Премини към съдържанието

sv3tlio

Потребител
  • Публикации

    17
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за sv3tlio

  • Титла
    Потребител

Последни посетители

Информацията с последните посетители на профила ви е изключена и не се показва на другите потребители.

  1. Благодаря на всички Ви за отговорите! За жалост наистина XP си отива, а на мен си ми харесва, свикнал съм с него. Пък и тия по-новите Уиндоуси са ми малко неподредени и сякаш цари някакъв хаос в тях. Но това си е мое мнение. Иначе сега по темата. Първо мислех да изтегля Пандата, щото каквото четох за нея ми допадна, но после видях и препоръката за Комодо и заложих на него, не за друго ами понеже просто съм го чувал. Обаче ми се струва, че малко ми бави компютъра, но може да е защото тъкмо го рестартирах след инсталацията и самата програма в момента "се намества", така да се изразя.
  2. Здравейте! Преди 2-3 седмици се регистрирах тук понеже имах проблем с една друга програма, но благодарение на двама човека, които ми помогнаха много, успях да се справя с премахването й. "От тогава" е малко неточно казано, понеже проблема за който пиша сега се появяваше от време на време и преди това, но сега се затвърди, ако мога така да се изразя. Става въпрос за това, че всеки път когато включа компютъра след като е бил напълно изключен ми излиза следното нещо : Преди този проблем се появяваше на 2-3 месеца веднъж и аз със моите скромни софтуер познания просто деинсталирах програмата, инсталирах я наново и всичко се оправяше , но сега този метод не помага. Между другото той и самият ми начин на инсталиране е леко не както трябва, понеже като пиша в Google "Avast free download for xp", вляза в сайта и изтегля това което ми излиза, като дам "Run" не тръгва. И го свързвам с това, че може би файла който аз тегля е за друг вид Windows, а не за XP. И тогава влиза в действие Setup-a за Avast 4.8, който стои в компютъра от преди кажи-речи 10 години, инсталирам го и до ден-два той сам си се актуализира с по-нов. Сега обаче и този метод на човекоподобно зад компютър не помага. Та ако може някой да ми даде акъл или някакъв чалъм, а най-добре сякаш и двете, как аджеба да процедирам по-напред. Ще може ли да се оправи Avast-a или да търся друга, по възможност по-скромничка програма за стария ми Уиндоус.
  3. Ето какво има : Аз давам горе вляво, където пише Уиндоус Ъпдейт и ми излиза това което постнах в предишният си пост. Между другото някакви идеи защо Аваста ми стои зачеркнат с червено хиксче и през 10 минути ме пита иска ли да рестартирам компютъра? Или да си постна нова тема някъде другаде.
  4. Като дам там където ми казваш ми излиза това : И нещо не мога да се оправя, но както и да е. Благодаря Ви много, че ми помогнахте. Никога не бих се справил сам.
  5. След като разбрах как да направя това което ми казваш го направих и стана. Само че след като махнах Security Center чрез Windows key + R вече не ми излиза по същия начин, ами така : А след като дам върху Automatic Updates излиза следното : И не смея да пипам, да не объркам нещо.
  6. Не сте ми казвали, ама аз да кача : # DelFix v1.013 - Logfile created 12/02/2019 at 16:29:22 # Updated 17/04/2016 by Xplode # Username : PC - ACER-71A12AA9FA # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) ~ Removing disinfection tools ... ~ Cleaning system restore ... Deleted : RP #1752 [Контролна точка на системата | 02/10/2019 17:39:52] Deleted : RP #1753 [Restore Point Created by FRST | 02/10/2019 18:50:16] Deleted : RP #1754 [Контролна точка на системата | 02/11/2019 19:11:59] New restore point created ! ########## - EOF - ########## Иначе Security Center като го спирах както ми каза чрез комбинацията Windows key + R, освен него видях папки на програми и игри, които нямам отдавна и ги махнах и тях и сега в disc C ми се освободиха близо 3gb. Извинявай, ама не те разбрах. Трябва да си го изтегля този Windwos Registry Editor ли? Или това се въвежда някъде? Или нито едното.
