Премини към съдържанието

Rada Beliata

VIP Потребител
  • Публикации

    190
  • Регистрация

  • Последно онлайн

Харесвания

40 Добра репутация

1 Последовател

Всичко за Rada Beliata

  • Титла
    Почетен потребител
  • Рожден ден 4 юни

Последни посетители

1166 прегледа на профила
  1. Rada Beliata

    бавно работещ компютър

    Благодаря! Закъснях малко с отговора, нямах възможност да отварям компа последните дни. Снощи не можах да се справя , както и тази сутрин. Явно е за изхвърляне вече или за преинсталация. Дори и prt.sc. не иска да работи и за това ми се наложи да снимам екрана с телефона( друг начин не зная) т . До сега с ваша помощ няколко пъти съм оправяла моя и на мъж-о ми компове , ама този път ударих на камък Ето какво се получава при опита ми да изпълня указанията Ви ;(
  2. Rada Beliata

    бавно работещ компютър

    Пропуснах да напиша, че няколко дена не бях ползвала компа и днес като го включих се появи съобщение- снимка на екрана прикачам във файл
  3. Rada Beliata

    бавно работещ компютър

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21.07.2018 Ran by User (administrator) on USER-D5B14BBE3D (31-07-2018 14:38:03) Running from C:\Documents and Settings\User\My Documents\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\WINXP\system32\smss.exe (Microsoft Corporation) C:\WINXP\system32\csrss.exe (Microsoft Corporation) C:\WINXP\system32\winlogon.exe (Microsoft Corporation) C:\WINXP\system32\services.exe (Microsoft Corporation) C:\WINXP\system32\lsass.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\WINXP\explorer.exe (Microsoft Corporation) C:\WINXP\system32\spoolsv.exe (Intel Corporation) C:\WINXP\system32\igfxtray.exe (Intel Corporation) C:\WINXP\system32\hkcmd.exe (Intel Corporation) C:\WINXP\system32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Intel Corporation) C:\WINXP\system32\igfxsrvc.exe (Microsoft Corporation) C:\WINXP\system32\ctfmon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Viber Media S.Ã r.l.) C:\Documents and Settings\User\Local Settings\Application Data\Viber\Viber.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\WINXP\system32\alg.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation) C:\WINXP\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINXP\system32\wuauclt.exe (Farbar) C:\Documents and Settings\User\My Documents\Downloads\FRST (1).exe (Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [141848 2008-02-28] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [166424 2008-02-28] (Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [137752 2008-02-28] (Intel Corporation) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-19] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe, HKLM\...\Winlogon: [Shell] Explorer.exe [x ] () HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation) Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2013-10-07] (Microsoft Corporation) Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2008-02-15] (Intel Corporation) Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\WgaLogon: WgaLogon.dll [X] Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [CTFMON.EXE] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [Viber] => C:\Documents and Settings\User\Local Settings\Application Data\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.Ã r.l.) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\MountPoints2: {3b7b521c-4fa5-11e5-8eea-001cbf97ad6f} - F:\AutoRun.exe HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Corporation) HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Corporation) Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2014-11-10] ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation) Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 04 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Winsock: Catalog9 05 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{60C018A7-C57B-473A-8A59-60AF92102461}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-19] (AVAST Software) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1411027421784 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) FireFox: ======== FF DefaultProfile: 7vacglr9.default FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\7vacglr9.default [2018-06-23] FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default [2018-07-31] CHR Extension: (Документи) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-23] CHR Extension: (Google Диск) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Търсене) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Avast SafePrice) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-22] CHR Extension: (Google Документи офлайн) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-30] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16] CHR Extension: (Gmail) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-11] (Adobe Systems Incorporated) [File not signed] S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-19] (AVAST Software) R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-23] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-19] (AVAST Software) S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-23] (AVAST Software) R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) R2 Browser; C:\WINXP\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation) R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation) R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2011-04-12] (Microsoft Corporation) S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation) R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Corporation) R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) R3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Corporation) R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Corporation) R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation) R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation) S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation) R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Corporation) R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) R3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Corporation) S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Corporation) S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) S3 WPFFontCache_v0400; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation) R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) R2 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Corporation) R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2011-06-14] (Microsoft Corporation) S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{65104CBC-D70A-4155-91F5-43ABF3B891FA} ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation) S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) R1 aswArPot; C:\WINXP\System32\drivers\aswArPot.sys [167552 2018-07-19] (AVAST Software) R1 aswbidsdriver; C:\WINXP\System32\drivers\aswbidsdriverx.sys [188352 2018-07-19] (AVAST Software) R0 aswbidsh; C:\WINXP\System32\drivers\aswbidshx.sys [164944 2018-07-19] (AVAST Software) R0 aswblog; C:\WINXP\System32\drivers\aswblogx.sys [284328 2018-07-19] (AVAST Software) R0 aswbuniv; C:\WINXP\System32\drivers\aswbunivx.sys [57976 2018-07-19] (AVAST Software) S3 aswHwid; C:\WINXP\System32\drivers\aswHwid.sys [42808 2018-07-19] (AVAST Software) R2 aswMonFlt; C:\WINXP\System32\drivers\aswMonFlt.sys [133680 2018-07-19] (AVAST Software) R1 aswRdr; C:\WINXP\System32\drivers\aswRdr.sys [70840 2018-07-19] (AVAST Software) R0 aswRvrt; C:\WINXP\System32\drivers\aswRvrt.sys [71848 2018-07-19] (AVAST Software) R1 aswSnx; C:\WINXP\System32\drivers\aswSnx.sys [784120 2018-07-19] (AVAST Software) R1 aswSP; C:\WINXP\System32\drivers\aswSP.sys [396352 2018-07-23] (AVAST Software) R3 aswStmXP; C:\WINXP\System32\drivers\aswStmXP.sys [205864 2018-07-19] (AVAST Software) R0 aswVmm; C:\WINXP\System32\drivers\aswVmm.sys [310784 2018-07-19] (AVAST Software) S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation) S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation) S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2011-06-14] (Microsoft Corporation) R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) S1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Corporation) R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Corporation) R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation) S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.) S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) R3 E100B; C:\WINXP\System32\DRIVERS\e100b325.sys [165496 2007-11-16] (Intel Corporation) S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation) R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation) U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation) R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation) R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) R3 HBtnKey; C:\WINXP\System32\DRIVERS\cpqbttn.sys [9472 2006-06-28] (Hewlett-Packard Development Company, L.P.) R3 HdAudAddService; C:\WINXP\System32\drivers\CHDAud.sys [625664 2007-02-12] (Conexant Systems Inc.) R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider) R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-21] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-21] (Conexant Systems, Inc.) R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Corporation) R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5854752 2008-02-15] (Intel Corporation) S1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) R0 IntelIde; C:\WINXP\System32\DRIVERS\intelide.sys [5504 2008-04-13] (Microsoft Corporation) R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation) S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation) S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) S3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Corporation) R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) R1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Corporation) R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Conexant) R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation) R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2011-06-14] (Microsoft Corporation) R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2011-06-14] (Microsoft Corporation) R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation) R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2011-06-14] (Microsoft