 - 2018-02-10 08:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 08:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-02-14 09:49 - 2018-02-10 08:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-02-14 09:49 - 2018-02-10 08:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 08:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 08:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-02-14 09:49 - 2018-02-10 08:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 08:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 08:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-02-14 09:49 - 2018-02-10 08:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-02-14 09:49 - 2018-02-10 08:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-02-14 09:49 - 2018-02-10 08:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 08:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-02-14 09:49 - 2018-02-10 07:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 07:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 07:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-02-14 09:49 - 2018-02-10 07:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 07:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-02-14 09:49 - 2018-02-10 07:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 07:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 07:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-02-14 09:49 - 2018-02-10 07:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 07:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-02-14 09:49 - 2018-02-10 07:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-02-14 09:49 - 2018-02-10 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-02-14 09:49 - 2018-02-10 07:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 07:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 07:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 07:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-02-14 09:49 - 2018-02-10 07:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-02-14 09:49 - 2018-02-10 07:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-02-14 09:49 - 2018-01-12 18:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2018-02-14 09:49 - 2018-01-12 18:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-02-14 09:49 - 2018-01-12 18:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-02-14 09:49 - 2018-01-12 18:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-02-14 09:49 - 2018-01-12 18:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2018-02-14 09:49 - 2018-01-12 18:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2018-02-14 09:49 - 2018-01-12 18:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-02-14 09:49 - 2018-01-12 18:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-02-14 09:49 - 2018-01-12 18:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-02-14 09:49 - 2018-01-12 18:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-02-14 09:49 - 2018-01-12 18:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-02-14 09:49 - 2018-01-12 17:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-11 18:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-02-14 09:49 - 2018-01-05 18:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2018-02-14 09:49 - 2018-01-05 18:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2018-02-14 09:49 - 2018-01-05 17:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 18:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2018-02-14 09:37 - 2018-01-22 01:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-02-14 09:37 - 2018-01-22 01:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-02-14 09:37 - 2018-01-19 16:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-02-13 12:05 - 2018-02-13 12:05 - 000257710 _____ C:\Users\User\Downloads\IFBP - effective 9JAN14 Ver 7.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 22:13 - 2014-12-05 22:10 - 000000000 ____D C:\FRST 2018-03-09 19:16 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-03-09 19:16 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-03-09 19:10 - 2016-08-05 15:18 - 000003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2018-03-09 19:09 - 2017-06-11 17:28 - 000000000 ____D C:\Users\User\AppData\Roaming\ViberPC 2018-03-09 19:06 - 2013-11-20 09:44 - 000001077 _____ C:\Windows\SysWOW64\bscs.ini 2018-03-09 19:05 - 2016-08-05 15:18 - 000000061 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2018-03-09 19:05 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-09 18:07 - 2014-12-09 00:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-03-09 09:56 - 2017-09-04 09:48 - 000000000 ____D C:\ProgramData\KMSAutoS 2018-03-09 09:45 - 2016-10-20 10:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-03-05 14:55 - 2016-01-21 09:58 - 001691648 _____ C:\Users\User\Desktop\R_Ivanov_DBT (1).xls 2018-03-05 14:52 - 2017-06-11 17:30 - 000000000 ____D C:\Users\User\Documents\ViberDownloads 2018-02-28 20:00 - 2014-12-30 11:03 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-02-27 15:00 - 2009-07-14 07:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-27 15:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-02-26 19:04 - 2016-08-05 15:20 - 000000566 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI 2018-02-26 11:12 - 2018-01-08 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-02-26 11:12 - 2017-09-06 14:09 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-25 18:37 - 2017-03-06 14:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-02-19 12:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2018-02-16 19:47 - 2009-07-14 06:45 - 000410984 _____ C:\Windows\system32\FNTCACHE.DAT 2018-02-16 19:43 - 2015-04-16 07:01 - 000000000 ____D C:\Windows\system32\appraiser 2018-02-14 11:58 - 2014-08-18 18:28 - 000000000 ____D C:\Windows\system32\MRT 2018-02-14 11:57 - 2017-10-12 22:51 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-02-14 11:57 - 2014-08-18 18:28 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-02-14 11:54 - 2014-08-18 16:35 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-02-12 12:50 - 2017-12-11 20:09 - 000000000 ____D C:\Users\User\Desktop\Jungle Jepps ==================== Files in the root of some directories ======= 2016-05-14 20:19 - 2016-05-14 20:19 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg 2017-07-13 22:04 - 2017-07-13 22:04 - 000000000 _____ () C:\Users\User\AppData\Local\{08496EBD-3675-4FFD-9190-C60ED46C2602} Some files in TEMP: ==================== 2017-06-20 03:59 - 2017-06-20 03:59 - 000164424 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\atl110.dll 2017-09-06 14:31 - 2017-09-06 14:31 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe 2017-09-06 14:31 - 2017-09-06 14:31 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe 2017-06-20 03:59 - 2017-06-20 03:59 - 000069632 _____ () C:\Users\User\AppData\Local\Temp\HwInfo.dll 2017-06-20 03:59 - 2017-06-20 03:59 - 000900096 _____ () C:\Users\User\AppData\Local\Temp\NSISPromotionEx.dll 2018-01-08 17:18 - 2018-01-08 17:30 - 059165632 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe 2017-04-08 12:08 - 2017-04-08 12:08 - 014456872 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\vc_redist.x86.exe 2017-02-03 07:09 - 2017-02-03 07:24 - 030533688 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.4-win32.exe 2017-08-10 11:37 - 2017-08-10 11:37 - 030950664 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.6-win32.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-03-09 10:55 ==================== End of FRST.txt ============================ Addition1.txt
  8. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/9/18 Scan Time: 6:09 PM Log File: 3f5b0d00-23b4-11e8-84b1-90489a63bfbc.json Administrator: Yes -Software Information- Version: 3.4.3.2394 Components Version: 1.0.320 Update Package Version: 1.0.4276 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User-PC\User -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 278514 Threats Detected: 8 Threats Quarantined: 8 Time Elapsed: 20 min, 59 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 PUP.Optional.CrossRider, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\WINDOWS_IE_AC_001\SOFTWARE\iWebar, Quarantined, [204], [183558],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\csastats, Quarantined, [2], [260986],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\PRODUCTSETUP, Quarantined, [2], [481004],1.0.4276 Registry Value: 3 PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|IWEBAR-BG.EXE, Quarantined, [1021], [260099],1.0.4276 PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SENSE-BG.EXE, Quarantined, [1021], [260099],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [2], [481004],1.0.4276 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.Goobzo, C:\USERS\USER\APPDATA\LOCAL\INSTALLER\Installiwebar_29400, Quarantined, [1359], [182007],1.0.4276 PUP.Optional.Goobzo, C:\USERS\USER\APPDATA\LOCAL\INSTALLER\Installsense_29400, Quarantined, [1359], [182090],1.0.4276 File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  9. Стигнах до тук: прикачвам снимка на екрана , защото не зная как да продължа Presentation1.pptx
  10. Здравейте, преди две седмици личния ми лаптоп направи проблем със захранването, занесох го в сервиз , казах, че проблема е в женския жак , след ден се обадиха, че имам бужда от ново дъно или нов комп.Т.к. не мога да си позволя в момента закупуване, тъкмо излязох от болница след тежка операция , даже и до ремонт и на комп не ми беше, но то ато е тръгнало да се ремонтира .....Сега мъж-о ми услужи с неговия комп, докато е няолко дни на път, но ми прави впечатление , че лаптопа му зарежда изключително бавно, забива постянно , рестартвах го не можах да излезя от профила му във ФБ, защото половината опции не работят и т.н. Имам съмнение , че има нещо зловредно. Благодая предварително за помощта! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018 Ran by User (administrator) on USER-PC (09-03-2018 14:20:00) Running from C:\Users\User\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Opera\Opera.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ======================================================== C:\FRST\ChromeSetup.exe => Win32/Suweezy? - moved successfully ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe (Huawei Technologies Co., Ltd.) C:\Users\User\AppData\Roaming\Zain Connect\ouc.exe () C:\ProgramData\DataCardService\HWDeviceService64.exe (Viber Media S.Ã r.l.) C:\Users\User\AppData\Local\Viber\Viber.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\ProgramData\MTN High Speed Internet\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-05] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-25] (Synaptics Incorporated) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [*LABAL*] => [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-05-14] (VoipConnect) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [HW_OPENEYE_OUC_Zain Connect] => C:\Program Files (x86)\Zain Connect\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Viber] => C:\Users\User\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.Ã r.l.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [58899912 2018-02-16] (Skype Technologies S.A.) GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7019DF92-BFEA-4C0F-A4AA-C467798353EB}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E4892BF8-78CB-47BB-A25E-41FFC8B7FFE9}: [NameServer] 41.95.252.117 41.95.252.116 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://online.bulbank.bg/capicom.