  7. Извинявай за бавният отговор, но просто не мога да намеря време да седна на компютъра. Иначе дa, наред е. Много ти благодаря, че ми помогна. Само, че имам питане. Tука отскоро мисля, че след като изтеглих този Malware всеки път като включа компютъра ми излиза това : И не знам как да го махна.Като го отворя пък ми излиза това : Не знам дали има общо с Malware, просто го свързвам с него понеже след като го инсталирах взе да ми излиза това нещо.
  8. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 8-02-2019 Ran by PC (administrator) on ACER-71A12AA9FA (09-02-2019 01:30:12) Running from C:\Documents and Settings\PC\Desktop\Нова папка (2) Loaded Profiles: PC (Available Profiles: PC) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\WINXP\system32\smss.exe (Microsoft Corporation) C:\WINXP\system32\csrss.exe (Microsoft Corporation) C:\WINXP\system32\winlogon.exe (Microsoft Corporation) C:\WINXP\system32\services.exe (Microsoft Corporation) C:\WINXP\system32\lsass.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\explorer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\WINXP\system32\spoolsv.exe (Intel Corporation) C:\WINXP\system32\igfxtray.exe (Intel Corporation) C:\WINXP\system32\hkcmd.exe (Intel Corporation) C:\WINXP\system32\igfxsrvc.exe (Intel Corporation) C:\WINXP\system32\igfxpers.exe (Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\WINXP\system32\ctfmon.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe () C:\WINXP\Datecs\Flex2K.exe (Intel Corporation) C:\WINXP\system32\igfxext.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Microsoft Corporation) C:\WINXP\system32\svchost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\WINXP\system32\alg.exe (Microsoft Corporation) C:\WINXP\system32\wscntfy.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [142104 2007-06-13] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [162584 2007-06-13] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [138008 2007-06-13] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Alcmtr] => C:\WINXP\ALCMTR.EXE [69632 2005-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [BroadcomWireless] => C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc. -> Dritek System Inc.) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.) HKLM\...\Run: [UnlockerAssistant] => "C:\Documents and Settings\PC\Desktop\Unlocker\UnlockerAssistant.exe" HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe, HKLM\...\Winlogon: [Shell] Explorer.exe [x ] () HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2007-06-05] (Intel Corporation) Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) Winlogon\Notify\WgaLogon: Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation) HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [GameXN GO] => "C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe" /startup HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.trspch] => C:\WINXP\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.) HKLM\...\Drivers32: [vidc.I420] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] () HKLM\...\Drivers32: [vidc.iv32] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] () HKLM\...\Drivers32: [vidc.iv41] => C:\WINXP\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => C:\WINXP\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => C:\WINXP\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINXP\system32\msaud32.acm [282654 2010-09-16] (Microsoft Corporation) HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINXP\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => C:\WINXP\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => C:\WINXP\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation) HKLM\...\Drivers32: [msacm.l3acm] => C:\WINXP\system32\l3codeca.acm [307260 2010-09-16] (Fraunhofer Institut Integrierte Schaltungen IIS) HKLM\...\Drivers32: [VIDC.XVID] => C:\WINXP\system32\xvidvfw.dll [183808 2010-12-07] () HKLM\...\Drivers32: [VIDC.YV12] => C:\WINXP\system32\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINXP\system32\ac3acm.acm [151552 2010-01-17] (fccHandler) HKLM\...\Drivers32: [msacm.lameacm] => C:\WINXP\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINXP\system32\ff_vfw.dll [80896 2011-01-13] () HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINXP\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINXP\inf\unregmp2.exe [2010-09-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINXP\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{99820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINXP\system32\themeui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\WINXP\system32\mscories.dll [2005-09-23] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-05] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINXP\system32\fdeploy.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINXP\system32\dskquota.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINXP\system32\dot3gpclnt.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINXP\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\WINXP\system32\appmgmts.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ShellServiceObjects: WebCheck -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => C:\WINXP\system32\webcheck.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-05] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2013-12-11] ShortcutTarget: FlexType 2K.lnk -> C:\WINXP\Datecs\Flex2K.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation) Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 05 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 14 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 15 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 16 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 17 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 18 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation) Winsock: Catalog9 19 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Winsock: Catalog9 20 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 46.55.211.4 8.8.8.8 Tcpip\..