Corporation) R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105472 2011-06-14] (Microsoft Corporation) R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2011-06-14] (Microsoft Corporation) R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) R3 NETwLx32; C:\WINXP\System32\DRIVERS\NETwLx32.sys [6616816 2013-05-02] (Intel Corporation) R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation) S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation) S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation) S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2011-06-14] (Microsoft Corporation) R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation) R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Corporation) R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2008-04-14] (Microsoft Corporation) R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-13] (Microsoft Corporation) R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.) R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation) R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation) R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation) R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation) S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) S1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Corporation) S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357888 2011-04-12] (Microsoft Corporation) R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2011-06-14] (Microsoft Corporation) S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2011-04-12] (Microsoft Corporation) S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) S3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) S3 usbprint; C:\WINXP\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) S3 usbscan; C:\WINXP\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation) R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-21] (Conexant Systems, Inc.) R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation) S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Corporation) R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Corporation) S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Corporation) S3 MBAMSwissArmy; \??\C:\WINXP\system32\drivers\MBAMSwissArmy.sys [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-23 23:44 - 2018-07-23 23:44 - 000020023 _____ C:\Documents and Settings\User\Desktop\Addition.txt 2018-07-23 23:20 - 2018-07-31 14:38 - 000000000 ____D C:\FRST 2018-07-19 22:41 - 2018-07-19 22:37 - 000321752 _____ (AVAST Software) C:\WINXP\system32\aswBoot.exe 2018-07-19 22:03 - 2018-07-19 22:02 - 000114688 _____ C:\WINXP\Minidump\Mini071918-01.dmp 2018-07-16 16:08 - 2018-07-16 16:07 - 000114688 _____ C:\WINXP\Minidump\Mini071618-01.dmp 2018-07-04 12:17 - 2018-07-04 12:17 - 000194873 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_7.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000566728 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_3.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000566728 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_3.0.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000509799 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_4.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000492585 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_5.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000426665 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_2.pdf 2018-07-03 13:15 - 2018-05-01 09:41 - 000000000 ____N C:\Documents and Settings\User\Desktop\New Doc 2018-04-13_1.pdf.tmp0-01-05-7c055bbf3f448341b5dd85f588490d5ae3c97c2c50e8c607488b97084292af80.decrypt 2018-07-03 13:15 - 2018-03-28 22:11 - 000193839 ____N C:\Documents and Settings\User\Desktop\zz.pdf 2018-07-03 13:14 - 2018-07-03 13:14 - 000691790 _____ C:\Documents and Settings\User\Desktop\New Doc 2018-02-05_1.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-31 14:41 - 2014-09-17 16:42 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Temp 2018-07-31 14:38 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP\Temp 2018-07-31 14:35 - 2014-09-18 11:03 - 000000416 ____H C:\WINXP\Tasks\User_Feed_Synchronization-{386A3F3D-CD9C-4C4A-A574-CF193C8A76BE}.job 2018-07-31 14:12 - 2018-04-30 16:08 - 000000000 ____D C:\Documents and Settings\User\My Documents\ViberDownloads 2018-07-31 14:03 - 2018-04-30 16:07 - 000000000 ____D C:\Documents and Settings\User\Application Data\ViberPC 2018-07-31 14:03 - 2018-03-22 15:16 - 000000358 ____H C:\WINXP\Tasks\Avast Emergency Update.job 2018-07-31 14:03 - 2014-09-23 10:53 - 000000374 _____ C:\WINXP\system32\Drivers\etc\hosts.ics 2018-07-31 14:02 - 2018-06-23 11:55 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job 2018-07-31 14:02 - 2014-12-16 12:40 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job 2018-07-31 14:02 - 2014-09-18 11:47 - 000000216 _____ C:\WINXP\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2018-07-31 14:02 - 2014-09-17 16:40 - 000000006 ____H C:\WINXP\Tasks\SA.DAT 2018-07-31 14:02 - 2008-04-14 12:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl 2018-07-25 23:59 - 2014-09-17 16:40 - 000032520 _____ C:\WINXP\SchedLgU.Txt 2018-07-25 23:56 - 2014-09-17 16:42 - 000000178 ___SH C:\Documents and Settings\User\ntuser.ini 2018-07-25 23:45 - 2014-12-16 12:40 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job 2018-07-25 23:44 - 2014-09-25 13:21 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job 2018-07-25 23:00 - 2018-06-23 11:55 - 000001020 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job 2018-07-23 22:28 - 2015-02-12 17:46 - 000396352 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSP.sys 2018-07-23 10:40 - 2018-06-23 11:55 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\AVAST Software 2018-07-23 10:33 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP 2018-07-19 22:45 - 2014-09-17 19:05 - 000000000 ___HD C:\WINXP\inf 2018-07-19 22:45 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP\system32 2018-07-19 22:38 - 2018-03-22 15:26 - 000167552 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswArPot.sys 2018-07-19 22:38 - 2016-02-16 18:20 - 000205864 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000310784 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswVmm.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000133680 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000071848 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000070840 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000042808 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys 2018-07-19 22:34 - 2015-02-12 17:46 - 000784120 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSnx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000284328 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswblogx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000188352 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbidsdriverx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000164944 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbidshx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000057976 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbunivx.sys 2018-07-19 22:09 - 2014-09-17 19:19 - 000470938 _____ C:\WINXP\system32\PerfStringBackup.INI 2018-07-19 22:03 - 2016-03-23 17:47 - 000000000 ____D C:\WINXP\Minidump 2018-07-11 13:14 - 2018-04-30 16:05 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Viber 2018-07-11 10:44 - 2018-03-22 15:44 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job 2018-07-11 10:44 - 2014-09-25 13:21 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe 2018-07-11 10:44 - 2014-09-25 13:21 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl 2018-07-11 10:44 - 2014-09-17 16:27 - 000000000 ____D C:\WINXP\system32\Macromed 2018-07-09 23:31 - 2018-06-30 23:49 - 000000000 _____ C:\WINXP\system32\last.dump ==================== Files in the root of some directories ======= 2014-12-16 11:58 - 2014-12-16 12:00 - 006000640 _____ () C:\Program Files\GUT2D.tmp 2014-09-30 12:05 - 2018-03-30 18:54 - 000006656 _____ () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-10 16:47 - 2014-12-10 16:47 - 000001001 _____ () C:\Documents and Settings\User\Local Settings\Application Data\recently-used.xbel Some files in TEMP: ==================== 2014-09-18 11:27 - 2014-09-18 11:27 - 000000000 ____D () C:\Documents and Settings\User\Local Settings\Temp\avgnt.exe 2018-06-23 12:03 - 2018-06-23 11:54 - 002765192 _____ () C:\Documents and Settings\User\Local Settings\Temp\removeSZB.exe 2015-09-25 00:58 - 2015-09-28 11:25 - 000118569 _____ () C:\Documents and Settings\User\Local Settings\Temp\{1D146749-9C51-4533-8B92-6DBE6DF0DD05}-45.0.2454.101_chrome_installer.exe 2015-04-06 17:53 - 2015-04-06 17:53 - 001265821 _____ () C:\Documents and Settings\User\Local Settings\Temp\{641173F6-92E7-4C7F-AE82-22957B1397EC}-41.0.2272.118_chrome_installer.exe 2015-09-25 00:58 - 2015-09-29 16:27 - 000457045 _____ () C:\Documents and Settings\User\Local Settings\Temp\{97E31453-CC2B-4EBD-BBDE-1DD8C296F4F4}-45.0.2454.101_chrome_installer.exe 2015-10-22 11:20 - 2015-10-22 11:20 - 000186493 _____ () C:\Documents and Settings\User\Local Settings\Temp\{C650DAAB-3179-4A09-8E31-397EB6AD13AE}-46.0.2490.71_chrome_installer.exe 2015-05-05 11:57 - 2015-05-05 12:00 - 000000000 _____ () C:\Documents and Settings\User\Local Settings\Temp\{CEB47FFC-08CB-4640-810C-31F913E2F3FC}-42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-09-25 00:58 - 2015-10-02 13:41 - 000000000 _____ () C:\Documents and Settings\User\Local Settings\Temp\{D6FBE23C-6BD5-433B-B1A6-4E7DBA448596}-45.0.2454.101_chrome_installer.exe 2014-12-16 12:01 - 2014-12-16 12:01 - 004123041 _____ () C:\Documents and Settings\User\Local Settings\Temp\{D8635A75-C4B5-4E06-9418-AC631E1A2BC9}-39.0.2171.95_chrome_installer.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINXP\explorer.exe => File is digitally signed C:\WINXP\system32\winlogon.exe => File is digitally signed C:\WINXP\system32\svchost.exe => File is digitally signed C:\WINXP\system32\services.exe => File is digitally signed C:\WINXP\system32\User32.dll => File is digitally signed C:\WINXP\system32\userinit.exe => File is digitally signed C:\WINXP\system32\rpcss.dll => File is digitally signed C:\WINXP\system32\dnsapi.dll => File is digitally signed C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition 31.07.txt
  4. Rada Beliata