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File FireFox: ======== FF DefaultProfile: aewkzmml.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aewkzmml.default [2017-07-11] FF NetworkProxy: Mozilla\Firefox\Profiles\aewkzmml.default -> autoconfig_url", "hxxp://aiidatapro.net/proxy2.js" FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-03-09] CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Skype Calling) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-09-06] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-03-09] CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24] CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-07] CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-27] CHR HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) S2 JWC; C:\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) S2 MTN High Speed Internet. RunOuc; C:\Program Files (x86)\MTN High Speed Internet\UpdateDog\ouc.exe [657504 2016-02-08] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-05] (IDT, Inc.) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-04-10] (Advanced Micro Devices, Inc.) S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-25] (Disc Soft Ltd) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2016-02-08] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [444632 2013-09-26] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 14:20 - 2018-03-09 14:20 - 000017861 _____ C:\Users\User\Downloads\FRST.txt 2018-03-09 14:19 - 2018-03-09 14:19 - 002403328 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2018-03-07 16:26 - 2018-03-07 16:26 - 000000000 ____D C:\Users\User\Desktop\Flying Book R.I 2018-03-06 18:57 - 2018-03-06 18:57 - 000033280 _____ C:\Users\User\Downloads\STATUS NC 2016.xls 2018-03-06 12:57 - 2018-03-06 12:57 - 000012669 _____ C:\Users\User\Downloads\Tablica-Taksi.xlsx 2018-03-06 12:56 - 2018-03-06 12:56 - 000426596 _____ C:\Users\User\Downloads\Info_Sformirane_na_Taksi.pdf 2018-03-06 12:50 - 2018-03-06 12:50 - 000974647 _____ C:\Users\User\Downloads\18 - 053 - Diana Vitanova - Profesionalen Domoupravitel - VHODOVE.bg.pdf 2018-03-05 15:04 - 2018-03-05 15:05 - 000035970 _____ C:\Users\User\Downloads\Invoce_1020013384913_01032018.pdf 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Roaming\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Local\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\ProgramData\ATI 2018-02-25 19:00 - 2018-02-25 19:00 - 001558479 _____ C:\Users\User\Downloads\OMM_amend.1.pdf 2018-02-25 18:28 - 2018-02-25 18:28 - 000000000 ____D C:\Users\User\AppData\Local\Viber 2018-02-16 20:44 - 2018-02-16 20:44 - 000066536 _____ C:\Users\User\Downloads\Crew forms 2018 (1).xlsx 2018-02-16 20:39 - 2018-02-16 20:39 - 000321093 _____ C:\Users\User\Downloads\Analiz 12 2017.pdf 2018-02-16 20:28 - 2018-02-16 20:28 - 000630954 _____ C:\Users\User\Downloads\Analiz 2017.pdf 2018-02-16 20:11 - 2018-02-16 20:11 - 009960037 _____ C:\Users\User\Downloads\SOP S Sudan amendm.2.pdf 2018-02-16 19:57 - 2018-02-16 19:58 - 000095847 _____ C:\Users\User\Downloads\RZFZ31019 (7).PDF 2018-02-14 09:49 - 2018-02-10 21:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 21:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 10:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-02-14 09:49 - 2018-02-10 09:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 09:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-02-14 09:49 - 2018-02-10 09:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-02-14 09:49 - 2018-02-10 09:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-02-14 09:49 - 2018-02-10 09:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-02-14 09:49 - 2018-02-10 09:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 09:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-02-14 09:49 - 2018-02-10 09:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-02-14 09:49 - 2018-02-10 08:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 08:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-02-14 09:49 - 2018-02-10 08:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 08:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-02-14 09:49 - 2018-02-10 08:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-02-14 09:49 - 2018-02-10 08:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 08:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 08:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-02-14 09:49 - 2018-02-10 08:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 08:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 08:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-02-14 09:49 - 2018-02-10 08:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-02-14 09:49 - 2018-02-10 08:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-02-14 09:49 - 2018-02-10 08:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 08:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-02-14 09:49 - 2018-02-10 07:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 07:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 07:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-02-14 09:49 - 2018-02-10 07:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 07:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-02-14 09:49 - 2018-02-10 07:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 07:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 07:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-02-14 09:49 - 2018-02-10 07:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 07:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-02-14 09:49 - 2018-02-10 07:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-02-14 09:49 - 2018-02-10 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-02-14 09:49 - 2018-02-10 07:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 07:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 07:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 07:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-02-14 09:49 - 2018-02-10 07:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-02-14 09:49 - 2018-02-10 07:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-02-14 09:49 - 2018-01-12 18:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2018-02-14 09:49 - 2018-01-12 18:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-02-14 09:49 - 2018-01-12 18:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-02-14 09:49 - 2018-01-12 18:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-02-14 09:49 - 2018-01-12 18:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2018-02-14 09:49 - 2018-01-12 18:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2018-02-14 09:49 - 2018-01-12 18:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-02-14 09:49 - 2018-01-12 18:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-02-14 09:49 - 2018-01-12 18:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-02-14 09:49 - 2018-01-12 18:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-02-14 09:49 - 2018-01-12 18:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-02-14 09:49 - 2018-01-12 17:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-11 18:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-02-14 09:49 - 2018-01-05 18:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2018-02-14 09:49 - 2018-01-05 18:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2018-02-14 09:49 - 2018-01-05 17:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 18:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2018-02-14 09:37 - 2018-01-22 01:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-02-14 09:37 - 2018-01-22 01:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-02-14 09:37 - 2018-01-19 16:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-02-13 12:05 - 2018-02-13 12:05 - 000257710 _____ C:\Users\User\Downloads\IFBP - effective 9JAN14 Ver 7.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 14:20 - 2014-12-05 22:10 - 000000000 ____D C:\FRST 2018-03-09 14:14 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-03-09 14:14 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-03-09 14:05 - 2017-06-11 17:28 - 000000000 ____D C:\Users\User\AppData\Roaming\ViberPC 2018-03-09 14:04 - 2016-08-05 15:18 - 000003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2018-03-09 14:04 - 2013-11-20 09:44 - 000001077 _____ C:\Windows\SysWOW64\bscs.ini 2018-03-09 14:02 - 2016-08-05 15:18 - 000000061 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2018-03-09 14:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-09 09:56 - 2017-09-04 09:48 - 000000000 ____D C:\ProgramData\KMSAutoS 2018-03-09 09:45 - 2016-10-20 10:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-03-05 14:55 - 2016-01-21 09:58 - 001691648 _____ C:\Users\User\Desktop\R_Ivanov_DBT (1).xls 2018-03-05 14:52 - 2017-06-11 17:30 - 000000000 ____D C:\Users\User\Documents\ViberDownloads 2018-02-28 20:00 - 2014-12-30 11:03 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-02-27 15:00 - 2009-07-14 07:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-27 15:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-02-26 19:04 - 2016-08-05 15:20 - 000000566 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI 2018-02-26 11:12 - 2018-01-08 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-02-26 11:12 - 2017-09-06 14:09 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-25 18:37 - 2017-03-06 14:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-02-19 12:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2018-02-16 19:47 - 2009-07-14 06:45 - 000410984 _____ C:\Windows\system32\FNTCACHE.DAT 2018-02-16 19:43 - 2015-04-16 07:01 - 000000000 ____D C:\Windows\system32\appraiser 2018-02-14 11:58 - 2014-08-18 18:28 - 000000000 ____D C:\Windows\system32\MRT 2018-02-14 11:57 - 2017-10-12 22:51 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-02-14 11:57 - 2014-08-18 18:28 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-02-14 11:54 - 2014-08-18 16:35 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-02-12 12:50 - 2017-12-11 20:09 - 000000000 ____D C:\Users\User\Desktop\Jungle Jepps ==================== Files in the root of some directories ======= 2016-05-14 20:19 - 2016-05-14 20:19 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg 2017-07-13 22:04 - 2017-07-13 22:04 - 000000000 _____ () C:\Users\User\AppData\Local\{08496EBD-3675-4FFD-9190-C60ED46C2602} Some files in TEMP: ==================== 2017-06-20 03:59 - 2017-06-20 03:59 - 000164424 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\atl110.dll 2017-09-06 14:31 - 2017-09-06 14:31 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe 2017-09-06 14:31 - 2017-09-06 14:31 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe 2017-06-20 03:59 - 2017-06-20 03:59 - 000069632 _____ () C:\Users\User\AppData\Local\Temp\HwInfo.dll 2017-06-20 03:59 - 2017-06-20 03:59 - 000900096 _____ () C:\Users\User\AppData\Local\Temp\NSISPromotionEx.dll 2018-01-08 17:18 - 2018-01-08 17:30 - 059165632 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe 2017-04-08 12:08 - 2017-04-08 12:08 - 014456872 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\vc_redist.x86.exe 2017-02-03 07:09 - 2017-02-03 07:24 - 030533688 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.4-win32.exe 2017-08-10 11:37 - 2017-08-10 11:37 - 030950664 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.6-win32.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-03-09 10:55 ==================== End of FRST.txt ============================ Addition.txt
  11. Rada Beliata