\Interfaces\{40B9406E-1E5B-4324-B5FA-96068190B82F}: [DhcpNameServer] 46.55.211.4 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-02-05] (AVAST Software s.r.o. -> AVAST Software) DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\q63851us.default-1549495426250 [2019-02-08] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-02-05] [Legacy] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-02-05] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-10] () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.) FF Plugin HKU\S-1-5-21-1060284298-842925246-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.bg/" CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-02-09] CHR Extension: (Google Диск) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30] CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30] CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30] StartMenuInternet: chrome.exe - C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-10] (Adobe Systems Incorporated) [File not signed] S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [29896 2005-09-23] (Microsoft Corporation -> Microsoft Corporation) R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2019-02-05] (AVAST Software a.s. -> AVAST Software) R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation -> Microsoft Corporation) S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software) R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp.) R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 HidServ; C:\WINXP\System32\hidserv.dll [21504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Irmon; C:\WINXP\System32\irmon.dll [28160 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes) S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{E83227BB-4CA0-4898-8450-CEB1E92BAB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Windows -> Microsoft Corporation) S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S4 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Windows -> Microsoft Corporation) R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X] S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 AR5211; C:\WINXP\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [34008 2019-02-05] (AVAST Software a.s. -> AVAST Software) R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [92256 2019-02-05] (AVAST Software a.s. -> AVAST Software) R1 aswRdr; C:\WINXP\system32\drivers\aswRdr.sys [64272 2019-02-05] (AVAST Software a.s. -> AVAST Software) R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [60424 2019-02-05] (AVAST Software a.s. -> AVAST Software) R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [735488 2019-02-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [433768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software) R3 aswStmXP; C:\WINXP\system32\drivers\aswStmXP.sys [184592 2019-02-05] (AVAST Software a.s. -> AVAST Software) S3 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [66688 2019-02-05] (AVAST Software a.s. -> AVAST Software) R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [224752 2019-02-05] (AVAST Software s.r.o. -> AVAST Software) S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 b57w2k; C:\WINXP\System32\DRIVERS\b57xp32.sys [160256 2007-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 btaudio; C:\WINXP\System32\drivers\btaudio.sys [539072 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.) R3 BTDriver; C:\WINXP\System32\DRIVERS\btport.sys [37424 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.) R3 BTKRNL; C:\WINXP\System32\DRIVERS\btkrnl.sys [876384 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.) S3 BTWDNDIS; C:\WINXP\System32\DRIVERS\btwdndis.sys [149123 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.) S3 btwhid; C:\WINXP\System32\DRIVERS\btwhid.sys [55352 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.) S3 btwmodem; C:\WINXP\System32\DRIVERS\btwmodem.sys [37280 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.) S3 BTWUSB; C:\WINXP\System32\Drivers\btwusb.sys [67960 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.) S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 CCDECODE; C:\WINXP\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 DKbFltr; C:\WINXP\System32\DRIVERS\DKbFltr.sys [17408 2006-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Dritek System Inc.) S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software) R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software) R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software.) S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 dtsoftbus01; C:\WINXP\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-18] (Disc Soft Ltd -> Disc Soft Ltd) R1 ESProtectionDriver; C:\WINXP\system32\drivers\mbae.sys [128736 2018-04-26] (Malwarebytes Corporation -> Malwarebytes) S3 ew_usbccgpfilter; C:\WINXP\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider) R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5761728 2007-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [4424192 2007-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 irda; C:\WINXP\System32\DRIVERS\irda.sys [88192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 mbamchameleon; C:\WINXP\system32\drivers\mbamchameleon.sys [148600 2019-02-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINXP\system32\drivers\mbam.sys [40160 2019-02-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINXP\system32\drivers\MBAMSwissArmy.sys [220896 2019-02-08] (Malwarebytes Corporation -> Malwarebytes) R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Conexant) R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12160 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457216 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 