Премини към съдържанието

sk23

Потребител
  • Публикации

    21
  • Регистрация

  • Последно онлайн

Харесвания

0 Неутрална репутация

Всичко за sk23

  • Титла
    Потребител

Последни посетители

900 прегледа на профила
  1. Здравейте, търся си захранване за i5 3470 със gtx 970 (2x6 pin) като във бъдеще ще заменя процесора със Ryzen и може би и видео картата. Бюджета ми е до 150 лева (със доставката) като търся захранване което е да издържи бъдещи ъпгрейди. За сега съм се спрял на това: https://www.vario.bg/be-quiet-pure-power-10-500w-bn273
  2. Ако не го бърка втора ръка компютър, може да се вземе много по-добър компютър. От olx може да се вземе този компютър (i5 3470, gtx 750ti, 8 GB RAM, 600gb HDD), аз имам същият компютър и подкарвам GTA V на Full HD, high settings със 40-50 fps и CS:GO на max със над 150 fps. За 100 лева над бюджета, лично аз бих си сглобил ето тази машина със части от olx: -комплект: i5-4670k + Дъно ASRock Z87 Pro4 за 280лв -2x4 gb DDR3 Ram от някой продавач за около 70 лева -Gigabyte GTX 970 FW3 За 250 лева или друг модел във този ценови диапазон - някое читаво захранване за около 100 лева За кутия и хард диск не помислих, но да предположим че си има, ако пък не може да се намери за някой друг лев втора употреба или направо нови. Всичко излиза на 700 лева и е доста по-добро от по-горе предложените, НО нито една част няма гаранция, видео картите обикновенно са копали и може да възникне главоболие ако възникне проблем при неработещи или повредени части. Лично аз бих поел този риск.
  3. Оправих screenshot-a със Photoshop за да приличат малко повече на някакъв документ, и изполвах тази добавка за chrome която ми направи нещо като фактура. Пратих документите и за около 1 седмица ми пратиха пратката със доплащане 35 лева (20лв ДДС, 12 лева митническа такса и 3.50 доставка). Китаеца беше декларирал 5$ стойност и като се има предвид че пратката не е малка, предполагам са се осъмнили нещо в митницата и са погледнали колко струва. Благодаря ви за помоща.
  4. Сега като се поразрових, попаднах на тази статия: https://www.1lev.com/bgpost-dds-pratka-mito.htm Ще пробвам, пък ще видим какво ще стане.
  5. Мога да отида със човека на когото име е пратката, но все още не разбирам някои от документите които искат.
  6. Пратката не е на мое име просто защото ми е било по лесно да ми я дадът, като до сега не са ми я задържали на митницата, и да кажем че не помислих толкова напред.... Но дори и да отида на място, няма ли да искат същите документи?
  7. Печат има от другата страна на документа, а аз не мога да отида на мяста защото пратката не е на мое име.
  8. Здравейте, Преди около две седмици реших да си купя една видео карта gtx 750ti от Aliexpress, като днес получих писмо че пратката ми е задържана на митницата в Горна Оряховица и трябва да им пратя някои документи за да ми я освободят и да си платя митото/ДДС. И сега търся помощ защото не разбирам някои от документите който трябва да пратя, като например първият и четрътият документ. За вторият документ предполагам искат нещо като screenshot на поръчката ми от сайта на aliexpress eто така. За третият вече извадих извлечение за заплащане, но не разбирам първият документ какъв точно трябва да бъде. Трябва да предоставя нещо като този screenshot отново? Ето линк към видео картата и се извинявам ако съм объркал раздела.
  9. Ами засега не се появяват проблеми. Системата се държи нормално. Също така деинсталирах IObit Malware Fighter.
  10. Здравейте, ето го файла: Fixlog.txt
  11. След използването на ClearLNK вече не ме redirect-ва при отваряне на браузърът. Дневник от Malwarebytes Anti -Malware: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 1/7/2017 Scan Time: 1:47:57 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.01.06.09 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: Ali Baba Scan Type: Threat Scan Result: Completed Objects Scanned: 319484 Time Elapsed: 41 min, 12 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Deep Rootkit Scan: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Дневника от FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017 Ran by Ali Baba (administrator) on BABA (07-01-2017 02:34:14) Running from C:\Documents and Settings\Ali Baba\Desktop Loaded Profiles: Ali Baba & (Available Profiles: Ali Baba & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (IObit) C:\Program Files\IObit\Advanced SystemCare\ASC.exe (IObit) C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-09-01] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [VMSnap3] => C:\WINDOWS\VMSnap3.EXE [49152 2006-08-30] (ZSMCSNAP) HKLM\...\Run: [Domino] => C:\WINDOWS\Domino.EXE [49152 2006-06-28] (Vimicro) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2015-01-22] (Realtek Semiconductor Corp.) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5371168 2016-03-10] (IObit) HKLM\...\Run: [HDD Regenerator] => C:\Program Files\HDD Regenerator\Shell.exe [90336 2013-05-08] () HKLM\...\Run: [BigDog303] => C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) HKLM\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2016-12-26] (Sonix) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2008-06-11] (ATI Technologies Inc.) HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Run: [ZoomInfo Contact Contributor] => C:\Documents and Settings\Ali Baba\Local Settings\Application Data\ZoomInfoCEUtility\launch.bat [108 2016-08-06] () HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Policies\system: [DisableClock] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ZoomInfo Contact Contributor] => C:\Documents and Settings\Ali Baba\Local Settings\Application Data\ZoomInfoCEUtility\launch.bat [108 2016-08-06] () HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableClock] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4825880 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [ZoomInfo Contact Contributor] => C:\Documents and Settings\Ali Baba\Local Settings\Application Data\ZoomInfoCEUtility\launch.bat [108 2016-08-06] () HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DisableClock] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [9216 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-299502267-448539723-1801674531-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-299502267-448539723-1801674531-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DisableClock] 0 HKU\S-1-5-21-299502267-448539723-1801674531-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\Explorer: [NoFind] 0 IFEO: [Debugger] logonui.exe Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-18] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Restriction ? <======= ATTENTION GroupPolicy\User: Restriction ? <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{9FF34EAA-3A59-4C06-BA58-F6DD97C899F7}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/web?fr=avira-ds HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.yahoo.com/web?fr=avira-hp HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.yahoo.com/web?fr=avira-hp HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.yahoo.com/web?fr=avira-hp HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.yahoo.com/web?fr=avira-hp URLSearchHook: [S-1-5-21-299502267-448539723-1801674531-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ATTENTION => Default URLSearchHook is missing SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-09] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-09] (Oracle Corporation) Handler: skype-ie-addon-data - No CLSID Value - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: vo854e7i.default-1473369861250 FF ProfilePath: C:\Documents and Settings\Ali Baba\Application Data\Mozilla\Firefox\Profiles\vo854e7i.default-1473369861250 [2017-01-07] FF DefaultSearchEngine: C:\Documents and Settings\Ali Baba\Application Data\Mozilla\Firefox\Profiles\vo854e7i.default-1473369861250 -> Google FF ProfilePath: C:\Documents and Settings\Ali Baba\Application Data\Mozilla\Firefox\Profiles\f1kmk72i.default-1483723354109 [2017-01-07] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-26] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-06-03] () FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-09] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX" CHR Profile: C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-01-07] CHR Extension: (Readlang) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apcnmoajpaldpbepelpjgbplhoeidhia [2015-10-24] CHR Extension: (Bomomo) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dnalbhgkcocoepphagnnlaiomnnngeln [2015-06-06] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2008-12-31] CHR Extension: (Pinterest Save Button) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-18] CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-11-29] CHR Extension: (2048 Puzzle Game Offline) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfnbjbahocpfkbbadndnocljpjpccggf [2015-06-07] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Launch Readlang Web Reader) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\odpdkefpnfejbfnmdilmfhephfffmfoh [2016-11-25] CHR Profile: C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1 [2017-01-02] CHR Extension: (Google Презентации) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-18] CHR Extension: (Google Документи) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-18] CHR Extension: (Google Диск) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-18] CHR Extension: (YouTube) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-18] CHR Extension: (Електронни таблици от Google) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-18] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-18] CHR Extension: (Google Документи офлайн) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-18] CHR Extension: (Notificatoin) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm [2016-08-18] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18] CHR Extension: (Gmail) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-18] CHR Profile: C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2 [2017-01-02] CHR Extension: (Google Презентации) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-18] CHR Extension: (Google Документи) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-18] CHR Extension: (Google Диск) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-18] CHR Extension: (YouTube) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-18] CHR Extension: (Електронни таблици от Google) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-18] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-18] CHR Extension: (Google Документи офлайн) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-18] CHR Extension: (Unlimited Free VPN - Hola) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-18] CHR Extension: (Notificatoin) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm [2016-08-18] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18] CHR Extension: (Gmail) - C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-18] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - <no Path/update_url> StartMenuInternet: chrome.exe - Chrome.exe StartMenuInternet: Google Chrome - Chrome.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) S2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-09-01] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG) S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.) S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd) S2 hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [82144 2013-05-08] () S2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [File not signed] S2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1576736 2016-03-10] (IObit) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NwSapAgent; C:\WINDOWS\System32\ipxsap.dll [66560 2008-04-14] (Microsoft Corporation) S3 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) S3 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] S2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [X] S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2015-01-22] (Creative) R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11904 2016-12-26] (Advanced Micro Devices Inc.) S0 amdide1; C:\WINDOWS\system32\Drivers\amdide1.sys [9096 2009-09-13] (Advanced Micro Devices) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [115600 2016-07-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [140272 2016-07-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-07-30] (Avira Operations GmbH & Co. KG) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [140856 2016-03-11] (BlueStack Systems) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 cpuz138; C:\Documents and Settings\Ali Baba\Local Settings\temp\cpuz138\cpuz138_x32.sys [27832 2017-01-01] (CPUID) R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [25016 2015-06-20] (Disc Soft Ltd) R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [246464 2015-12-22] (IObit) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2013-07-05] (Windows (R) 2000 DDK provider) R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-22] (REALiX(tm)) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2017-01-07] (Malwarebytes) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2015-01-22] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2008-04-14] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2008-04-14] (Microsoft Corporation) R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31776 2015-03-25] (IObit.com) R3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtKHDMI.sys [4125352 2015-01-22] (Realtek Semiconductor Corp.) R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [3566336 2016-12-26] () R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2009-01-01] () [File not signed] R3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2015-03-25] (IObit.com) S3 vmfilter303; C:\WINDOWS\System32\drivers\vmfilter303.sys [428160 2006-04-25] (Vimicro Corporation) R1 XQHDrv; C:\WINDOWS\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation) [File not signed] S3 ZSMC303; C:\WINDOWS\System32\Drivers\usbVM303.sys [392122 2006-12-01] (Vimicro Corporation) U3 ahwnbtjt; C:\WINDOWS\system32\Drivers\ahwnbtjt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) S3 cpuz137; \??