    Дело срещу наследници на починал

    Не могат да ви съдят вас за нещо , което "вероятно" е извършил ваш роднина преди смъртта си , независимо дали това е доказуемо( да не говорим , че дори да можеха след като са се подписали на ревизиите тези които са го направили са поели отговорността за разходите, но това е друг казус, който даже не ви касае) , т.е ако е имало "престъпление " във вид на присвояване то е преди смъртта на вероятния извършител , няма как да отговаряте вие за някакво такова деяние щом извършителя не е осъден преди смъртта си за този вид "престъпление" . Задълженията се определят към момента на смъртта на наследодателя. Ако преди смъртта на домоуправителя са предивили някакви присвоявания на средства и съдът е издал постановление , че домоуправителя е длъжен да възстанови средства на ЕС , тогава биха могли да придевяват някакви претенция и към наследниците , но във вашия случай ще е голяма тяхна грешка да го направят.
  12. Rada Beliata

    Дело срещу наследници на починал

    При нас е същата нагла история- едни се борят за общото дело а други търсят по вола теле за да се заядат за нещо, ама като стане върпос те да станат "безплатен домоуправител" - всички се дърпат и не искат, защото са мнооооого заети, иначе да правят интриги не са . След като е имало ревизии и някой се е подписал си тегли отговорността. Като е бил под натиск да е казал тогава , а не след като човека си е отишъл. Явно много холивудски клюки гледат последно време как някой след 100 години може да се обвинява в нещо недоказуемо.До къде стигна човешката наглост не е истина просто...... е , който се е подписвал , че е съгласен с тези разходи без оф. документи да си тегли последствията. Като не може да ги тегли да ходи да докаже, че е бил опрян пистолет в тила му , за да се подпише .
  13. Rada Beliata

    самозареждаща се страница с име Bing

    Благодаря за отделеното време и професионализма! Давам си оценка, че маловажно на пръв поглед пробнлермче излезе доста сериозен общ проблем, този Троянец ме обикаля вече няколко години, ще трябва по-редовно да обръщам внимание на машината си Изключително ви благодаря още веднъж за помощта! Спокойна празнична вечер! Черпя виртуално за именния си ден
  14. Rada Beliata

    самозареждаща се страница с име Bing

    Помествам дневника: # DelFix v1.013 - Logfile created 08/11/2017 at 17:47:32 # Updated 17/04/2016 by Xplode # Username : User - USER-PC # Operating System : Windows 7 Professional Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\User\Desktop\mbar Deleted : C:\Users\User\Desktop\Addition.txt Deleted : C:\Users\User\Desktop\adwcleaner_7.0.4.0.exe Deleted : C:\Users\User\Desktop\Fixlog.txt Deleted : C:\Users\User\Desktop\FRST.txt Deleted : C:\Users\User\Desktop\FRST64 (1).exe Deleted : HKLM\SOFTWARE\OldTimer Tools ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #838 [Windows Update | 10/28/2017 11:46:48] Deleted : RP #839 [Windows Update | 11/02/2017 15:21:25] Deleted : RP #840 [Windows Update | 11/06/2017 17:17:46] Deleted : RP #841 [Restore Point Created by FRST | 11/07/2017 16:38:39] Deleted : RP #842 [Restore Operation | 11/07/2017 18:41:37] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  15. Rada Beliata

    самозареждаща се страница с име Bing

    Не наблюдавам нещо нередно. Да деинсталирам ли всички иснтрументи , които ползвах? Например Zemana ?
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.