MSTEE; C:\WINXP\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NABTSFEC; C:\WINXP\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NdisIP; C:\WINXP\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2010-12-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 NSCIRDA; C:\WINXP\System32\DRIVERS\nscirda.sys [28672 2008-04-14] (Microsoft Windows Component Publisher -> National Semiconductor Corporation) R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 prodrv06; C:\WINXP\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed] R0 prohlp02; C:\WINXP\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed] R0 prosync1; C:\WINXP\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed] R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.) R0 PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions -> Sonic Solutions) R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Rasirda; C:\WINXP\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 sdbus; C:\WINXP\System32\DRIVERS\sdbus.sys [79232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 sfhlp01; C:\WINXP\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed] S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 SLIP; C:\WINXP\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [324096 2013-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.) R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357248 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 streamip; C:\WINXP\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 SynTP; C:\WINXP\System32\DRIVERS\SynTP.sys [215904 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 tifm21; C:\WINXP\System32\drivers\tifm21.sys [290816 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments) S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 usbvideo; C:\WINXP\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Windows -> Microsoft Corporation) S3 WSTCODEC; C:\WINXP\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Windows -> Microsoft Corporation) S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Windows -> Microsoft Corporation) U3 acqz17sd; C:\WINXP\system32\Drivers\acqz17sd.sys [0 ] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) S4 IntelIde; no ImagePath S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-08 13:11 - 2019-02-08 13:52 - 000040160 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbam.sys 2019-02-08 13:11 - 2019-02-08 13:51 - 000220896 _____ (Malwarebytes) C:\WINXP\system32\Drivers\MBAMSwissArmy.sys 2019-02-08 13:11 - 2019-02-08 13:11 - 000148600 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbamchameleon.sys 2019-02-08 13:10 - 2019-02-08 13:10 - 000001715 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes.lnk 2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Program Files\Malwarebytes 2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes 2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes 2019-02-08 13:10 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbae.sys 2019-02-08 13:08 - 2019-02-09 01:30 - 000000000 ____D C:\Documents and Settings\PC\Desktop\Нова папка (2) 2019-02-07 17:04 - 2019-02-07 17:04 - 000000000 ____D C:\Documents and Settings\PC\Application Data\Geek Uninstaller 2019-02-07 01:19 - 2019-02-07 01:19 - 000000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-02-06 23:33 - 2019-02-09 01:32 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Temp 2019-02-06 11:27 - 2019-02-09 01:30 - 000000000 ____D C:\FRST 2019-02-05 22:17 - 2019-02-05 22:17 - 000000000 ____D C:\Documents and Settings\PC\Application Data\AVAST Software 2019-02-05 22:13 - 2019-02-05 22:13 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk 2019-02-05 22:13 - 2019-02-05 22:13 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software 2019-02-05 22:10 - 2019-02-08 13:51 - 000000364 ____H C:\WINXP\Tasks\Avast Emergency Update.job 2019-02-05 22:09 - 2019-02-05 22:11 - 000224752 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswvmm.sys 2019-02-05 22:09 - 2019-02-05 22:10 - 000735488 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswsnx.sys 2019-02-05 22:09 - 2019-02-05 22:08 - 000184592 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys 2019-02-05 22:09 - 2019-02-05 22:08 - 000092256 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys 2019-02-05 22:09 - 2019-02-05 22:08 - 000060424 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys 2019-02-05 22:09 - 2019-02-05 22:08 - 000034008 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys 2019-02-05 22:08 - 2019-02-05 22:07 - 000319760 ____N (AVAST Software) C:\WINXP\system32\aswBoot.exe 2019-02-05 22:07 - 2019-02-05 22:07 - 000053208 _____ (AVAST Software) C:\WINXP\avastSS.scr 2019-02-05 22:07 - 2019-02-05 22:07 - 000000000 ____D C:\Program Files\AVAST Software 2019-02-05 21:50 - 2019-02-05 21:50 - 000001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk 2019-02-05 21:50 - 2019-02-05 21:50 - 000001811 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2019-02-05 21:48 - 2019-02-08 15:59 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job 2019-02-05 21:48 - 2019-02-08 13:50 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job 2019-02-05 21:48 - 2019-02-05 21:50 - 000000000 ____D C:\Program Files\Google 2019-02-05 17:11 - 2019-02-05 17:11 - 000036533 _____ C:\Documents and Settings\PC\Desktop\Vikings.s05e18.