\C:\DOCUME~1\ALIBAB~1\LOCALS~1\Temp\cpuz137\cpuz137_x32.sys [X] S4 IntelIde; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-07 02:32 - 2017-01-07 02:32 - 00001104 _____ C:\Documents and Settings\Ali Baba\Desktop\Malwarebytes Anti -Malware.txt 2017-01-07 01:40 - 2017-01-07 01:40 - 00000000 ____D C:\Documents and Settings\Ali Baba\Application Data\ProductData 2017-01-07 01:39 - 2017-01-07 01:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} 2017-01-07 01:36 - 2017-01-07 01:36 - 00200975 _____ C:\Documents and Settings\Ali Baba\Desktop\ClearLNK.zip 2017-01-07 01:36 - 2016-11-29 21:28 - 00462976 _____ (Alex Dragokas) C:\Documents and Settings\Ali Baba\Desktop\ClearLNK.exe 2017-01-06 21:47 - 2017-01-06 21:47 - 00000000 ____D C:\SecurityCheck 2017-01-06 21:46 - 2017-01-06 21:46 - 00511034 _____ (glax24 (safezone.cc)) C:\Documents and Settings\Ali Baba\Desktop\SecurityCheck.exe 2017-01-06 21:45 - 2017-01-07 01:42 - 00000000 ____D C:\Documents and Settings\Ali Baba\Desktop\LOG 2017-01-06 21:45 - 2016-11-13 21:56 - 00811120 _____ (Alex Dragokas) C:\Documents and Settings\Ali Baba\Desktop\Check Browsers LNK.exe 2017-01-06 21:42 - 2017-01-06 21:42 - 00005739 _____ C:\Documents and Settings\Ali Baba\Desktop\JRT.txt 2017-01-06 21:37 - 2017-01-06 21:37 - 01663040 _____ (Malwarebytes) C:\Documents and Settings\Ali Baba\Desktop\JRT.exe 2017-01-06 21:08 - 2017-01-06 21:08 - 00008702 _____ C:\Documents and Settings\Ali Baba\Desktop\AdwCleaner[C0].txt 2017-01-06 20:57 - 2017-01-06 21:28 - 00010558 _____ C:\Documents and Settings\Ali Baba\Desktop\AdwCleaner[S0].txt 2017-01-06 20:53 - 2017-01-06 21:02 - 00000000 ____D C:\AdwCleaner 2017-01-06 20:53 - 2017-01-06 20:53 - 00054780 _____ C:\Documents and Settings\Ali Baba\Desktop\otgovor.txt 2017-01-06 20:47 - 2017-01-06 20:48 - 03988944 _____ C:\Documents and Settings\Ali Baba\Desktop\adwcleaner_6.042.exe 2017-01-06 19:41 - 2017-01-07 02:31 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-06 19:40 - 2017-01-06 19:43 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2017-01-06 19:40 - 2017-01-06 19:43 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2017-01-06 19:40 - 2017-01-06 19:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2017-01-06 19:40 - 2017-01-06 19:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2017-01-06 19:40 - 2016-03-10 14:09 - 00123264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-01-06 19:40 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-06 19:38 - 2017-01-06 19:39 - 22908888 _____ (Malwarebytes ) C:\Documents and Settings\Ali Baba\Desktop\mbam-setup-2.2.0.1024.exe 2017-01-06 19:30 - 2017-01-06 19:30 - 00224172 _____ C:\Documents and Settings\Ali Baba\Desktop\Redirect при отваряне на браузър - Премахване на зловреден софтуер - HiJackThis логове - kaldata.com - Форуми.htm 2017-01-06 19:30 - 2017-01-06 19:30 - 00000000 ____D C:\Documents and Settings\Ali Baba\Desktop\Redirect при отваряне на браузър - Премахване на зловреден софтуер - HiJackThis логове - kaldata.com - Форуми_files 2017-01-06 19:22 - 2017-01-06 19:22 - 00000000 ____D C:\Documents and Settings\Ali Baba\Desktop\Стари данни Firefox 2017-01-06 16:07 - 2017-01-06 20:39 - 00000000 ____D C:\Documents and Settings\Ali Baba\Desktop\Backup for Browsers 2017-01-05 22:21 - 2017-01-05 22:23 - 00067043 _____ C:\Documents and Settings\Ali Baba\Desktop\Addition.txt 2017-01-05 22:20 - 2017-01-07 02:34 - 00027090 _____ C:\Documents and Settings\Ali Baba\Desktop\FRST.txt 2017-01-05 22:19 - 2017-01-07 02:34 - 00000000 ____D C:\FRST 2017-01-05 22:18 - 2017-01-05 22:18 - 01760256 _____ (Farbar) C:\Documents and Settings\Ali Baba\Desktop\FRST.exe 2017-01-05 21:58 - 2017-01-05 21:58 - 00000000 ___HD C:\WINDOWS\PIF 2016-12-26 11:30 - 2016-12-26 11:30 - 03566336 _____ () C:\WINDOWS\system32\Drivers\snp2uvc.sys 2016-12-26 11:30 - 2016-12-26 11:30 - 00662016 _____ (Sonix) C:\WINDOWS\vsnp2uvc.exe 2016-12-26 11:30 - 2016-12-26 11:30 - 00306688 _____ (Sonix Technology Co., Ltd.) C:\WINDOWS\system32\vsnp2uvc.dll 2016-12-26 11:30 - 2016-12-26 11:30 - 00196608 _____ ( ) C:\WINDOWS\system32\csnp2uvc.dll 2016-12-26 11:30 - 2016-12-26 11:30 - 00028544 _____ C:\WINDOWS\system32\Drivers\sncduvc.sys 2016-12-26 11:30 - 2016-12-26 11:30 - 00015497 _____ C:\WINDOWS\snp2uvc.ini 2016-12-26 11:30 - 2016-12-26 11:30 - 00013021 _____ C:\WINDOWS\snp2uvc.src 2016-12-26 11:29 - 2016-12-26 11:33 - 00001893 _____ C:\Documents and Settings\All Users\Desktop\Driver Booster 4.lnk 2016-12-26 11:29 - 2016-12-26 11:29 - 00000000 ____D C:\WINDOWS\IObit 2016-12-26 11:29 - 2016-12-26 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 4 2016-12-14 00:26 - 2016-12-14 14:40 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-12-12 15:48 - 2016-12-12 15:48 - 00000000 ____D C:\output ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-07 02:36 - 2009-01-01 00:17 - 00000000 ____D C:\Documents and Settings\Ali Baba\Local Settings\temp 2017-01-07 01:47 - 2015-08-22 21:34 - 00000000 ____D C:\Documents and Settings\Ali Baba\My Documents\Изтегляния 2017-01-07 01:47 - 2009-01-01 12:28 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2017-01-07 01:38 - 2015-10-06 17:00 - 00000663 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk 2017-01-07 01:38 - 2015-10-06 17:00 - 00000657 _____ C:\Documents and Settings\All Users\Desktop\Opera.lnk 2017-01-07 01:38 - 2015-02-03 15:22 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2017-01-07 01:38 - 2015-02-03 15:22 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk 2017-01-07 01:38 - 2009-01-01 12:28 - 00001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk 2017-01-07 01:33 - 2013-07-05 02:28 - 00000000 ____D C:\Documents and Settings\Ali Baba\Application Data\Skype 2017-01-07 01:11 - 2015-08-19 20:33 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk 2017-01-07 00:47 - 2009-01-01 12:28 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2017-01-06 22:10 - 2015-10-06 17:00 - 00000418 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1444143615.job 2017-01-06 21:38 - 2016-08-01 15:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP 2017-01-06 21:38 - 2016-03-10 18:19 - 00000282 _____ C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job 2017-01-06 21:06 - 2008-04-14 11:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2017-01-06 21:05 - 2016-10-19 22:38 - 00000000 ____D C:\Program Files\Hi-Rez Studios 2017-01-06 21:04 - 2016-10-21 20:54 - 00032562 _____ C:\WINDOWS\SchedLgU.Txt 2017-01-06 21:04 - 2015-05-10 17:48 - 00000286 _____ C:\WINDOWS\Tasks\ASC8_PerformanceMonitor.job 2017-01-06 21:04 - 2015-05-10 17:48 - 00000284 _____ C:\WINDOWS\Tasks\SmartDefrag4_Update.job 2017-01-06 21:04 - 2014-11-16 09:18 - 00000228 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2017-01-06 21:04 - 2013-08-08 22:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2115168$ 2017-01-06 