    бавно работещ компютър

    Това нещо съмнително ли е ?
  5. Rada Beliata

    бавно работещ компютър

    Много благодаря! На мен ми се струва , че точно антивирусната прави проблем, понеже на изгорелия ми по-нов комп дефрегментирането го бях направила автоматично тук не се сетих да направя това, веднага ще го направя. Компа е много стар, на повече от 12 г, беше бракуван , но не изхвърлен още преди 5 г. Ползвах го преди известно време слабо като втори служебен, като работех в недвижимите имоти и там някой колега ми слага антивируса. Сега ще пусна да се дефрегм.
  6. Здравейте, Все още не мога да си позволя да си взема нов комп и работя с един доста стар, който така или иначе не зареждаше кой знае колко добре, но от няколко дена започна да ми дава различни съобщения от антивирусната и в момента рязко се влоши и без това липсващата му бързина. Благодаря предварително за съдействието! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21.07.2018 Ran by User (administrator) on USER-D5B14BBE3D (23-07-2018 23:20:40) Running from C:\Documents and Settings\User\My Documents\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\WINXP\system32\smss.exe (Microsoft Corporation) C:\WINXP\system32\csrss.exe (Microsoft Corporation) C:\WINXP\system32\winlogon.exe (Microsoft Corporation) C:\WINXP\system32\services.exe (Microsoft Corporation) C:\WINXP\system32\lsass.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\explorer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\WINXP\system32\spoolsv.exe (AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe (Intel Corporation) C:\WINXP\system32\igfxtray.exe (Intel Corporation) C:\WINXP\system32\hkcmd.exe (Intel Corporation) C:\WINXP\system32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\WINXP\system32\igfxsrvc.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\ctfmon.exe (Viber Media S.Ã r.l.) C:\Documents and Settings\User\Local Settings\Application Data\Viber\Viber.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) C:\WINXP\system32\svchost.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\WINXP\system32\alg.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation) C:\WINXP\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [141848 2008-02-28] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [166424 2008-02-28] (Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [137752 2008-02-28] (Intel Corporation) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-19] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe, HKLM\...\Winlogon: [Shell] Explorer.exe [x ] () HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation) Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2013-10-07] (Microsoft Corporation) Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2008-02-15] (Intel Corporation) Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\WgaLogon: WgaLogon.dll [X] Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [CTFMON.EXE] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [Viber] => C:\Documents and Settings\User\Local Settings\Application Data\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.Ã r.l.) HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect HKU\S-1-5-21-1229272821-412668190-1801674531-1003\...\MountPoints2: {3b7b521c-4fa5-11e5-8eea-001cbf97ad6f} - F:\AutoRun.exe HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation) HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Corporation) HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Corporation) Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2014-11-10] ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation) Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 04 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Winsock: Catalog9 05 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{60C018A7-C57B-473A-8A59-60AF92102461}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1229272821-412668190-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-19] (AVAST Software) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1411027421784 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) FireFox: ======== FF DefaultProfile: 7vacglr9.default FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\7vacglr9.default [2018-06-23] FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default [2018-07-23] CHR Extension: (Документи) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-23] CHR Extension: (Google Диск) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Търсене) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Avast SafePrice) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-22] CHR Extension: (Google Документи офлайн) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-30] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16] CHR Extension: (Gmail) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-11] (Adobe Systems Incorporated) [File not signed] S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-19] (AVAST Software) R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-23] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-19] (AVAST Software) S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-23] (AVAST Software) S3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) R2 Browser; C:\WINXP\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation) R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation) R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2011-04-12] (Microsoft Corporation) S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation) R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Corporation) R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) R3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Corporation) R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Corporation) R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2011-04-12] (Microsoft Corporation) S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Corporation) R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) R3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Corporation) S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation) R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Corporation) R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2011-03-08] (Microsoft Corporation) S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) R3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Corporation) S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Corporation) S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) S3 WPFFontCache_v0400; C:\WINXP\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation) R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) R2 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Corporation) R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2011-06-14] (Microsoft Corporation) S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{65104CBC-D70A-4155-91F5-43ABF3B891FA} ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation) S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) R1 aswArPot; C:\WINXP\System32\drivers\aswArPot.sys [167552 2018-07-19] (AVAST Software) R1 aswbidsdriver; C:\WINXP\System32\drivers\aswbidsdriverx.sys [188352 2018-07-19] (AVAST Software) R0 aswbidsh; C:\WINXP\System32\drivers\aswbidshx.sys [164944 2018-07-19] (AVAST Software) R0 aswblog; C:\WINXP\System32\drivers\aswblogx.sys [284328 2018-07-19] (AVAST Software) R0 aswbuniv; C:\WINXP\System32\drivers\aswbunivx.sys [57976 2018-07-19] (AVAST Software) S3 aswHwid; C:\WINXP\System32\drivers\aswHwid.sys [42808 2018-07-19] (AVAST Software) R2 aswMonFlt; C:\WINXP\System32\drivers\aswMonFlt.sys [133680 2018-07-19] (AVAST Software) R1 aswRdr; C:\WINXP\System32\drivers\aswRdr.sys [70840 2018-07-19] (AVAST Software) R0 aswRvrt; C:\WINXP\System32\drivers\aswRvrt.sys [71848 2018-07-19] (AVAST Software) R1 aswSnx; C:\WINXP\System32\drivers\aswSnx.sys [784120 2018-07-19] (AVAST Software) R1 aswSP; C:\WINXP\System32\drivers\aswSP.sys [396352 2018-07-23] (AVAST Software) R3 