(subs.sab.bz).zip 2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Start Menu\BS.Player FREE.lnk 2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Desktop\BS.Player FREE.lnk 2019-01-30 15:58 - 2019-01-30 15:58 - 000000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BS.Player 2019-01-30 15:56 - 2019-01-30 15:56 - 000000000 ____D C:\Program Files\Webteh 2019-01-30 13:14 - 2019-02-05 22:10 - 000433768 ____N (AVAST Software) C:\WINXP\system32\Drivers\aswsp.sys 2019-01-30 13:14 - 2019-02-05 22:08 - 000066688 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys 2019-01-30 13:14 - 2019-02-05 22:08 - 000064272 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys 2019-01-30 13:13 - 2019-01-30 13:13 - 000000000 ____D C:\Program Files\Alwil Software 2019-01-29 11:45 - 2019-02-06 10:45 - 000000066 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG 2019-01-28 12:47 - 2019-01-28 12:47 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\chromium 2019-01-28 12:45 - 2019-01-28 12:45 - 000000000 ____D C:\Documents and Settings\PC\Application Data\4289652d7c94fcc7ae174ec1919b8b78 ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-09 01:32 - 2018-03-20 19:03 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job 2019-02-09 01:11 - 2018-03-20 19:03 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job 2019-02-08 16:31 - 2014-08-25 12:31 - 000322336 _____ C:\Documents and Settings\PC\My Documents\Нов Текстов документ.txt 2019-02-08 15:48 - 2018-06-30 09:43 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job 2019-02-08 13:53 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\Temp 2019-02-08 13:50 - 2018-06-30 09:43 - 000001012 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job 2019-02-08 13:50 - 2011-02-05 12:04 - 000000006 ____H C:\WINXP\Tasks\SA.DAT 2019-02-08 13:48 - 2011-02-05 12:11 - 000000278 ___SH C:\Documents and Settings\PC\ntuser.ini 2019-02-08 13:48 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC 2019-02-08 13:48 - 2011-02-05 12:04 - 000032546 _____ C:\WINXP\SchedLgU.Txt 2019-02-08 13:47 - 2014-06-10 13:20 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Supersoftware App 2019-02-08 13:10 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP 2019-02-08 01:36 - 2017-09-08 10:48 - 000000000 _____ C:\WINXP\system32\last.dump 2019-02-07 01:40 - 2011-02-05 14:28 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BitComet 2019-02-06 23:29 - 2011-02-05 12:04 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp 2019-02-06 23:27 - 2015-11-05 23:52 - 000000000 ___HD C:\WINXP\system32\GroupPolicy 2019-02-05 22:19 - 2011-02-05 11:59 - 000002577 _____ C:\WINXP\system32\CONFIG.NT 2019-02-05 22:18 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\system32 2019-02-05 22:14 - 2018-07-21 09:26 - 000065536 _____ C:\WINXP\system32\config\Antivirus.Evt 2019-02-05 22:12 - 2011-02-05 13:22 - 000000000 ___HD C:\WINXP\inf 2019-02-05 22:07 - 2017-05-29 23:50 - 000011295 _____ C:\Documents and Settings\PC\Desktop\Нов Текстов документ.txt 2019-02-05 22:07 - 2014-01-05 10:18 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software 2019-02-05 20:49 - 2011-02-05 17:51 - 000064512 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-02-05 17:22 - 2015-11-04 18:59 - 000000000 ____D C:\Documents and Settings\PC\Application Data\vlc 2019-02-05 12:23 - 2018-12-27 23:12 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Изтегляния 2019-02-05 11:09 - 2008-04-14 13:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl 2019-01-31 19:20 - 2016-01-04 15:01 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Bluetooth Exchange Folder 2019-01-30 13:20 - 2012-03-09 15:57 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google 2019-01-30 12:56 - 2015-11-03 23:44 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BSplayer 2019-01-30 12:45 - 2018-01-26 10:54 - 000000000 _____ C:\Documents and Settings\PC\last.dump 2019-01-19 22:05 - 2015-01-07 13:41 - 000018432 ____H C:\Documents and Settings\PC\Desktop\photothumb.db 2019-01-10 12:32 - 2018-03-20 19:03 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe 2019-01-10 12:32 - 2018-03-20 19:03 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2011-02-05 17:51 - 2019-02-05 20:49 - 000064512 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINXP\explorer.exe => File is digitally signed C:\WINXP\system32\winlogon.exe => File is digitally signed C:\WINXP\system32\svchost.exe => File is digitally signed C:\WINXP\system32\services.exe => File is digitally signed C:\WINXP\system32\User32.dll => File is digitally signed C:\WINXP\system32\userinit.exe => File is digitally signed C:\WINXP\system32\rpcss.dll => File is digitally signed C:\WINXP\system32\dnsapi.dll => File is digitally signed C:\WINXP\system32\dllhost.exe => File is digitally signed C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt Ти хубаво си казал, ама мен хич ме няма. SystemLook 30.07.11 by jpshortstuff Log created at 20:34 on 09/02/2019 by PC Administrator - Elevation successful ========== filefind ========== Searching for "Decehifo" No files found. Searching for "chromium" No files found. ========== folderfind ========== Searching for "Decehifo" No folders found. Searching for "chromium" C:\Documents and Settings\PC\Local Settings\Application Data\chromium d------ [10:47 28/01/2019] ========== regfind ========== Searching for "Decehifo" No data found. Searching for "chromium" [HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603] "001"="chromium" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgids] "ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM] @="Chromium HTML Document" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon] @="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command] @=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" -- "%1"" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe] "LocalizedString"="Chromium" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command] @=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe"" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM] @="Chromium" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities] "ApplicationDescription"="Chromium е уеб браузър, който зарежда уеб страници и изпълнява приложения със светкавична скорост. Той е бърз, стабилен и лесен за употреба. Сърфирайте в мрежата по-безопасно с вградената защита на Chromium срещу злонамерен софтуер и