21:04 - 2013-07-05 00:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-06 21:03 - 2014-11-30 05:47 - 00273426 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2017-01-06 21:03 - 2013-07-05 00:02 - 00000178 ___SH C:\Documents and Settings\Ali Baba\ntuser.ini 2017-01-06 21:03 - 2013-07-05 00:02 - 00000000 ____D C:\Documents and Settings\Ali Baba 2017-01-06 20:41 - 2009-01-01 02:18 - 00000000 ____D C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia 2017-01-06 19:31 - 2009-01-01 12:28 - 00001811 _____ C:\Documents and Settings\Ali Baba\Desktop\Google Chrome.lnk 2017-01-06 11:00 - 2015-04-21 22:36 - 00143872 ___SH C:\Documents and Settings\Ali Baba\Desktop\Thumbs.db 2017-01-06 01:03 - 2014-11-30 05:47 - 01137361 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-299502267-448539723-1801674531-1003-0.dat 2017-01-05 22:00 - 2008-04-14 11:00 - 00000435 _____ C:\WINDOWS\system.ini 2017-01-05 21:27 - 2013-07-07 22:53 - 00186368 _____ C:\Documents and Settings\Ali Baba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-01-05 21:00 - 2013-08-17 16:58 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2017-01-05 20:59 - 2013-07-04 23:47 - 00000000 ____D C:\WINDOWS\Registration 2017-01-04 13:28 - 2009-01-01 02:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData 2017-01-02 13:39 - 2009-01-01 08:33 - 00000000 ____D C:\Documents and Settings\Ali Baba\Application Data\PhotoScape 2017-01-01 16:13 - 2009-01-01 02:13 - 00000000 ___HD C:\WINDOWS\inf 2017-01-01 16:13 - 2009-01-01 02:13 - 00000000 ____D C:\WINDOWS\security 2016-12-27 17:57 - 2015-07-12 19:45 - 00000000 ____D C:\Documents and Settings\Ali Baba\Start Menu\Programs\San Andreas Multiplayer 2016-12-26 11:45 - 2015-01-22 23:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 8 2016-12-26 11:32 - 2013-07-05 01:45 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2016-12-26 11:31 - 2015-01-22 23:25 - 00011904 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\Drivers\amdide.sys 2016-12-26 11:31 - 2013-07-05 01:45 - 00000000 ___DC C:\WINDOWS\system32\DRVSTORE 2016-12-26 11:29 - 2015-07-30 14:09 - 00000000 ____D C:\Program Files\IObit 2016-12-26 11:29 - 2015-07-30 14:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit 2016-12-25 21:07 - 2013-07-05 00:02 - 00000000 ____D C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Microsoft 2016-12-22 22:00 - 2016-09-09 14:53 - 00000000 ____D C:\Program Files\Steam 2016-12-20 02:38 - 2013-07-07 20:42 - 00000000 ___RD C:\Documents and Settings\Ali Baba\My Documents\My Videos 2016-12-17 00:47 - 2009-01-01 02:21 - 00000000 __SHD C:\WINDOWS\Installer 2016-12-15 13:11 - 2015-02-03 15:22 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-12-11 13:09 - 2015-07-11 18:43 - 00000000 ____D C:\Documents and Settings\Ali Baba\My Documents\GTA San Andreas User Files 2016-12-10 22:10 - 2009-01-01 04:00 - 00000000 ____D C:\Program Files\Opera ==================== Files in the root of some directories ======= 2015-12-01 22:20 - 2015-12-01 22:20 - 0000022 _____ () C:\Program Files\MEGA-MASTERKEY.txt 2013-07-07 22:53 - 2017-01-05 21:27 - 0186368 _____ () C:\Documents and Settings\Ali Baba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-05-30 23:49 - 2014-10-16 01:55 - 0145792 _____ () C:\Documents and Settings\Ali Baba\Local Settings\Application Data\downloader.exe Some files in TEMP: ==================== C:\Documents and Settings\Ali Baba\Local Settings\temp\avgnt.exe C:\Documents and Settings\Ali Baba\Local Settings\temp\KMP_4.1.5.3.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ ClearLNK-07.01.2017_01-38.log Addition.txt
  12. Дневник от Malwarebytes Anti -Malware: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 1/6/2017 Scan Time: 19:46:15 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.01.06.07 Rootkit Database: v2016.11.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: Ali Baba Scan Type: Threat Scan Result: Completed Objects Scanned: 320348 Time Elapsed: 52 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Deep Rootkit Scan: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 32 PUP.Optional.SmileysWeLove, HKLM\SOFTWARE\CLASSES\CLSID\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [a00fa9cf50587fb764dd611006fc8878], PUP.Optional.SmileysWeLove, HKLM\SOFTWARE\CLASSES\SmileysWeLoveToolbar.IEModule, , [a00fa9cf50587fb764dd611006fc8878], PUP.Optional.Babylon, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [b8f7294fb1f795a1be1ba5c743bf5ea2], PUP.Optional.EazelBar, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}, , [b8f707714a5e2b0be6f84a23d72b51af], PUP.Optional.SmileysWeLove, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\1afb8e7a-a08b-475a-beb2-376df461eb17, , [911efc7c2a7e9b9ba39fc0b1887a7888], PUP.Optional.DefaultTab, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, , [03acb1c7d8d0d066c6eec1acb54d30d0], PUP.Optional.Kango, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A88DE8D3-9C38-4F0D-8981-A4C17F7677A1}, , [753a1563d6d268ceebb41658de2410f0], PUP.Optional.Ividi, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\giacfgjdclhnmkacnfbaljbmpnelflol, , [753a50286e3ae650594fa8a53dc6a060], PUP.Optional.Kango, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\hmhfbmpdiffkamakhdbcgojfnbnlcenm, , [f7b80672f7b14fe71fd69ab3a063a957], PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kiplfnciaokpcennlkldkdaeaaomamof, , [a40bf880c4e42610d5ee2f842ed40000], PUP.Optional.AppsUpdater, HKLM\SOFTWARE\MICROSOFT\ESENT\PROCESS\AppsUpdater, , [4768de9a476152e49e26dc62e122b14f], PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0B090169-3072-4646-B062-6D5235020D3D}, , [3b7466125b4d1620decd162d887bbc44], PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F5BE1DE-B1EC-48C9-9720-32987C0AF5B4}, , [4768bbbd01a7ee48e3eca2dc5da69b65], PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}, , [ffb0492ff3b5c076a22d106e61a2738d], PUP.Optional.FastSearchings, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [feb16315822669cd4b86072dbc476a96], PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, , [b0ffb4c4d5d3f04631a1f58940c33ac6], PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [515e2652dccc87afd5ff126835ce9f61], PUP.Optional.UpdateCheckerApp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\UpdateCheckerApp, , [4f608eea634534026d60b4aaf11260a0], PUP.Optional.ASK.Gen, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\APN