aswStmXP; C:\WINXP\System32\drivers\aswStmXP.sys [205864 2018-07-19] (AVAST Software) R0 aswVmm; C:\WINXP\System32\drivers\aswVmm.sys [310784 2018-07-19] (AVAST Software) S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation) S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation) S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2011-06-14] (Microsoft Corporation) R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Corporation) R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Corporation) R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation) S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.) S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) R3 E100B; C:\WINXP\System32\DRIVERS\e100b325.sys [165496 2007-11-16] (Intel Corporation) S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation) R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation) U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation) R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation) R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) R3 HBtnKey; C:\WINXP\System32\DRIVERS\cpqbttn.sys [9472 2006-06-28] (Hewlett-Packard Development Company, L.P.) R3 HdAudAddService; C:\WINXP\System32\drivers\CHDAud.sys [625664 2007-02-12] (Conexant Systems Inc.) R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows (R) Server 2003 DDK provider) R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-21] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-21] (Conexant Systems, Inc.) R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Corporation) R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5854752 2008-02-15] (Intel Corporation) R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) R0 IntelIde; C:\WINXP\System32\DRIVERS\intelide.sys [5504 2008-04-13] (Microsoft Corporation) R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation) S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation) S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) S3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Corporation) R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) R1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Corporation) R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Conexant) R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation) R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2011-06-14] (Microsoft Corporation) R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2011-06-14] (Microsoft Corporation) R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation) R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2011-06-14] (Microsoft Corporation) R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105472 2011-06-14] (Microsoft Corporation) R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2011-06-14] (Microsoft Corporation) R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) R3 NETwLx32; C:\WINXP\System32\DRIVERS\NETwLx32.sys [6616816 2013-05-02] (Intel Corporation) R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation) S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation) S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation) S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2011-06-14] (Microsoft Corporation) R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation) R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Corporation) R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2008-04-14] (Microsoft Corporation) R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-13] (Microsoft Corporation) R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.) R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation) R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation) R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation) R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation) S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Corporation) S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357888 2011-04-12] (Microsoft Corporation) R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2011-06-14] (Microsoft Corporation) S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2011-04-12] (Microsoft Corporation) S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) S3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) S3 usbprint; C:\WINXP\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) S3 usbscan; C:\WINXP\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation) R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-21] (Conexant Systems, Inc.) R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation) S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Corporation) R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Corporation) S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Corporation) S3 MBAMSwissArmy; \??\C:\WINXP\system32\drivers\MBAMSwissArmy.sys [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-23 23:20 - 2018-07-23 23:20 - 000000000 ____D C:\FRST 2018-07-19 22:41 - 2018-07-19 22:37 - 000321752 _____ (AVAST Software) C:\WINXP\system32\aswBoot.exe 2018-07-19 22:03 - 2018-07-19 22:02 - 000114688 _____ C:\WINXP\Minidump\Mini071918-01.dmp 2018-07-16 16:08 - 2018-07-16 16:07 - 000114688 _____ C:\WINXP\Minidump\Mini071618-01.dmp 2018-07-04 12:17 - 2018-07-04 12:17 - 000194873 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_7.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000566728 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_3.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000566728 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_3.0.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000509799 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_4.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000492585 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_5.pdf 2018-07-04 12:16 - 2018-07-04 12:16 - 000426665 _____ C:\Documents and Settings\User\My Documents\New Doc 2018-06-21_2.pdf 2018-07-03 13:15 - 2018-05-01 09:41 - 000000000 ____N C:\Documents and Settings\User\Desktop\New Doc 2018-04-13_1.pdf.tmp0-01-05-7c055bbf3f448341b5dd85f588490d5ae3c97c2c50e8c607488b97084292af80.decrypt 2018-07-03 13:15 - 2018-03-28 22:11 - 000193839 ____N C:\Documents and Settings\User\Desktop\zz.pdf 2018-07-03 13:14 - 2018-07-03 13:14 - 000691790 _____ C:\Documents and Settings\User\Desktop\New Doc 2018-02-05_1.pdf 2018-06-30 23:49 - 2018-07-09 23:31 - 000000000 _____ C:\WINXP\system32\last.dump 2018-06-23 12:01 - 2018-06-23 12:01 - 000001996 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Avast Secure Browser.lnk 2018-06-23 12:01 - 2018-06-23 12:01 - 000001988 _____ C:\Documents and Settings\All Users\Desktop\Avast Secure Browser.lnk 2018-06-23 11:55 - 2018-07-23 23:02 - 000001020 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job 2018-06-23 11:55 - 2018-07-23 22:27 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job 2018-06-23 11:55 - 2018-07-23 10:40 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\AVAST Software ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-23 23:24 - 2014-09-17 16:42 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Temp 2018-07-23 23:21 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP\Temp 2018-07-23 23:17 - 2014-09-18 11:03 - 000000416 ____H C:\WINXP\Tasks\User_Feed_Synchronization-{386A3F3D-CD9C-4C4A-A574-CF193C8A76BE}.job 2018-07-23 23:06 - 2018-03-22 15:16 - 000000358 ____H C:\WINXP\Tasks\Avast Emergency Update.job 2018-07-23 22:47 - 2014-12-16 12:40 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job 2018-07-23 22:46 - 2014-12-16 12:40 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job 2018-07-23 22:44 - 2014-09-25 13:21 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job 2018-07-23 22:33 - 2018-04-30 16:08 - 000000000 ____D C:\Documents and Settings\User\My Documents\ViberDownloads 2018-07-23 22:28 - 2018-04-30 16:07 - 000000000 ____D C:\Documents and Settings\User\Application Data\ViberPC 2018-07-23 22:28 - 2015-02-12 17:46 - 000396352 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSP.sys 2018-07-23 22:28 - 2014-09-23 10:53 - 000000374 _____ C:\WINXP\system32\Drivers\etc\hosts.ics 2018-07-23 22:27 - 2014-09-18 11:47 - 000000216 _____ C:\WINXP\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2018-07-23 22:27 - 2014-09-17 16:40 - 000000006 ____H C:\WINXP\Tasks\SA.DAT 2018-07-23 15:14 - 2014-09-17 16:40 - 000032582 _____ C:\WINXP\SchedLgU.Txt 2018-07-23 15:11 - 2014-09-17 16:42 - 000000178 ___SH C:\Documents and Settings\User\ntuser.ini 2018-07-23 10:33 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP 2018-07-23 10:32 - 2008-04-14 12:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl 2018-07-19 22:45 - 2014-09-17 19:05 - 000000000 ___HD C:\WINXP\inf 2018-07-19 22:45 - 2014-09-17 19:05 - 000000000 ____D C:\WINXP\system32 2018-07-19 22:38 - 2018-03-22 15:26 - 000167552 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswArPot.sys 2018-07-19 22:38 - 2016-02-16 18:20 - 000205864 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000310784 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswVmm.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000133680 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000071848 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000070840 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys 2018-07-19 22:38 - 2015-02-12 17:46 - 000042808 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys 2018-07-19 22:34 - 2015-02-12 17:46 - 000784120 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswSnx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000284328 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswblogx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000188352 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbidsdriverx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000164944 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbidshx.sys 2018-07-19 22:33 - 2018-03-22 15:26 - 000057976 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswbunivx.sys 2018-07-19 22:09 - 2014-09-17 19:19 - 000470938 _____ C:\WINXP\system32\PerfStringBackup.INI 2018-07-19 22:03 - 2016-03-23 17:47 - 000000000 ____D C:\WINXP\Minidump 2018-07-11 13:14 - 2018-04-30 16:05 - 000000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Viber 2018-07-11 10:44 - 2018-03-22 15:44 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job 2018-07-11 10:44 - 2014-09-25 13:21 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe 2018-07-11 10:44 - 2014-09-25 13:21 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl 2018-07-11 10:44 - 2014-09-17 16:27 - 000000000 ____D C:\WINXP\system32\Macromed 2018-06-28 13:37 - 2014-09-17 16:42 - 000001587 _____ C:\Documents and Settings\User\Start Menu\Programs\Remote Assistance.lnk 2018-06-23 12:03 - 2015-02-12 17:38 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software 2018-06-23 11:55 - 2015-02-12 17:38 - 000000000 ____D C:\Program Files\AVAST Software ==================== Files in the root of some directories ======= 2014-12-16 11:58 - 2014-12-16 12:00 - 006000640 _____ () C:\Program Files\GUT2D.tmp 2014-09-30 12:05 - 2018-03-30 18:54 - 000006656 _____ () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-10 16:47 - 2014-12-10 16:47 - 000001001 _____ () C:\Documents and Settings\User\Local Settings\Application Data\recently-used.xbel Some files in TEMP: ==================== 2014-09-18 11:27 - 2014-09-18 11:27 - 000000000 ____D () C:\Documents and Settings\User\Local Settings\Temp\avgnt.exe 2018-06-23 12:03 - 2018-06-23 11:54 - 002765192 _____ () C:\Documents and Settings\User\Local Settings\Temp\removeSZB.exe 2015-09-25 00:58 - 2015-09-28 11:25 - 000118569 _____ () C:\Documents and Settings\User\Local Settings\Temp\{1D146749-9C51-4533-8B92-6DBE6DF0DD05}-45.0.2454.101_chrome_installer.exe 2015-04-06 17:53 - 2015-04-06 17:53 - 001265821 _____ () C:\Documents and Settings\User\Local Settings\Temp\{641173F6-92E7-4C7F-AE82-22957B1397EC}-41.0.2272.118_chrome_installer.exe 2015-09-25 00:58 - 2015-09-29 16:27 - 000457045 _____ () C:\Documents and Settings\User\Local Settings\Temp\{97E31453-CC2B-4EBD-BBDE-1DD8C296F4F4}-45.0.2454.101_chrome_installer.exe 2015-10-22 11:20 - 2015-10-22 11:20 - 000186493 _____ () C:\Documents and Settings\User\Local Settings\Temp\{C650DAAB-3179-4A09-8E31-397EB6AD13AE}-46.0.2490.71_chrome_installer.exe 2015-05-05 11:57 - 2015-05-05 12:00 - 000000000 _____ () C:\Documents and Settings\User\Local Settings\Temp\{CEB47FFC-08CB-4640-810C-31F913E2F3FC}-42.0.2311.135_42.0.2311.90_chrome_updater.exe 2015-09-25 00:58 - 2015-10-02 13:41 - 000000000 _____ () C:\Documents and Settings\User\Local Settings\Temp\{D6FBE23C-6BD5-433B-B1A6-4E7DBA448596}-45.0.2454.101_chrome_installer.exe 2014-12-16 12:01 - 2014-12-16 12:01 - 004123041 _____ () C:\Documents and Settings\User\Local Settings\Temp\{D8635A75-C4B5-4E06-9418-AC631E1A2BC9}-39.0.2171.95_chrome_installer.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINXP\explorer.exe => File is digitally signed C:\WINXP\system32\winlogon.exe => File is digitally signed C:\WINXP\system32\svchost.exe => File is digitally signed C:\WINXP\system32\services.exe => File is digitally signed C:\WINXP\system32\User32.dll => File is digitally signed C:\WINXP\system32\userinit.exe => File is digitally signed C:\WINXP\system32\rpcss.dll => File is digitally signed C:\WINXP\system32\dnsapi.dll => File is digitally signed C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt
  7. Благодаря много ! Топла и усмихната вечер да имате!
  8. Вече бях деинсталирала , но приложих сега и инструмента и ето файла: # DelFix v1.013 - Logfile created 10/03/2018 at 18:52:28 # Updated 17/04/2016 by Xplode # Username : User - USER-PC # Operating System : Windows 7 Professional Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\AdwCleanerDebug.txt Deleted : C:\ComboFix.txt Deleted : C:\Users\User\Desktop\Addition.txt Deleted : C:\Users\User\Desktop\Addition1.txt Deleted : C:\Windows\grep.exe Deleted : C:\Windows\PEV.exe Deleted : C:\Windows\NIRCMD.exe Deleted : C:\Windows\MBR.exe Deleted : C:\Windows\SED.exe Deleted : C:\Windows\SWREG.exe Deleted : C:\Windows\SWSC.exe Deleted : C:\Windows\SWXCACLS.exe Deleted : C:\Windows\Zip.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #457 [Windows Update | 02/25/2018 16:40:18] Deleted : RP #458 [Installed Jeppesen Program and Data Installation | 02/26/2018 09:14:39] Deleted : RP #459 [Windows Update | 03/05/2018 12:59:27] Deleted : RP #460 [Windows Update | 03/09/2018 07:57:38] Deleted : RP #462 [Restore Point Created by FRST | 03/10/2018 12:11:06] Deleted : RP #464 [Restore Point Created by FRST | 03/10/2018 14:22:13] New restore point created ! ########## - EOF - ########## Сърдечно благодаря за многото отделено време и то през почивен ден! Весел и ползотеорен остатък от почивните дни и на вас! Аз съм в болнини и се възстановявам от тежка операция, така , че следващите седмици за мен ще са все почивни
  9. Много блюгодаря! Предполагам сега трябва да изтрия всички инструменти . Компа работи значително по добре! Сърдечно благодаря!
  10. Много благодаря! Сега ще рестартна да видя какво се случва с бързината, но до тук , колкото го ползвах вървеше по-леко. Открих от къде прави бъг на ФБ - има инзталиран някакъв Ad Block, който бъгва визуалния вид на страницата на ФБ и не се виждат половината опции- например , коментари, опции за изход - излизат само празни черти > Нужна ли е тази програма Add block или да я деинсталирам?
  11. не поиска рестарт, ето файла: Fix result of Farbar Recovery Scan Tool (x64) Version: 10.03.2018 Ran by User (10-03-2018 16:22:10) Run:3 Running from C:\Users\User\Desktop\New folder Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" Startbatch: @echo off net stop BITS ipconfig /flushdns ren "%programdata%\Microsoft\Network\Downloader\qmgr0.dat" qmgr0.dat.old ren "%programdata%\Microsoft\Network\Downloader\qmgr1.dat" qmgr1.dat.old net start BITS Endbatch: Powershell: Get-BitsTransfer -AllUsers Powershell: Get-BitsTransfer -AllUsers | select -ExpandProperty FileList CMD: bitsadmin /reset /allusers end ***************** Restore point was successfully created. ========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" ========= Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation. ========= End of CMD: ========= ========= Batch: ========= The Background Intelligent Transfer Service service is stopping.. The Background Intelligent Transfer Service service was stopped successfully. Windows IP Configuration Successfully flushed the DNS Resolver Cache. The Background Intelligent Transfer Service service is starting. The Background Intelligent Transfer Service service was started successfully. ========= End of Batch: ========= ========= Get-BitsTransfer -AllUsers ========= ========= End of Powershell: ========= ========= Get-BitsTransfer -AllUsers | select -ExpandProperty FileList ========= ========= End of Powershell: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ==== End of Fixlog 16:24:34 ====
  12. Fix result of Farbar Recovery Scan Tool (x64) Version: 10.03.2018 Ran by User (10-03-2018 14:11:03) Run:2 Running from C:\Users\User\Desktop\New folder Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION Task: {4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1} - System32\Tasks\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\ Task: {74A1E32B-5FCE-472C-94C5-A07EDA38D14F} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION Task: {8911747D-DBA5-4C16-B055-1736416D2688} - System32\Tasks\{BF876EFA-AAC2-4AAE-83EC-85158C195963} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\ Task: {B388DC38-3B20-41ED-9530-7AAB6E414D12} - System32\Tasks\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Downloads\BluetoothDriverInstaller.exe -d C:\Users\User\Downloads AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [116] AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [128] cmd: bitsadmin /reset /allusers cmd: netsh winsock reset catalog cmd: ipconfig /flushdns RemoveProxy: EmptyTemp: End ***************** Restore point was successfully created. Processes closed successfully. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully C:\Windows\system32\GroupPolicy\User => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C81A2E3-E7AA-4EC9-B7DE-17DF30277CF1}" => removed successfully C:\Windows\System32\Tasks\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C05BBB12-50E7-4144-9FD3-000E5CEA6BF6}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74A1E32B-5FCE-472C-94C5-A07EDA38D14F}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74A1E32B-5FCE-472C-94C5-A07EDA38D14F}" => removed successfully C:\Windows\System32\Tasks\YTAUpdate => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8911747D-DBA5-4C16-B055-1736416D2688}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8911747D-DBA5-4C16-B055-1736416D2688}" => removed successfully C:\Windows\System32\Tasks\{BF876EFA-AAC2-4AAE-83EC-85158C195963} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF876EFA-AAC2-4AAE-83EC-85158C195963}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B388DC38-3B20-41ED-9530-7AAB6E414D12}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B388DC38-3B20-41ED-9530-7AAB6E414D12}" => removed successfully C:\Windows\System32\Tasks\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1E1AD903-F239-42C8-89F6-3E4DBECAFDB5}" => removed successfully C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully C:\ProgramData\TEMP => ":DBC416F8" ADS removed successfully ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {3F6239DB-8F2A-495C-936D-000E3F67903F}. Unable to cancel {21A77507-8AB3-4865-BE77-11AEBCEFEFC7}. Unable to cancel {779C1EF9-0AD4-47F2-889D-8D50C30F80DF}. Unable to cancel {6FDE9AA9-8441-4145-B6FE-490F4C6D6592}. Unable to cancel {A59F42DA-552E-427E-85C1-E232E2FA9A96}. Unable to cancel {1A77A6DA-38E2-4C92-A907-9FBD3A59754A}. Unable to cancel {0B06DFE5-229C-4827-98A3-6C7BA22EC6B2}. Unable to cancel {75C69611-827C-4543-8FFB-1D0D76641F77}. Unable to cancel {20015205-E21E-4858-BD92-530D9D4E23B8}. Unable to cancel {33339BB4-B8A7-4F73-B779-2D010D0F0750}. Unable to cancel {02A6E665-12B7-4F32-8F05-5A8507E66664}. Unable to cancel {40EF12FE-0A78-4306-8DD3-FBA8BFA27FAA}. Unable to cancel {36588530-0783-41A1-BA20-3FE240409116}. Unable to cancel {A7608D4C-2157-4DFE-BB1A-0C8BBA7FCF6C}. Unable to cancel {DD7B09C9-5F7E-4F9E-94A4-218068400D51}. Unable to cancel {BA76B98B-DB64-47D5-9651-8734BE30AD85}. Unable to cancel {51B3854F-63B7-4E6F-979A-7E47244ECF96}. Unable to cancel {1A34F497-4FDB-406B-B638-7FF4C3804B37}. Unable to cancel {510B17C5-F571-42D0-9BB1-8639A134A852}. Unable to cancel {F8D8A3CA-55B5-4933-AE20-8C57559D0F2D}. Unable to cancel {AB50FED1-E4E3-4B51-A74F-1F948131E9F0}. Unable to cancel {67FA677B-BD19-44BE-A3D6-C8EA87DF0393}. Unable to cancel {25F9976C-7C63-433C-8747-C9A542B62759}. Unable to cancel {91DDDED9-1910-49D2-BD0D-1755D23C64C0}. Unable to cancel {62E32DD3-0C80-4B0E-A233-0549C981A7B9}. Unable to cancel {5EFE4E7E-EE7B-4FFC-B248-DDA15C9903A6}. Unable to cancel {29F50E05-BF4E-4898-9992-0371A0B78874}. 0 out of 27 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: =========
  13. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018 Ran by User (administrator) on USER-PC (09-03-2018 22:13:25) Running from C:\Users\User\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Opera\Opera.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Jeppesen) C:\Jeppesen\JWC\JWC.exe (VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe () C:\ProgramData\MTN High Speed Internet\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Viber Media S.Ã r.l.) C:\Users\User\AppData\Local\Viber\Viber.exe (Huawei Technologies Co., Ltd.) C:\Users\User\AppData\Roaming\Zain Connect\ouc.exe (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-05] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-25] (Synaptics Incorporated) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [*LABAL*] => [X] HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-05-14] (VoipConnect) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [HW_OPENEYE_OUC_Zain Connect] => C:\Program Files (x86)\Zain Connect\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Viber] => C:\Users\User\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.Ã r.l.) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [58899912 2018-02-16] (Skype Technologies S.A.) GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7019DF92-BFEA-4C0F-A4AA-C467798353EB}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E4892BF8-78CB-47BB-A25E-41FFC8B7FFE9}: [NameServer] 41.95.252.117 41.95.252.116 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://online.bulbank.bg/capicom.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File FireFox: ======== FF DefaultProfile: aewkzmml.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aewkzmml.default [2017-07-11] FF NetworkProxy: Mozilla\Firefox\Profiles\aewkzmml.default -> autoconfig_url", "hxxp://aiidatapro.net/proxy2.js" FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-03-09] CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Skype Calling) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-09-06] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-03-09] CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24] CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-07] CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-27] CHR HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 JWC; C:\Jeppesen\JWC\JWC.exe [658016 2014-10-06] (Jeppesen) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-01] (Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) S2 MTN High Speed Internet. RunOuc; C:\Program Files (x86)\MTN High Speed Internet\UpdateDog\ouc.exe [657504 2016-02-08] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-05] (IDT, Inc.) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-04-10] (Advanced Micro Devices, Inc.) S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [33968 2012-12-19] (IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-25] (Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-03-09] () S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2016-02-08] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-09] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-09] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45960 2018-03-09] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-09] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-09] (Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [444632 2013-09-26] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 22:10 - 2018-03-09 22:10 - 000001232 _____ C:\Users\User\Desktop\3.txt 2018-03-09 20:13 - 2018-03-09 20:13 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-03-09 20:13 - 2018-03-09 20:13 - 000045960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-03-09 19:03 - 2018-03-09 19:03 - 000002337 _____ C:\Users\User\Desktop\1.txt 2018-03-09 18:40 - 2018-03-09 18:40 - 000298306 _____ C:\Users\User\Desktop\Presentation1.pptx 2018-03-09 18:07 - 2018-03-09 20:12 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-03-09 18:07 - 2018-03-09 18:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-03-09 18:07 - 2018-03-09 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-03-09 18:07 - 2018-03-09 18:07 - 000000000 ____D C:\Program Files\Malwarebytes 2018-03-09 18:06 - 2018-03-09 18:07 - 068692288 _____ (Malwarebytes ) C:\Users\User\Downloads\mb3-setup-consumer-3.4.3.2394-1.0.320-1.0.4164.exe 2018-03-09 14:28 - 2018-03-09 14:28 - 000030687 _____ C:\Users\User\Desktop\Addition.txt 2018-03-09 14:20 - 2018-03-09 22:13 - 000018683 _____ C:\Users\User\Downloads\FRST.txt 2018-03-09 14:20 - 2018-03-09 14:21 - 000030684 _____ C:\Users\User\Downloads\Addition.txt 2018-03-09 14:19 - 2018-03-09 14:19 - 002403328 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2018-03-07 16:26 - 2018-03-07 16:26 - 000000000 ____D C:\Users\User\Desktop\Flying Book R.I 2018-03-06 18:57 - 2018-03-06 18:57 - 000033280 _____ C:\Users\User\Downloads\STATUS NC 2016.xls 2018-03-06 12:57 - 2018-03-06 12:57 - 000012669 _____ C:\Users\User\Downloads\Tablica-Taksi.xlsx 2018-03-06 12:56 - 2018-03-06 12:56 - 000426596 _____ C:\Users\User\Downloads\Info_Sformirane_na_Taksi.pdf 2018-03-06 12:50 - 2018-03-06 12:50 - 000974647 _____ C:\Users\User\Downloads\18 - 053 - Diana Vitanova - Profesionalen Domoupravitel - VHODOVE.bg.pdf 2018-03-05 15:04 - 2018-03-05 15:05 - 000035970 _____ C:\Users\User\Downloads\Invoce_1020013384913_01032018.pdf 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Roaming\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\Users\User\AppData\Local\ATI 2018-02-28 12:53 - 2018-02-28 12:53 - 000000000 ____D C:\ProgramData\ATI 2018-02-25 19:00 - 2018-02-25 19:00 - 001558479 _____ C:\Users\User\Downloads\OMM_amend.1.pdf 2018-02-25 18:28 - 2018-02-25 18:28 - 000000000 ____D C:\Users\User\AppData\Local\Viber 2018-02-16 20:44 - 2018-02-16 20:44 - 000066536 _____ C:\Users\User\Downloads\Crew forms 2018 (1).xlsx 2018-02-16 20:39 - 2018-02-16 20:39 - 000321093 _____ C:\Users\User\Downloads\Analiz 12 2017.pdf 2018-02-16 20:28 - 2018-02-16 20:28 - 000630954 _____ C:\Users\User\Downloads\Analiz 2017.pdf 2018-02-16 20:11 - 2018-02-16 20:11 - 009960037 _____ C:\Users\User\Downloads\SOP S Sudan amendm.2.pdf 2018-02-16 19:57 - 2018-02-16 19:58 - 000095847 _____ C:\Users\User\Downloads\RZFZ31019 (7).PDF 2018-02-14 09:49 - 2018-02-10 21:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 21:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-02-14 09:49 - 2018-02-10 10:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-02-14 09:49 - 2018-02-10 09:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 09:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2018-02-14 09:49 - 2018-02-10 09:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-02-14 09:49 - 2018-02-10 09:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2018-02-14 09:49 - 2018-02-10 09:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-02-14 09:49 - 2018-02-10 09:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 09:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2018-02-14 09:49 - 2018-02-10 09:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-02-14 09:49 - 2018-02-10 09:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 09:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 09:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-02-14 09:49 - 2018-02-10 09:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2018-02-14 09:49 - 2018-02-10 08:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 08:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-02-14 09:49 - 2018-02-10 08:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 08:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-02-14 09:49 - 2018-02-10 08:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-02-14 09:49 - 2018-02-10 08:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 08:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 08:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-02-14 09:49 - 2018-02-10 08:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 08:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-02-14 09:49 - 2018-02-10 08:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 08:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 08:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-02-14 09:49 - 2018-02-10 08:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-02-14 09:49 - 2018-02-10 08:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-02-14 09:49 - 2018-02-10 08:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2018-02-14 09:49 - 2018-02-10 08:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-02-14 09:49 - 2018-02-10 07:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2018-02-14 09:49 - 2018-02-10 07:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2018-02-14 09:49 - 2018-02-10 07:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-02-14 09:49 - 2018-02-10 07:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-02-14 09:49 - 2018-02-10 07:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2018-02-14 09:49 - 2018-02-10 07:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2018-02-14 09:49 - 2018-02-10 07:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-02-14 09:49 - 2018-02-10 07:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2018-02-14 09:49 - 2018-02-10 07:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-02-14 09:49 - 2018-02-10 07:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2018-02-14 09:49 - 2018-02-10 07:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-02-14 09:49 - 2018-02-10 07:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-02-14 09:49 - 2018-02-10 07:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-02-14 09:49 - 2018-02-10 07:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2018-02-14 09:49 - 2018-02-10 07:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-02-14 09:49 - 2018-02-10 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-02-14 09:49 - 2018-02-10 07:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-02-14 09:49 - 2018-02-10 07:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-02-14 09:49 - 2018-02-10 07:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2018-02-14 09:49 - 2018-02-10 07:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-02-14 09:49 - 2018-02-10 07:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-02-14 09:49 - 2018-02-10 07:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-02-14 09:49 - 2018-01-12 18:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-02-14 09:49 - 2018-01-12 18:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2018-02-14 09:49 - 2018-01-12 18:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-02-14 09:49 - 2018-01-12 18:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-02-14 09:49 - 2018-01-12 18:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-02-14 09:49 - 2018-01-12 18:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-02-14 09:49 - 2018-01-12 18:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 18:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2018-02-14 09:49 - 2018-01-12 18:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2018-02-14 09:49 - 2018-01-12 18:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2018-02-14 09:49 - 2018-01-12 18:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-02-14 09:49 - 2018-01-12 18:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-02-14 09:49 - 2018-01-12 18:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-02-14 09:49 - 2018-01-12 18:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-02-14 09:49 - 2018-01-12 18:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-02-14 09:49 - 2018-01-12 18:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-02-14 09:49 - 2018-01-12 18:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-02-14 09:49 - 2018-01-12 18:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-02-14 09:49 - 2018-01-12 17:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-02-14 09:49 - 2018-01-12 17:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-02-14 09:49 - 2018-01-12 17:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-02-14 09:49 - 2018-01-12 17:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-02-14 09:49 - 2018-01-11 18:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2018-02-14 09:49 - 2018-01-11 18:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-02-14 09:49 - 2018-01-05 18:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-02-14 09:49 - 2018-01-05 18:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2018-02-14 09:49 - 2018-01-05 18:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2018-02-14 09:49 - 2018-01-05 18:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2018-02-14 09:49 - 2018-01-05 17:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 19:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-02-14 09:49 - 2017-12-05 19:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-02-14 09:49 - 2017-12-05 18:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2018-02-14 09:37 - 2018-01-22 01:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-02-14 09:37 - 2018-01-22 01:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-02-14 09:37 - 2018-01-19 16:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-02-14 09:37 - 2018-01-19 16:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-02-13 12:05 - 2018-02-13 12:05 - 000257710 _____ C:\Users\User\Downloads\IFBP - effective 9JAN14 Ver 7.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-03-09 22:13 - 2014-12-05 22:10 - 000000000 ____D C:\FRST 2018-03-09 19:16 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-03-09 19:16 - 2009-07-14 06:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-03-09 19:10 - 2016-08-05 15:18 - 000003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2018-03-09 19:09 - 2017-06-11 17:28 - 000000000 ____D C:\Users\User\AppData\Roaming\ViberPC 2018-03-09 19:06 - 2013-11-20 09:44 - 000001077 _____ C:\Windows\SysWOW64\bscs.ini 2018-03-09 19:05 - 2016-08-05 15:18 - 000000061 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2018-03-09 19:05 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-09 18:07 - 2014-12-09 00:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-03-09 09:56 - 2017-09-04 09:48 - 000000000 ____D C:\ProgramData\KMSAutoS 2018-03-09 09:45 - 2016-10-20 10:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-03-05 14:55 - 2016-01-21 09:58 - 001691648 _____ C:\Users\User\Desktop\R_Ivanov_DBT (1).xls 2018-03-05 14:52 - 2017-06-11 17:30 - 000000000 ____D C:\Users\User\Documents\ViberDownloads 2018-02-28 20:00 - 2014-12-30 11:03 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-02-27 15:00 - 2009-07-14 07:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-27 15:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-02-26 19:04 - 2016-08-05 15:20 - 000000566 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI 2018-02-26 11:12 - 2018-01-08 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-02-26 11:12 - 2017-09-06 14:09 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-25 18:39 - 2014-12-08 23:49 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-25 18:37 - 2017-03-06 14:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-02-19 12:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2018-02-16 19:47 - 2009-07-14 06:45 - 000410984 _____ C:\Windows\system32\FNTCACHE.DAT 2018-02-16 19:43 - 2015-04-16 07:01 - 000000000 ____D C:\Windows\system32\appraiser 2018-02-14 11:58 - 2014-08-18 18:28 - 000000000 ____D C:\Windows\system32\MRT 2018-02-14 11:57 - 2017-10-12 22:51 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-02-14 11:57 - 2014-08-18 18:28 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-02-14 11:54 - 2014-08-18 16:35 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-02-12 12:50 - 2017-12-11 20:09 - 000000000 ____D C:\Users\User\Desktop\Jungle Jepps ==================== Files in the root of some directories ======= 2016-05-14 20:19 - 2016-05-14 20:19 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg 2017-07-13 22:04 - 2017-07-13 22:04 - 000000000 _____ () C:\Users\User\AppData\Local\{08496EBD-3675-4FFD-9190-C60ED46C2602} Some files in TEMP: ==================== 2017-06-20 03:59 - 2017-06-20 03:59 - 000164424 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\atl110.dll 2017-09-06 14:31 - 2017-09-06 14:31 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe 2017-09-06 14:31 - 2017-09-06 14:31 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe 2017-06-20 03:59 - 2017-06-20 03:59 - 000069632 _____ () C:\Users\User\AppData\Local\Temp\HwInfo.dll 2017-06-20 03:59 - 2017-06-20 03:59 - 000900096 _____ () C:\Users\User\AppData\Local\Temp\NSISPromotionEx.dll 2018-01-08 17:18 - 2018-01-08 17:30 - 059165632 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe 2017-04-08 12:08 - 2017-04-08 12:08 - 014456872 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\vc_redist.x86.exe 2017-02-03 07:09 - 2017-02-03 07:24 - 030533688 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.4-win32.exe 2017-08-10 11:37 - 2017-08-10 11:37 - 030950664 _____ () C:\Users\User\AppData\Local\Temp\vlc-2.2.6-win32.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-03-09 10:55 ==================== End of FRST.txt ============================ Addition1.txt
  14. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/9/18 Scan Time: 6:09 PM Log File: 3f5b0d00-23b4-11e8-84b1-90489a63bfbc.json Administrator: Yes -Software Information- Version: 3.4.3.2394 Components Version: 1.0.320 Update Package Version: 1.0.4276 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User-PC\User -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 278514 Threats Detected: 8 Threats Quarantined: 8 Time Elapsed: 20 min, 59 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 PUP.Optional.CrossRider, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\WINDOWS_IE_AC_001\SOFTWARE\iWebar, Quarantined, [204], [183558],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\csastats, Quarantined, [2], [260986],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\PRODUCTSETUP, Quarantined, [2], [481004],1.0.4276 Registry Value: 3 PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|IWEBAR-BG.EXE, Quarantined, [1021], [260099],1.0.4276 PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SENSE-BG.EXE, Quarantined, [1021], [260099],1.0.4276 PUP.Optional.InstallCore, HKU\S-1-5-21-3914007145-2479916420-1064401623-1000\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [2], [481004],1.0.4276 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.Goobzo, C:\USERS\USER\APPDATA\LOCAL\INSTALLER\Installiwebar_29400, Quarantined, [1359], [182007],1.0.4276 PUP.Optional.Goobzo, C:\USERS\USER\APPDATA\LOCAL\INSTALLER\Installsense_29400, Quarantined, [1359], [182090],1.0.4276 File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  15. Стигнах до тук: прикачвам снимка на екрана , защото не зная как да продължа Presentation1.pptx
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.