фишинг." [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities] "ApplicationIcon"="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities] "ApplicationName"="Chromium" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".htm"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".html"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".shtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".xht"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".xhtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations] ".webp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\Startmenu] "StartMenuInternet"="Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "ftp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "http"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "https"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "irc"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "mailto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "mms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "news"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "nntp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "sms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "smsto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "tel"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "urn"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations] "webcal"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon] @="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo] "ReinstallCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --make-default-browser" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo] "HideIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --hide-icons" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo] "ShowIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --show-icons" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command] @=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe"" [HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications] "Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM"="Software\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities" [HKEY_USERS\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Search Assistant\ACMru\5603] "001"="chromium" -= EOF =-
  9. Стъпка 1 я изпълних, създадох нови логове с FRST, обаче не ги копирах както направих първият път, понеже не си ми казал и да не объркам нещо пак... Иначе изтеглих SystemLook, след което давам "Run" и виж какво ми излиза : Предполагам след това трябва да щракна върху "Look" и ми излиза това :
  10. Malwarebytes www.malwarebytes.com -Детайли за регистъра- Дата на сканиране: 8.02.19 г. Час на сканиране: 13:13 Файл на регистъра: a051326a-2b92-11e9-8b74-0017c42222d8.json Администратор: Да -Информация за софтуера- Версия: 3.5.1.2522 Версия на компонентите: 1.0.365 Актуализирай версията на пакета: 1.0.9172 Лиценз: Пробен период -Системна информация- OS: Windows XP Service Pack 3 CPU: x86 Файлова система: NTFS Потребител: ACER-71A12AA9FA\PC -Резюме на сканирането- Тип сканиране: Threat Scan Сканирането е стартирано от: Ръчно Резултат: Завършено Сканирани обекти: 172386 Открити заплахи: 257 Заплахи под карантина: 257 Изтекло време: 21 мин, 59 сек -Опции за сканиране- Памет: Разрешено Стартиране: Разрешено Файлова система: Разрешено Архиви: Разрешено руткитове: Забранено Евристика: Разрешено PUP: Открий PUM: Открий -Детайли за сканирането- Процес: 0 (Не бяха открити зловредни елементи) Модул: 0 (Не бяха открити зловредни елементи) Ключ на регистъра: 35 PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\Datamngr, Под карантина, [59], [253612],1.0.9172 PUP.Optional.Ividi, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\iVIDI Plugin, Под карантина, [1865], [239628],1.0.9172 PUP.Optional.PriceGong, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PriceGong, Под карантина, [1367], [241948],1.0.9172 PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240671],1.0.9172 PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR, Под карантина, [1869], [243128],1.0.9172 PUP.Optional.Booster, HKLM\SOFTWARE\SO_Booster, Под карантина, [819], [235944],1.0.9172 PUP.Optional.MindSpark, HKLM\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240819],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, Под карантина, [1728], [443668],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E9469AF-E866-4476-B767-810630F1F6E7}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\CSASTATS\ic, Под карантина, [420], [586068],1.0.9172 PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP, Под карантина, [420], [481004],1.0.9172 PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr.1, Под карантина, [83], [238207],1.0.9172 PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr, Под карантина, [83], [238207],1.0.9172 PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\CLASSES\Toolbar.CT2233703, Под карантина, [1559], [443525],1.0.9172 PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\APPID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}, Под карантина, [83], [392823],1.0.9172 PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172 PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172 PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Под карантина, [610], [168291],1.0.9172 PUP.Optional.MultiSP, HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}, Под карантина, [7566], [167447],1.0.9172 PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172 PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172 PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, Под карантина, [610], [168261],1.0.9172 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Под карантина, [66], [169264],1.0.9172 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Под карантина, [66], [169264],1.0.9172 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Под карантина, [66], [169264],1.0.9172 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Под