DTX, , [c1ee3246792f4ceaae608ad90bf87f81], PUP.Optional.SmileysWeLove, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\SmileysWeLove, , [ab047404eeba75c1753baeac1ee5cb35], PUP.Optional.WebSearches.ShrtCln, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\SupHpUISoft, , [baf58debb5f360d62cd6f1c8f70bc937], PUP.Optional.eSupportUndeletePlus, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\ESUPPORT.COM\UndeletePlus, , [b8f7fb7dc5e3c670bde79d212fd1c040], PUP.Optional.Kango, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\hmhfbmpdiffkamakhdbcgojfnbnlcenm, , [931cfc7cbdebba7cd42069e4a45f1be5], PUP.Optional.WebSearchInfo, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [1a959cdc0a9edb5b18bf6dc215ee8e72], PUP.Optional.Babylon, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\53A9319E59EF479FAA2FA62650FDABF4, , [8d228aeeadfb63d37eb8d46b6b98aa56], PUP.Optional.EazelBar, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1E33F981-E92A-4F78-9D61-AE25CBFF1521}, , [2d8287f14d5b7eb8a82a8eb97f842ad6], PUP.Optional.MySearchResults, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FB80C74-68D7-4887-907C-E2CC21D39D3C}, , [882748302f79231311fbcf8452b1b34d], PUP.Optional.Spigot, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E406995-03EA-4506-86C7-75F8A68AF331}, , [931c3d3be4c40e28700cb9a2cd369967], PUP.Optional.Conduit, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D87C08D1-B11E-40C2-A27E-FBE97236636C}, , [0fa013651692ea4c6731bd8633d0c63a], PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, , [b1fe591fcbdd30063393255947bc15eb], PUP.Optional.SmileysWeLove, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\POPAJAR\SWL, , [cde2a1d797113ef8d3dcfd5db54eb14f], PUP.Optional.Popajar, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\POPAJAR, , [efc0c9af495fb97db406490cda295ba5], Registry Values: 18 PUP.Optional.BrowserProtect, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|bProtectTabs, http://www.yhs.delta-search.com/?babsrc=NT_ss&mntrId=A4B4001FD0992621&affID=119982&tt=040713_ifrmful&tsp=3287, , [ddd21e5a743447efea5b5ee3976c5ba5] PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0B090169-3072-4646-B062-6D5235020D3D}|AppPath, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\CT3247436, , [3b7466125b4d1620decd162d887bbc44] PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F5BE1DE-B1EC-48C9-9720-32987C0AF5B4}|AppPath, C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE, , [4768bbbd01a7ee48e3eca2dc5da69b65] PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}|AppPath, C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\FF, , [ffb0492ff3b5c076a22d106e61a2738d] PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=563&systemid=406&apn_uid=4258237201324525&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}, , [b0ffb4c4d5d3f04631a1f58940c33ac6] PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, http://www.search.ask.com/suggest.php?src=ieb&gct=ds&appid=563&systemid=406&apn_uid=4258237201324525&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&qu={searchTerms}&ft=json, , [2a85ee8a248489ad07c735599a6960a0] PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [515e2652dccc87afd5ff126835ce9f61] PUP.Optional.Babylon, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\53A9319E59EF479FAA2FA62650FDABF4|URL, http://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=A4B4001FD0992621&affID=119982&tt=040713_ifrmful&tsp=3287, , [8d228aeeadfb63d37eb8d46b6b98aa56] PUP.Optional.Babylon, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\53A9319E59EF479FAA2FA62650FDABF4|FaviconURL, search.babylon.com/favicon.ico, , [1798e98f0f99a195072f63dcdd26748c] PUP.Optional.EazelBar, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1E33F981-E92A-4F78-9D61-AE25CBFF1521}|DisplayName, EazelBar Search, , [2d8287f14d5b7eb8a82a8eb97f842ad6] PUP.Optional.MySearchResults, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FB80C74-68D7-4887-907C-E2CC21D39D3C}|URL, http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}, , [882748302f79231311fbcf8452b1b34d] PUP.Optional.Spigot, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E406995-03EA-4506-86C7-75F8A68AF331}|URL, http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}, , [931c3d3be4c40e28700cb9a2cd369967] PUP.Optional.Conduit, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D87C08D1-B11E-40C2-A27E-FBE97236636C}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3247436&CUI=UN23264510252253223&UM=2, , [0fa013651692ea4c6731bd8633d0c63a] PUP.Optional.Conduit, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D87C08D1-B11E-40C2-A27E-FBE97236636C}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, , [7936e692109870c690083c075da632ce] PUP.Optional.Conduit, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D87C08D1-B11E-40C2-A27E-FBE97236636C}|FaviconURL, http://search.conduit.com/favicon.ico, , [3778d2a6dfc904329107a3a03cc7f60a] PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=563&systemid=406&apn_uid=4258237201324525&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}, , [b1fe591fcbdd30063393255947bc15eb] PUP.Optional.ASK, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, http://www.search.ask.com/suggest.php?src=ieb&gct=ds&appid=563&systemid=406&apn_uid=4258237201324525&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&qu={searchTerms}&ft=json, , [a50a83f534740b2bebe2a1edec17e719] PUP.Optional.Popajar, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\POPAJAR|UpdateNotifierPath, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Popajar\UpdateChecker\UpdateNotifier.exe, , [efc0c9af495fb97db406490cda295ba5] Registry Data: 3 PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\CHROME.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX, Good: (Chrome.exe), Bad: ("C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com/?type=sc&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX),,[f5ba93e5ccdcdd591de137a90ff4a858] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[624da7d1525666d0f285e9fba85b38c8] PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-299502267-448539723-1801674531-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=hp&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=hp&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX),,[109f87f1dacea591ab3b3da3a063a25e] Folders: 40 PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\gojckjhmehbdfldhldngfjjgbdeapjdh, , [d6d9bfb9feaaa393dfd81b1d000322de], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\jllcbhfnmbfiidoobcmcoekebmgjfkmp, , [e2cdf4849b0d999d9423b8808b7803fd], PUP.Optional.MultiPlug.Gen, C:\Documents and Settings\All Users\Application Data\6720499325772236768, , [cce3a5d377313303c9e7c873c241ee12], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\53ACF26C95A747E5AC45453C7858F778, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\D7510784F83F4AAD9DB6AD406FB5FB39, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\E724B4CB372E45539A190C79B3A396E8, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\APN\APN-Stub, , [e6c994e43375e74f7a70671ebe4447b9], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Wideblue, C:\Documents and Settings\All Users\Application Data\Wideblue installer\Setup, , [a10e01776d3b2d09784dc0d9a161748c], PUP.Optional.SetMyHomePage, C:\Documents and Settings\Ali Baba\Application Data\SetMyHomePage, , [674867114464b5818c80faa104fedb25], PUP.Optional.SetMyHomePage, C:\Documents and Settings\Ali Baba\Application Data\SetMyHomePage\ffsearch, , [674867114464b5818c80faa104fedb25], PUP.Optional.DataMngr.AppFlsh, C:\Documents and Settings\Ali Baba\AppData\LocalLow\DataMngr, , [fcb3babe9b0d43f34f089409a55d9070], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\WinterSoft\SK_Enhancer, , [852a7dfbdeca4bebf1bfcfce29d9a15f], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\WinterSoft\SK_Enhancer\2095614310, , [852a7dfbdeca4bebf1bfcfce29d9a15f], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Feeds, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Log, , [ac036f09cbddb4828f43ccd3ac56b848], Files: 190 PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hk64tbUpM0.dll, , [406f36422a7e280e5105866a2fd47c84], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hk64tbUpM2.dll, , [208fbabe3f693105f6608f6115ee7a86], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hk64tbUpMe.dll, , [446b5f1907a179bd015514dc649f926e], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hktbUpM0.dll, , [555a5820c9dfcf676beb985823e09c64], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hktbUpM2.dll, , [456a6c0c4860290d480ed9172fd4f20e], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\hktbUpMe.dll, , [e2cd502883256bcb15412bc525debe42], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\ldrtbUpM0.dll, , [c3ec2f49d9cff54189cd28c89d6630d0], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\ldrtbUpM2.dll, , [f2bd1d5b1d8ba096035310e0f11246ba], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\ldrtbUpMe.dll, , [0fa06d0bcade092d8acc1fd17a89a759], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\tbUpM0.dll, , [0ca3babed3d5c1754b0b5b95b84b1de3], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\tbUpM2.dll, , [6c431365882038fea8ae29c7996a34cc], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\UpMedia\tbUpMe.dll, , [2d821365cbdd75c1a6b022ce32d126da], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\gojckjhmehbdfldhldngfjjgbdeapjdh\lsdb.js, , [d6d9bfb9feaaa393dfd81b1d000322de], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\gojckjhmehbdfldhldngfjjgbdeapjdh\background.html, , [d6d9bfb9feaaa393dfd81b1d000322de], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\gojckjhmehbdfldhldngfjjgbdeapjdh\content.js, , [d6d9bfb9feaaa393dfd81b1d000322de], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\gojckjhmehbdfldhldngfjjgbdeapjdh\manifest.json, , [d6d9bfb9feaaa393dfd81b1d000322de], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\jllcbhfnmbfiidoobcmcoekebmgjfkmp\lsdb.js, , [e2cdf4849b0d999d9423b8808b7803fd], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\jllcbhfnmbfiidoobcmcoekebmgjfkmp\background.html, , [e2cdf4849b0d999d9423b8808b7803fd], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\jllcbhfnmbfiidoobcmcoekebmgjfkmp\content.js, , [e2cdf4849b0d999d9423b8808b7803fd], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\jllcbhfnmbfiidoobcmcoekebmgjfkmp\manifest.json, , [e2cdf4849b0d999d9423b8808b7803fd], PUP.Optional.MultiPlug.Gen, C:\Documents and Settings\All Users\Application Data\6720499325772236768\cd5b15e575e1c3d0d49311a366a9edff.ini, , [cce3a5d377313303c9e7c873c241ee12], PUP.Optional.Kango, C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx, , [08a702769f099b9b747fc6878b785ea2], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\53ACF26C95A747E5AC45453C7858F778\Trial-14.0.1000.88_en-US_1004739_ROW-EN.exe, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\D7510784F83F4AAD9DB6AD406FB5FB39\RealPlayerR81POC6_ROWUKWEuro_p3v1.exe, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.OpenCandy, C:\Documents and Settings\Ali Baba\Application Data\OpenCandy\E724B4CB372E45539A190C79B3A396E8\SmileysWeLove_SetupS_cdn.exe, , [238ca8d0f4b49a9c248995ea887a1de3], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\18x18.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\background.html, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\blank.html, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest.json, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest_no_button.json, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\new_tab.html, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\search_box.html, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\injection.css, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\jquery-ui-1.8.16.custom.css, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_222222_256x240.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_454545_256x240.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_888888_256x240.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\help.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Bing.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Google.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Search here.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Yahoo.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_before_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down_old.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\icon.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-inner-wrapper.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-left.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button_hovered.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_border_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_before_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_border_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_bottom_border_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_middle_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_border_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_bottom_border_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_bg.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_before_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_before_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_corner.png, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\bg.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\content.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\InjectionManager.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-1.7.1.min.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-ui-1.8.16.custom.min.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery.guid.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\newTab.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptChecker.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptInjector.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.DefaultTab, C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\SearchBox.js, , [0ca3c5b3eabef046adab692309f96b95], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\b.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\background.html, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\config.xml, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\extension_info.json, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\f.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\id.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\jquery.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\KangoBHO.dll, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\KangoBHO64.dll, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\KangoEngine.exe, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\p.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\readme.txt, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\Uninstall.exe, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons\button.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons\icon100.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons\icon128.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons\icon32.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\icons\icon48.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\backgroundscript_engine.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\base.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\browser.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\console.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\global.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\i18n.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\initialize.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\invoke_async.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\io.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\json2.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\kango.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\lang.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\legacy.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\message_target.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\message_target_module.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\messaging.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\storage.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\timer.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\updater.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\userscript_client.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\userscript_engine.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\utils.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango\xhr.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\browser_button.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\context_menu.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\context_menu_item_handler.html, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\kango_api.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\notification.html, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\notifications.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\options.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\ui_base.js, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\bottom-left.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\bottom-middle.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\bottom-right.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\middle-left.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\middle-right.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\tail-bottom.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\tail-left.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\tail-right.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\tail-top.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\top-left.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\top-middle.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.Notificatoin, C:\Program Files\Notificatoin\1.0.0\kango-ui\theme\bubble\top-right.png, , [179836423b6d6acc3232eea5ad5532ce], PUP.Optional.SetMyHomePage, C:\Documents and Settings\Ali Baba\Application Data\SetMyHomePage\main.ini, , [674867114464b5818c80faa104fedb25], PUP.Optional.SetMyHomePage, C:\Documents and Settings\Ali Baba\Application Data\SetMyHomePage\ffsearch\defaultsearch.xml, , [674867114464b5818c80faa104fedb25], PUP.Optional.DataMngr.AppFlsh, C:\Documents and Settings\Ali Baba\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, , [fcb3babe9b0d43f34f089409a55d9070], PUP.Optional.MultiPlug, C:\Documents and Settings\All Users\Application Data\WinterSoft\SK_Enhancer\2095614310.ini, , [852a7dfbdeca4bebf1bfcfce29d9a15f], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\closeBtn.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settingsBtn.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\closeBtn.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Next_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\powered-by.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settings.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\settingsBtn.png, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1706315_1697515_BG.xml, , [ac036f09cbddb4828f43ccd3ac56b848], PUP.Optional.Conduit, C:\Documents and Settings\Ali Baba\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml, , [ac036f09cbddb4828f43ccd3ac56b848], Physical Sectors: 0 (No malicious items detected) (end) Malwarebytes AdwCleaner Logfile: AdwCleaner[S0].txt # AdwCleaner v6.042 - Logfile created 06/01/2017 at 20:55:38 # Updated on 06/01/2017 by Malwarebytes # Database : 2017-01-06.1 [Server] # Operating System : Microsoft Windows XP Service Pack 3 (X86) # Username : Ali Baba - BABA # Running from : C:\Documents and Settings\Ali Baba\Desktop\adwcleaner_6.042.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Folder Found: C:\Documents and Settings\All Users\Application Data\suuurf ANd keEipp Folder Found: C:\Program Files\suuurf ANd keEipp Folder Found: C:\Program Files\uneisaleS Folder Found: C:\Documents and Settings\All Users\Application Data\5d440287b1e807e0 Folder Found: C:\Documents and Settings\All Users\Application Data\suuurf ANd keEipp Folder Found: C:\Documents and Settings\All Users\Application Data\apn Folder Found: C:\Documents and Settings\All Users\Application Data\Babylon Folder Found: C:\Documents and Settings\All Users\Application Data\Device Folder Found: C:\Documents and Settings\All Users\Application Data\Wideblue installer Folder Found: C:\Documents and Settings\All Users\Application Data\WinterSoft Folder Found: C:\Program Files\Conduit ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKCU\Software\a28cddb53def49 Key Found: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r563-n-bf.exe Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SrvUpdater Key Found: HKLM\SOFTWARE\Classes\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A} Key Found: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found: HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\distromatic Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\eSupport.com Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\SetMyHomePage Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Softonic Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\WEBAPP Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Protection Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch Key Found: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-299502267-448539723-1801674531-1003\Software\SweetIM Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\APN DTX Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\distromatic Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\eSupport.com Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Popajar Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SetMyHomePage Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SmileysWeLove Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Softonic Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SupHpUISoft Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\WEBAPP Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Protection Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Found: HKCU\Software\distromatic Key Found: HKCU\Software\eSupport.com Key Found: HKCU\Software\SetMyHomePage Key Found: HKCU\Software\Softonic Key Found: HKCU\Software\WEBAPP Key Found: HKLM\SOFTWARE\SoftwareUpdater Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Protection Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7304C9D1-98AD-55F0-636E-22D8DD57F176} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A88DE8D3-9C38-4F0D-8981-A4C17F7677A1} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EazelBar Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaFF Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaIE Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ividi Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iVIDI Plugin Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vittalia Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Amazon Assistant Data Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP153 Data Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&ts=1420177819&f Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hp&ts=1420177819&from=wpc&uid=HitachiXHDS721050CLA360_JP1532FR34Z7WK34Z7WKX Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\53A9319E59EF479FAA2FA62650FDABF4 Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1E33F981-E92A-4F78-9D61-AE25CBFF1521} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{2FB80C74-68D7-4887-907C-E2CC21D39D3C} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{3E406995-03EA-4506-86C7-75F8A68AF331} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{D87C08D1-B11E-40C2-A27E-FBE97236636C} Key Found: HKU\S-1-5-21-299502267-448539723-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{EBD839AE-B08C-4fb7-859B-F54AF16C159F} Key Found: HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\se Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\nkgfcicgjhneabbbfhddfcgifljdhhpl Key Found: HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [10404 Bytes] - [06/01/2017 20:55:38] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10478 Bytes] ########## ecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16] WebSite: www.safezone.cc DateLog: 06.01.2017 21:47:29 Path starting: C:\Documents and Settings\Ali Baba\Local Settings\temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ali Baba VersionXML: 3.67is-25.12.2016 ___________________________________________________________________________ Windows XP(5.1.2600) Service Pack 3 (x86) Lang: English(0409) Installation date OS: 04.07.2013 21:57:12 Boot Mode: Normal Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe SystemDrive: C: FS: [NTFS] Capacity: [49.8 Gb] Used: [31.8 Gb] Free: [18 Gb] ------------------------------- [ Windows ] ------------------------------- Extended support has ended 08.04.2014, Your operating system may be vulnerable to new types of threats Internet Explorer 8.0.6001.18702 Automatically download and schedule installation Date install updates: 2016-11-02 22:07:12 Automatic Updates (wuauserv) - The service is running Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped Terminal Services (TermService) - The service is running SSDP Discovery Service (SSDPSRV) - The service is running Account guest is enabled. Not require a password. ------------------------------ [ MS Office ] ------------------------------ Microsoft Office 2007 v.12.0.6425.1000 ---------------------------- [ Antivirus_WMI ] ---------------------------- IObit Malware Fighter (disabled and out of date) Avira Antivirus (disabled and up to date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Avira Antivirus v.15.0.19.164 McAfee Security Scan Plus v.3.11.376.2 -------------------------- [ SecurityUtilities ] -------------------------- Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043 --------------------------- [ OtherUtilities ] ---------------------------- WinRAR 5.00 (32-bit) v.5.00.0 Warning! Download Update --------------------------------- [ IM ] ---------------------------------- Skype™ 7.29 v.7.29.102 Warning! Download Update ^Optional update.^ --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.4.3.40298 Warning! P2P-client. -------------------------------- [ Java ] --------------------------------- Java 8 Update 91 v.8.0.910.14 Warning! Download Update Uninstall old version and install new one (jre-8u112-windows-i586.exe). --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 17 ActiveX v.17.0.0.169 Warning! Download Update Adobe Flash Player 21 NPAPI v.21.0.0.242 Warning! Download Update Adobe Reader XI (11.0.08) v.11.0.08 Warning! Download Update ^Please run Adobe Reader XI and go Help - Check for updates...^ ------------------------------- [ Browser ] ------------------------------- Google Chrome v.49.0.2623.112 Warning! Download Update Mozilla Firefox 50.1.0 (x86 bg) v.50.1.0 Opera Stable 36.0.2130.80 v.36.0.2130.80 Warning! Download Update --------------------------- [ RunningProcess ] ---------------------------- C:\Program Files\Mozilla Firefox\firefox.exe v.50.1.0.6186 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Avira Планировщик (AntiVirSchedulerService) - The service is running C:\Program Files\Avira\AntiVir Desktop\sched.exe v.15.0.19.163 Avira Real-Time Protection (AntiVirService) - The service is running C:\Program Files\Avira\AntiVir Desktop\avguard.exe v.15.0.19.163 Avira Mail Protection (AntiVirMailService) - The service has stopped Avira Web Protection (AntiVirWebService) - The service has stopped Avira Service Host (Avira.ServiceHost) - The service is running C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe v.1.1.67.18988 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe v.15.0.19.164 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe v.15.0.19.163 MBAMScheduler (MBAMScheduler) - The service is running C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe v.3.1.7.0 MBAMService (MBAMService) - The service is running C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe v.3.2.21.0 McAfee Security Scan Component Host Service (McComponentHostService) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- IObit Uninstaller v.5.2.1.126 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. Skype Click to Call v.6.13.13771 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems. ----------------------------- [ End of Log ] ------------------------------ AdwCleaner[C0].txt JRT.txt Check_Browsers_LNK.log SecurityCheck.txt
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...