карантина, [66], [169264],1.0.9172 PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Под карантина, [33], [160141],1.0.9172 PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, Под карантина, [610], [168441],1.0.9172 Стойност на регистъра: 5 PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Под карантина, [59], [-1],0.0.0 PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR|GLOBALUSERID, Под карантина, [1869], [243128],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}|APPPATH, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}|APPPATH, Под карантина, [1728], [443670],1.0.9172 PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP|TB, Под карантина, [420], [481004],1.0.9172 Данни на регистъра: 4 PUP.Optional.FaceMoods, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SEARCHASSISTANT, Сменен, [83], [293076],1.0.9172 PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Сменен, [13145], [293294],1.0.9172 PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Сменен, [13145], [293295],1.0.9172 PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Сменен, [13145], [293296],1.0.9172 Поток данни: 0 (Не бяха открити зловредни елементи) Папка: 52 PUP.Optional.FaceMoods, C:\Documents and Settings\PC\Application Data\facemoods.com\facemoods, Под карантина, [83], [177074],1.0.9172 PUP.Optional.FaceMoods, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\FACEMOODS.COM, Под карантина, [83], [177074],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\PRICEGONG, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.SearchQu, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\SEARCHQUBAND, Под карантина, [1543], [179463],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z, Под карантина, [1728], [443674],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172 PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758, Под карантина, [816], [179939],1.0.9172 PUP.Optional.SWBooster, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SUPERSOFTWARE APP\SO_Booster, Под карантина, [816], [179939],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}, Под карантина, [758], [484243],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.DataMngr.AppFlsh, C:\DOCUMENTS AND SETTINGS\PC\APPDATA\LOCALLOW\DATAMNGR, Под карантина, [59], [181454],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Log, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CONDUIT, Под карантина, [213], [182116],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}, Под карантина, [758], [542290],1.0.9172 Файл: 161 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\1.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\a.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\b.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\c.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\d.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\e.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\f.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\g.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\h.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\i.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\J.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\k.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\l.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\m.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\mru.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\n.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\o.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\p.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\q.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\r.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\s.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\t.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\u.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\v.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\w.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\x.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\y.xml, Под карантина, [1367], [178994],1.0.9172 PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\z.xml, Под карантина, [1367], [178994],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172 PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z\UrlFolderExtension.ufm, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.css, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.min.css, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.css, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.min.css, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.eot, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.ttf, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.woff, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.eot, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.ttf, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.woff, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.eot, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.ttf, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.woff, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayBttn.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\BlackBK.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts_2.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_closed.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_open.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_ScrollHandle.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_handleAlt.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\favicon.ico, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.bmp, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.bmp, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Break.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Thumb.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Selection_Break.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\SettingsBreak.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\StationBreak.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\temp_blue.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Background.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Player.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Widget.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\App.html, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Background.html, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\lang-en.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\manifest.json, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Player.html, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin\background.min.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.bmp, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.bmp, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.png, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\anemone-1.2.7.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\background.html, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\manifest.json, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\widget-api-1.4.js, Под карантина, [1728], [443674],1.0.9172 PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\UrlFolderExtension.uf1, Под карантина, [1728], [443674],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443156],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172 PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758.ini, Под карантина, [816], [179939],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172 Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172 Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\fomo, Под карантина, [758], [484243],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\aowLC, Под карантина, [758], [484243],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat1, Под карантина, [758], [484243],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat2, Под карантина, [758], [484243],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172 PUP.Optional.DataMngr.AppFlsh, C:\Documents and Settings\PC\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, Под карантина, [59], [181454],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_631527_627389_BG.xml, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_BG.xml, Под карантина, [213], [182116],1.0.9172 PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml, Под карантина, [213], [182116],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}\HOWTOREMOVE\HOWTOREMOVE.HTML, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\chromium-min.jpg, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\control panel-min-min.JPG, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\down.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff menu.JPG, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff search engine-min.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ff.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ie.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\search engine.gif, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\setup pages.gif, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\sp-min.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\start-min.jpg, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\up.png, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\medefomet, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\ratera, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninst.exe, Под карантина, [758], [542290],1.0.9172 PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninstp.dat, Под карантина, [758], [542290],1.0.9172 Физически сектор: 0 (Не бяха открити зловредни елементи) WMI: 0 (Не бяха открити зловредни елементи) (end)
  11. Аз затова си викам да не пипам много ама... Повече няма да правя такива своеволия. Иначе изтеглих го това, тръгвам да го инсталирам, давам "Run", то ме пита на какъв език искам да ползвам инсталатора и то си е зададено "български", след което аз давам "OK" и ми излиза следното нещо :
  12. Пробвах, но ми излиза същото което ми излиза и когато се помъча да я махна от "добавяне или премахване на програми": Относно SO_Sustainer същата работа като преди: Edit : Пробвам така : А сега SO_Sustainer : Същото "Всички следи са премахнати" ми излезе като махнах и Chromium. Малко скрийншотове от "добавяне или премахване на програми": Няма и следа и от двете програми. Надявам се и занапред да е така.
  13. Като го отворя като администратор ми излиза това : Гледам пита за парола, макар и незадължителна. Писах парола "1" (просто си измислих число) и ми излиза това : Не знам за каква парола става въпрос, аз нямам парола на компютъра (ако изобщо има общо де). Като го включвам след пълно изключване или рестарт ми изписва "добре дошли" и това е. Иначе като го включвам след "режим на готовност" ми излиза едно квадратче на син фон, където съм аз юзъра, щраквам върху него и влизам. Не ми иска парола. Пък за тоя Geek Uninstaller като го отворя нормално сякаш по-става работата, виж : А пък като дам с дясното копче на мишката върху Chromium излиза това : Ама нищо не съм правил де, само показвам. Ако не е проблем и по този начин, ще ги премахна както са тук на скрийншота. Обаче нали каза да е като администратор и не смея да пипам, че да не объркам нещо.
  14. Направих това което ми казахте, ето го и файла Fixlog.txt Само, че за стъпка 2 като се помъча да деинсталирам от контролния панел Chromium ми излизат същите неща, които публикувах в първия си пост. Като се помъча да деинсталирам пък това SO_Sustainer 1.80 ми излиза това : След което давам ОК и то продължава да си стои в списъка с програми. Иначе след този рестарт, не ми се отвори Chromium след като се включи компютъра, така че все пак има някакъв напредък.
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване