Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'Приключен'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
  • За kaldata.com
  • Теми
  • Photoshop майнаци Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 29 резултата

  1. Здравейте колеги, реших да си проверя системата за гадинки. Нямам оплаквания, просто профилактично. Преди около месец имах проблем с HDD-то, но беше хардуерен, който оправих навреме. Единствено операционната система малко завлачва при включване, но го отдавам на не доброто ѝ поддържане, а и това, че е на годинка вече. Надявам се тази работа да не е проблем за вас! Копирам съдържанието на FRST.txt: Прикачам и Addition.txt, както е по указания. Не е спешно, когато можете, то и аз съм на работа, та само вечер мога да правя тестове и да изпълнявам зададените скриптове. Не се притеснявайте. Благодаря предварително, поздрави и лека вечер! Addition.txt
  2. Бях в друга тема, но ме изпратиха тук Не знам какво става и как да се справя. Ето линк към другата тема, защото не знам как да формулирам зловредния софтуер. https://www.kaldata.com/forums/topic/245222-%D0%B3%D1%80%D0%B5%D1%88%D0%BA%D0%B0-net-framework/
  3. Здравейте, моля някой да разчете този Лог и да ми помогне да реша проблемите. А главните са: инсталиране на нов браузър и вмъкване на реклами в сайтовете. Ползвам Мозила (ако това има значение). FRST.txt Съдържанието на Addition.txt
  4. Все бях слушала за вируси от флашки,но вчера се сблъсках челно с тях Снощи включих една с музика,подарък от дядо Коледа за да видя всичките песни и изведнъж мишката ми спря да работи,изключих флашката ,но явно вече е било късно.Днес компютъра постоянно забиваше,докато не забелязах че изчезват някои файлове . jpg формат.Пуснах антивирусната,но тя се омота отвсякъде ,накрая на десктопа ми ,на место избраната снима се появи подробно съобщение,снимах с телефона и ви го показвам.Сега всичките ми снимки са 20130330_113107.JPG.rlmlqja с такова разширение след точката.Ако се опитам да преименувам файла и да махна .rlmlqja снимката се унищожава.Дали има някакъв начин да се спаси нещо
  5. Привет колеги от HJT Team . Имам съмнения за инфектиран OS от вируси . Моля погледнете Log-овете и изкажете мнението си Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01 Ran by Raziel (administrator) on RAZIEL-PC on 07-12-2014 17:29:14 Running from C:\Users\Raziel\Downloads Loaded Profile: Raziel (Available profiles: Raziel) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (H.D.S. Hungary) D:\Programs, Stuffs\Hard Disk sentinel\HDSentinel.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKU\S-1-5-21-865714450-4282349912-717563855-1000\...\MountPoints2: {5463d2c3-7a3c-11e4-aa6b-d0509925fa83} - E:\SETUP.EXE ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-865714450-4282349912-717563855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-865714450-4282349912-717563855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xABAEB9A0450ED001 HKU\S-1-5-21-865714450-4282349912-717563855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-21-865714450-4282349912-717563855-1000 -> DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-865714450-4282349912-717563855-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "https://www.google.bg/" CHR Profile: C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Презентации) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-02] CHR Extension: (Google Документи) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-02] CHR Extension: (Google Диск) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-02] CHR Extension: (YouTube) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-02] CHR Extension: (Google Търсене) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-02] CHR Extension: (Електронни таблици от Google) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-02] CHR Extension: (Google Wallet) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-02] CHR Extension: (Gmail) - C:\Users\Raziel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-04] (Intel Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-12-02] () [File not signed] U3 a0hz01nc; C:\Windows\System32\Drivers\a0hz01nc.sys [0 ] (Microsoft Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:29 - 2014-12-07 17:29 - 00007566 _____ () C:\Users\Raziel\Downloads\FRST.txt 2014-12-07 17:29 - 2014-12-07 17:29 - 00000000 ____D () C:\FRST 2014-12-07 17:28 - 2014-12-07 17:28 - 02119680 _____ (Farbar) C:\Users\Raziel\Downloads\FRST64.exe 2014-12-07 03:21 - 2014-12-07 03:21 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-06 22:56 - 2014-12-06 22:58 - 00000000 ____D () C:\Users\Raziel\Documents\GTA San Andreas User Files 2014-12-06 22:54 - 2014-12-06 22:54 - 02227043 _____ () C:\Users\Raziel\Downloads\hw64_448.zip 2014-12-06 22:54 - 2014-12-06 22:54 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\WinRAR 2014-12-06 22:34 - 2014-12-06 22:34 - 00000000 ____D () C:\Users\Raziel\Documents\GTA Vice City User Files 2014-12-06 22:33 - 2014-12-06 22:57 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-12-03 03:21 - 2014-12-02 17:26 - 00000000 ____D () C:\Windows\Panther 2014-12-02 23:29 - 2014-12-07 03:23 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-12-02 23:29 - 2014-12-07 03:22 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-12-02 23:29 - 2014-12-02 23:29 - 00000000 ____D () C:\Program Files\Realtek 2014-12-02 23:29 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-12-02 23:29 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-12-02 23:29 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-12-02 23:29 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-12-02 23:29 - 2014-05-02 11:19 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll 2014-12-02 23:29 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-12-02 23:29 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-12-02 23:29 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-12-02 23:29 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-12-02 23:29 - 2014-04-23 17:51 - 02117424 _____ () C:\Windows\system32\SStudio.dll 2014-12-02 23:29 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2014-12-02 23:29 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-12-02 23:29 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-12-02 23:29 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2014-12-02 23:29 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-12-02 23:29 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-12-02 23:29 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-12-02 23:29 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-12-02 23:29 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-12-02 23:29 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-12-02 23:29 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-12-02 23:29 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-12-02 23:29 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2014-12-02 23:29 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-12-02 23:29 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-12-02 23:29 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-12-02 23:29 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-12-02 23:29 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-12-02 23:29 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-12-02 23:29 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2014-12-02 23:29 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-12-02 23:29 - 2014-02-06 11:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-12-02 23:29 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-12-02 23:29 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-12-02 23:29 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-12-02 23:29 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-12-02 23:29 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-12-02 23:29 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-12-02 23:29 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-12-02 23:29 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-12-02 23:29 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-12-02 23:29 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-12-02 23:29 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-12-02 23:29 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-12-02 23:29 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-12-02 23:29 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-12-02 23:29 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-12-02 23:29 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-12-02 23:29 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-12-02 23:29 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-12-02 23:29 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-12-02 23:29 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-12-02 23:29 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-12-02 23:29 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-12-02 23:29 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-12-02 23:29 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-12-02 23:29 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-12-02 23:29 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-12-02 23:29 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-12-02 23:29 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-12-02 23:29 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-12-02 23:29 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-12-02 23:29 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-12-02 23:29 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-12-02 23:29 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-12-02 23:29 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-12-02 23:29 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-12-02 23:29 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-12-02 23:29 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-12-02 23:29 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-12-02 23:29 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-12-02 23:29 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-12-02 23:12 - 2014-12-02 23:18 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Raziel\Downloads\64bit_Win7_Win8_Win81_R275.exe 2014-12-02 21:33 - 2014-12-02 21:33 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\Hard Disk Sentinel 2014-12-02 21:19 - 2014-12-07 17:11 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log 2014-12-02 18:22 - 2014-12-07 17:26 - 00007619 _____ () C:\Users\Raziel\AppData\Local\Resmon.ResmonCfg 2014-12-02 18:17 - 2014-12-07 03:21 - 00000000 ____D () C:\ProgramData\Intel® Update Manager 2014-12-02 18:17 - 2014-12-02 21:22 - 00000000 ____D () C:\ProgramData\Intel 2014-12-02 18:17 - 2014-12-02 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2014-12-02 18:17 - 2014-12-02 18:17 - 00000000 ____D () C:\Users\Raziel\Intel 2014-12-02 18:14 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-12-02 18:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-12-02 18:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-12-02 18:14 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-12-02 18:13 - 2014-12-02 18:13 - 00810233 _____ () C:\Users\Raziel\Downloads\kmdf-1.11-Win-6.1-x64.msu 2014-12-02 18:11 - 2014-12-07 03:22 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-12-02 18:11 - 2014-12-02 18:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-02 18:09 - 2014-12-07 03:21 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-12-02 18:09 - 2014-12-02 18:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2014-12-02 18:09 - 2014-02-21 12:56 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2014-12-02 18:07 - 2014-12-02 18:07 - 00000000 ____D () C:\ProgramData\Package Cache 2014-12-02 18:00 - 2014-12-02 18:00 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Toolbar 2014-12-02 17:59 - 2014-12-02 18:03 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\DAEMON Tools Lite 2014-12-02 17:59 - 2014-12-02 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2014-12-02 17:59 - 2014-12-02 18:00 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-12-02 17:59 - 2014-12-02 17:59 - 00834544 _____ () C:\Windows\system32\Drivers\sptd.sys 2014-12-02 17:59 - 2014-12-02 17:59 - 00003160 _____ () C:\Windows\System32\Tasks\SidebarExecute 2014-12-02 17:59 - 2014-12-02 17:59 - 00000000 ____D () C:\Users\Raziel\Downloads\Daemon Tools Lite 4.35.6.0091 (with SPTD 1.62) 2014-12-02 17:59 - 2014-12-02 17:59 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-12-02 17:57 - 2014-12-02 17:57 - 00000000 ____D () C:\Program Files\Driver Sweaper 2014-12-02 17:56 - 2014-12-07 03:24 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\AIMP3 2014-12-02 17:56 - 2014-12-02 17:56 - 00000949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-12-02 17:56 - 2014-12-02 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-12-02 17:56 - 2014-12-02 17:56 - 00000000 ____D () C:\Program Files (x86)\uTorrent 2014-12-02 17:56 - 2014-12-02 17:56 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-12-02 17:55 - 2014-12-02 23:29 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\uTorrent 2014-12-02 17:55 - 2014-12-02 17:55 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer 2014-12-02 17:55 - 2014-12-02 17:55 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer 2014-12-02 17:54 - 2014-12-02 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-02 17:53 - 2014-12-07 17:09 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-02 17:53 - 2014-12-06 22:58 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-02 17:53 - 2014-12-02 17:54 - 00000000 ____D () C:\Users\Raziel\AppData\Local\Google 2014-12-02 17:53 - 2014-12-02 17:54 - 00000000 ____D () C:\Program Files (x86)\Google 2014-12-02 17:53 - 2014-12-02 17:53 - 00003994 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-12-02 17:53 - 2014-12-02 17:53 - 00003742 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-12-02 17:53 - 2014-12-02 17:53 - 00000000 ____D () C:\Users\Raziel\AppData\Local\Deployment 2014-12-02 17:53 - 2014-12-02 17:53 - 00000000 ____D () C:\Users\Raziel\AppData\Local\Apps\2.0 2014-12-02 17:49 - 2014-12-02 23:37 - 00000000 ____D () C:\Users\Raziel\Documents\Prototype 2014-12-02 17:49 - 2014-12-02 17:49 - 00010047 _____ () C:\Windows\DirectX.log 2014-12-02 17:49 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-12-02 17:49 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-12-02 17:49 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-12-02 17:49 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-12-02 17:49 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-12-02 17:49 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-12-02 17:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-12-02 17:49 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-12-02 17:49 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-12-02 17:49 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-12-02 17:49 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-12-02 17:49 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-12-02 17:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-12-02 17:49 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-12-02 17:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2014-12-02 17:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-12-02 17:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-12-02 17:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2014-12-02 17:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-12-02 17:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2014-12-02 17:49 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-12-02 17:49 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-12-02 17:49 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-12-02 17:49 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-12-02 17:49 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-12-02 17:49 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-12-02 17:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-12-02 17:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2014-12-02 17:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2014-12-02 17:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-12-02 17:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-12-02 17:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2014-12-02 17:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2014-12-02 17:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-12-02 17:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2014-12-02 17:49 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-12-02 17:49 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2014-12-02 17:49 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2014-12-02 17:49 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-12-02 17:49 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-12-02 17:49 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2014-12-02 17:49 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-12-02 17:49 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2014-12-02 17:49 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-12-02 17:49 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2014-12-02 17:49 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-12-02 17:49 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2014-12-02 17:49 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-12-02 17:49 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2014-12-02 17:49 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-12-02 17:49 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2014-12-02 17:49 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-12-02 17:49 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2014-12-02 17:49 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-12-02 17:49 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2014-12-02 17:49 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-12-02 17:49 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2014-12-02 17:49 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-12-02 17:49 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-12-02 17:49 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2014-12-02 17:49 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-12-02 17:49 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-12-02 17:49 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2014-12-02 17:49 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-12-02 17:49 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2014-12-02 17:49 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-12-02 17:49 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-12-02 17:49 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-12-02 17:49 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2014-12-02 17:49 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-12-02 17:49 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2014-12-02 17:49 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-12-02 17:49 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2014-12-02 17:49 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-12-02 17:49 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2014-12-02 17:49 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-12-02 17:49 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2014-12-02 17:49 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2014-12-02 17:49 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-12-02 17:49 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-12-02 17:49 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-12-02 17:49 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-12-02 17:49 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2014-12-02 17:49 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-12-02 17:49 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-12-02 17:49 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-12-02 17:49 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-12-02 17:49 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-12-02 17:49 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-12-02 17:49 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-12-02 17:49 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-12-02 17:49 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-12-02 17:49 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-12-02 17:49 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-12-02 17:49 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-12-02 17:49 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-12-02 17:49 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-12-02 17:49 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-12-02 17:49 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-12-02 17:49 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-12-02 17:49 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-12-02 17:49 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-12-02 17:49 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-12-02 17:49 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-12-02 17:49 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-12-02 17:49 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-12-02 17:49 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-12-02 17:49 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-12-02 17:49 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-12-02 17:49 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-12-02 17:49 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-12-02 17:49 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-12-02 17:49 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-12-02 17:49 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-12-02 17:49 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-12-02 17:47 - 2014-12-02 17:49 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-12-02 17:46 - 2014-12-02 17:46 - 00000000 ____D () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-02 17:46 - 2014-12-02 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-12-02 17:46 - 2014-12-02 17:46 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-02 17:43 - 2014-12-02 17:43 - 00057560 _____ () C:\Users\Raziel\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-02 17:43 - 2014-12-02 17:43 - 00000000 ____D () C:\Users\Raziel\Desktop\Games 2014-12-02 17:42 - 2014-12-02 17:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-12-02 17:39 - 2014-12-02 17:39 - 00763706 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-12-02 17:39 - 2014-12-02 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-12-02 17:39 - 2014-12-02 17:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-12-02 17:39 - 2013-06-21 14:06 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-12-02 17:39 - 2013-06-21 14:06 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-12-02 17:39 - 2013-06-21 12:23 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-12-02 17:39 - 2013-06-21 12:23 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-12-02 17:39 - 2013-06-21 12:23 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-12-02 17:39 - 2013-06-21 12:23 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-12-02 17:39 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-12-02 17:39 - 2013-06-20 06:17 - 03253909 _____ () C:\Windows\system32\nvcoproc.bin 2014-12-02 17:37 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-12-02 17:37 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-12-02 17:37 - 2013-06-21 14:06 - 00021578 _____ () C:\Windows\system32\nvinfo.pb 2014-12-02 17:36 - 2014-12-02 17:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-12-02 17:36 - 2014-12-02 17:36 - 00000000 ____D () C:\NVIDIA 2014-12-02 17:35 - 2014-12-02 17:35 - 00000000 ____D () C:\Intel 2014-12-02 17:34 - 2014-12-02 18:17 - 00000000 ____D () C:\Program Files\Intel 2014-12-02 17:34 - 2014-02-05 15:46 - 00001904 ____N () C:\Windows\system32\SetupBD.din 2014-12-02 17:33 - 2014-02-25 12:05 - 00565560 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2014-12-02 17:27 - 2014-12-02 17:27 - 00001427 _____ () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-12-02 17:27 - 2014-12-02 17:27 - 00001393 _____ () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-12-02 17:26 - 2014-12-02 18:17 - 00000000 ____D () C:\Users\Raziel 2014-12-02 17:26 - 2014-12-02 17:26 - 00000020 ___SH () C:\Users\Raziel\ntuser.ini 2014-12-02 17:26 - 2014-12-02 17:26 - 00000000 __SHD () C:\Recovery 2014-12-02 17:26 - 2014-12-02 17:26 - 00000000 ____D () C:\Users\Raziel\AppData\Local\VirtualStore 2014-12-02 17:26 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-02 17:26 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Raziel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-02 17:25 - 2014-12-02 17:25 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-12-02 17:25 - 2014-12-02 17:25 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-12-02 17:24 - 2014-12-02 18:33 - 00042715 _____ () C:\Windows\WindowsUpdate.log 2014-12-02 17:24 - 2014-12-02 17:24 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-12-02 17:23 - 2014-12-02 17:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-07 17:26 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-07 17:26 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-07 17:13 - 2009-07-14 07:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-07 17:11 - 2009-07-14 06:51 - 00031633 _____ () C:\Windows\setupact.log 2014-12-07 17:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-03 03:21 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-12-03 03:21 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-12-02 23:28 - 2010-11-21 05:47 - 00005592 _____ () C:\Windows\PFRO.log 2014-12-02 22:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-12-02 17:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-12-02 17:33 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore 2014-12-02 17:25 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-12-02 17:25 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-02 17:24 - 2009-07-14 06:46 - 00002790 _____ () C:\Windows\DtcInstall.log 2014-12-02 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-12-02 17:22 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\CSC 2014-12-02 17:22 - 2009-07-14 06:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\Raziel\AppData\Local\Temp\AskSLib.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-02 22:10 ==================== End Of Log ======================= FRST.txt Addition.txt
  6. Здравей те ,незнам дали тук трябва да пиша ,но моля за извинение ако не е точното място.ПРоблема ми е следният имам стационарен компютър ,лаптоп и таблет ,мился че имам вирус някъде ,защото не отварям повечето сайтове ,,и най -големият ми проблем е че съм с малко дете и не мога да пусна нито една детска песничка или филмче .Форматирахме стационарни компютър и лаптопа и пак съм в изходна позиция. Моля за съдействие !
  7. Проблемът ми е следният. Без да искам, докато инсталирам една прогама, в рекламите от сетъпа забравих да махна една отметка за сетване на хоумпейдж. И сега в IE и Mozilla хоумпейджа ми е на сайта mystartsearch.com, въпреки че според настройките е зададен гугъл. Пробвах да намеря решение в интернет, но навсякъде ме изпращаха към програмата Spy Hunter, която откри вируса, но за да го изтрие иска да я закупя. Пробвах сканиране с Malwarebytes, но тя не открива нищо. Сега ще пробвам с bitdefender. Мисля че няма смисъл да пробвам със security essentials. С Windwos 8.1 Enterprise съм.
  8. Здравейте , направих нелепата грешка да изключа компютъра от копчето докато се изключваше от start -> shut down и правеше ъпдейт преди да се изключи... След 20 мин. го пуснах.. само черен екран нищо друго. Рестартирах го няколко пъти.. и накрая му зададох от биоса "Load fail-safe mode" и се показа иконата "welcome".. сигурно 20 минути зареждаше... правих абсолютно всичко което съм прочел в google за проблема и не ставаше.. преинсталирах го днес , уж тръгна добре и изведнъж почна да насича от време на време.. и не е толкова бърз както преди , то се уцеща .. сигурно на 50% по слаб е. даже Counter Strike 1.6 ми сече от време на време... Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01 Ran by juFo (administrator) on JUFO-PC on 15-01-2015 21:47:47 Running from C:\Users\juFo\Desktop Loaded Profiles: juFo (Available profiles: juFo) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (BitTorrent Inc.) C:\Users\juFo\AppData\Roaming\uTorrent\uTorrent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2015-01-15] (Realtek Semiconductor) HKU\S-1-5-21-733561725-510286294-37263813-1001\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-733561725-510286294-37263813-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-733561725-510286294-37263813-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-733561725-510286294-37263813-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKU\S-1-5-21-733561725-510286294-37263813-1001 -> DefaultScope {6A1806CD-94D4-4689 URL = SearchScopes: HKU\S-1-5-21-733561725-510286294-37263813-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\n0o1py36.default FF Homepage: hxxp://www.google.bg/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml FF Extension: No Name - C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\n0o1py36.default\Extensions\trash [2015-01-15] FF Extension: ABV Notifier - C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\n0o1py36.default\Extensions\[email protected] [2015-01-15] FF Extension: Adblock Plus - C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\n0o1py36.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15] Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2014-12-13] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-13] (NVIDIA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-03-12] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-15] (REALiX) R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2015-01-15] (JMicron Technology Corp.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-15 23:23 - 2015-01-15 13:33 - 00000000 ____D () C:\Windows\Panther 2015-01-15 21:47 - 2015-01-15 21:48 - 00006929 _____ () C:\Users\juFo\Desktop\FRST.txt 2015-01-15 21:47 - 2015-01-15 21:47 - 01116672 _____ (Farbar) C:\Users\juFo\Desktop\FRST.exe 2015-01-15 21:47 - 2015-01-15 21:47 - 00000000 ____D () C:\FRST 2015-01-15 21:02 - 2015-01-15 21:02 - 00001060 _____ () C:\Users\Public\Desktop\Picasa 3.lnk 2015-01-15 21:02 - 2015-01-15 21:02 - 00000000 ____D () C:\Users\juFo\AppData\Local\Google 2015-01-15 21:02 - 2015-01-15 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2015-01-15 21:01 - 2015-01-15 21:02 - 00000000 ____D () C:\Program Files\Google 2015-01-15 20:16 - 2015-01-15 20:16 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Macromedia 2015-01-15 20:16 - 2015-01-15 20:16 - 00000000 ____D () C:\Users\juFo\AppData\Local\Macromedia 2015-01-15 20:15 - 2015-01-15 20:15 - 00023840 _____ (REALiX) C:\Windows\system32\Drivers\HWiNFO32.SYS 2015-01-15 20:08 - 2015-01-15 20:08 - 00000000 ____D () C:\Program Files\AGEIA Technologies 2015-01-15 20:07 - 2015-01-15 21:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-15 20:07 - 2015-01-15 20:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-01-15 20:07 - 2015-01-15 20:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-01-15 20:07 - 2015-01-15 20:07 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys 2015-01-15 20:07 - 2015-01-15 20:07 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-15 20:05 - 2015-01-15 20:05 - 00719576 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2015-01-15 20:05 - 2015-01-15 20:05 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2015-01-15 20:05 - 2015-01-15 20:05 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2015-01-15 20:04 - 2015-01-15 20:04 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2015-01-15 20:04 - 2015-01-15 20:04 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2015-01-15 20:04 - 2015-01-15 20:04 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-01-15 20:04 - 2015-01-15 20:04 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll 2015-01-15 20:04 - 2015-01-15 20:04 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2015-01-15 20:04 - 2015-01-15 20:04 - 00000000 ____D () C:\Windows\system32\RTCOM 2015-01-15 20:04 - 2015-01-15 20:04 - 00000000 ____D () C:\Program Files\Realtek 2015-01-15 20:03 - 2015-01-15 20:04 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2015-01-15 20:03 - 2015-01-15 20:03 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll 2015-01-15 20:03 - 2015-01-15 20:03 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll 2015-01-15 19:53 - 2015-01-15 20:15 - 00002088 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk 2015-01-15 19:53 - 2015-01-15 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2 2015-01-15 19:53 - 2015-01-15 19:53 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\IObit 2015-01-15 19:53 - 2015-01-15 19:53 - 00000000 ____D () C:\ProgramData\ProductData 2015-01-15 19:53 - 2015-01-15 19:53 - 00000000 ____D () C:\ProgramData\IObit 2015-01-15 19:53 - 2015-01-15 19:53 - 00000000 ____D () C:\Program Files\IObit 2015-01-15 19:38 - 1999-01-11 01:31 - 00000000 ____D () C:\Users\juFo\Desktop\;p 2015-01-15 19:30 - 2015-01-15 19:30 - 00001165 _____ () C:\Users\juFo\Desktop\Counter Strike 1.6 Non Steam.lnk 2015-01-15 19:28 - 2015-01-15 19:28 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\NVIDIA 2015-01-15 14:36 - 2015-01-15 21:43 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Skype 2015-01-15 14:36 - 2015-01-15 14:36 - 00002685 _____ () C:\Users\Public\Desktop\Skype.lnk 2015-01-15 14:36 - 2015-01-15 14:36 - 00000000 ___RD () C:\Program Files\Skype 2015-01-15 14:36 - 2015-01-15 14:36 - 00000000 ____D () C:\Users\juFo\AppData\Local\Skype 2015-01-15 14:36 - 2015-01-15 14:36 - 00000000 ____D () C:\ProgramData\Skype 2015-01-15 14:36 - 2015-01-15 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-01-15 14:36 - 2015-01-15 14:36 - 00000000 ____D () C:\Program Files\Common Files\Skype 2015-01-15 14:31 - 2015-01-15 21:40 - 00000040 _____ () C:\Users\juFo\Desktop\programi.txt 2015-01-15 14:31 - 2015-01-15 19:05 - 00000181 _____ () C:\Users\juFo\Desktop\godaddy.txt 2015-01-15 14:31 - 2015-01-15 17:34 - 00000000 ____D () C:\Users\juFo\Desktop\ITOPIA 2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\WinRAR 2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\Program Files\WinRAR 2015-01-15 14:31 - 2015-01-15 11:47 - 00000045 _____ () C:\Users\juFo\Desktop\ITTT.txt 2015-01-15 14:31 - 2015-01-14 17:10 - 00000018 _____ () C:\Users\juFo\Desktop\Нов текстов документ.txt 2015-01-15 14:31 - 2015-01-12 15:22 - 00000000 ____D () C:\Users\juFo\Desktop\baneri 2015-01-15 14:31 - 2015-01-11 14:05 - 00000000 ____D () C:\Users\juFo\Desktop\INTECS 2015-01-15 14:31 - 2014-12-30 13:02 - 00000000 ____D () C:\Users\juFo\Desktop\Primux Kappa 2015-01-15 14:31 - 2014-12-29 11:18 - 00000030 _____ () C:\Users\juFo\Desktop\Нов текстов документ (4).txt 2015-01-15 14:31 - 2014-12-12 23:33 - 00000000 ____D () C:\Users\juFo\Desktop\zaek 2015-01-15 14:31 - 2014-09-06 20:05 - 00000346 _____ () C:\Users\juFo\Desktop\Нов текстов документ (2).txt 2015-01-15 14:14 - 2015-01-15 20:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-15 14:13 - 2014-07-02 19:39 - 00609240 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe 2015-01-15 14:12 - 2014-07-02 21:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-01-15 14:12 - 2014-07-02 21:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2015-01-15 14:12 - 2014-07-02 21:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-01-15 14:12 - 2014-07-02 21:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-01-15 14:12 - 2014-07-02 21:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-01-15 14:12 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin 2015-01-15 14:11 - 2014-07-02 22:54 - 00061728 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-01-15 14:09 - 2014-08-11 22:19 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll 2015-01-15 14:09 - 2014-08-11 22:19 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys 2015-01-15 14:09 - 2014-08-11 22:19 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 16122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 14498552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-01-15 14:09 - 2014-07-02 22:54 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2015-01-15 14:09 - 2014-07-02 22:54 - 00021215 _____ () C:\Windows\system32\nvinfo.pb 2015-01-15 14:03 - 2015-01-15 14:03 - 00000000 ____D () C:\Users\juFo\AppData\Local\NVIDIA Corporation 2015-01-15 14:03 - 2015-01-15 14:03 - 00000000 ____D () C:\Users\juFo\AppData\Local\NVIDIA 2015-01-15 14:02 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-01-15 14:02 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-01-15 14:02 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-01-15 13:59 - 2014-12-13 02:11 - 02210040 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll 2015-01-15 13:59 - 2014-12-13 02:11 - 01291464 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll 2015-01-15 13:58 - 2015-01-15 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-01-15 13:52 - 2015-01-15 13:52 - 00000000 ____D () C:\Program Files\Microsoft.NET 2015-01-15 13:50 - 2015-01-15 20:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-15 13:50 - 2015-01-15 14:14 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-01-15 13:50 - 2015-01-15 13:50 - 00000000 ____D () C:\ProgramData\boost_interprocess 2015-01-15 13:50 - 2014-11-22 12:46 - 00032912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys 2015-01-15 13:50 - 2014-11-22 12:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll 2015-01-15 13:44 - 2015-01-15 13:44 - 00000355 _____ () C:\Users\juFo\Desktop\My Computer.lnk 2015-01-15 13:41 - 2015-01-15 21:46 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\uTorrent 2015-01-15 13:41 - 2015-01-15 13:41 - 00000849 _____ () C:\Users\juFo\Desktop\µTorrent.lnk 2015-01-15 13:41 - 2015-01-15 13:41 - 00000000 ____D () C:\ProgramData\APN 2015-01-15 13:40 - 2015-01-15 13:40 - 01678928 _____ (BitTorrent Inc.) C:\Users\juFo\Downloads\uTorrent.exe 2015-01-15 13:38 - 2015-01-15 13:38 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Mozilla 2015-01-15 13:38 - 2015-01-15 13:38 - 00000000 ____D () C:\Users\juFo\AppData\Local\Mozilla 2015-01-15 13:37 - 2015-01-15 13:37 - 00058016 _____ () C:\Users\juFo\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-15 13:37 - 2015-01-15 13:37 - 00001113 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-15 13:37 - 2015-01-15 13:37 - 00001101 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-15 13:37 - 2015-01-15 13:37 - 00000000 ____D () C:\ProgramData\Mozilla 2015-01-15 13:37 - 2015-01-15 13:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-01-15 13:37 - 2015-01-15 13:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-01-15 13:34 - 2015-01-15 14:16 - 00000000 ____D () C:\Users\juFo\AppData\Local\VirtualStore 2015-01-15 13:34 - 2015-01-15 13:34 - 00001409 _____ () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-01-15 13:34 - 2015-01-15 13:34 - 00000020 ___SH () C:\Users\juFo\ntuser.ini 2015-01-15 13:34 - 2015-01-15 13:34 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Adobe 2015-01-15 13:34 - 2015-01-15 13:34 - 00000000 ____D () C:\Users\juFo 2015-01-15 13:34 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-15 13:34 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-15 13:33 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-01-15 13:33 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-01-15 13:33 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-01-15 13:33 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-01-15 13:33 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-01-15 13:33 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-01-15 13:33 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-01-15 13:33 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-01-15 13:33 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-01-15 13:33 - 2014-02-03 13:20 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-15 13:32 - 2015-01-15 13:32 - 00000000 __SHD () C:\Recovery 2015-01-15 13:32 - 2014-03-02 14:03 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-15 13:28 - 2015-01-15 20:16 - 00312469 _____ () C:\Windows\WindowsUpdate.log 2015-01-15 13:28 - 2015-01-15 13:28 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-01-15 13:28 - 2015-01-15 13:28 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-01-15 13:25 - 2015-01-15 13:28 - 00001355 _____ () C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-15 23:22 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2015-01-15 23:22 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2015-01-15 21:45 - 2009-07-14 06:34 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-15 21:45 - 2009-07-14 06:34 - 00016864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-15 20:17 - 2010-11-20 23:01 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-15 20:13 - 2009-07-14 06:39 - 00024232 _____ () C:\Windows\setupact.log 2015-01-15 20:12 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-15 16:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-01-15 14:57 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-01-15 14:16 - 2010-11-20 23:48 - 00006086 _____ () C:\Windows\PFRO.log 2015-01-15 14:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help 2015-01-15 13:32 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2015-01-15 13:32 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries 2015-01-15 13:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\Recovery 2015-01-15 13:28 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-15 13:28 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-15 13:25 - 2010-11-21 02:46 - 00000000 ____D () C:\Windows\CSC 2015-01-15 13:25 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log 2015-01-15 13:25 - 2009-07-14 06:33 - 00268128 _____ () C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\juFo\AppData\Local\Temp\utt5BB1.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-15 15:58 ==================== End Of Log ============================ Addition.txt
  9. Здравейте. Днес си сърфирах нормално в Интернет, когато изведнъж стрелката започна да се движи сама, а аз нямах контрол над нея. Отвори ми браузър Опера, Интернет Експрорер и други. Това продължи за кратко, може би 15 секунди. След това всичко и беше нормално, сякаш нищо не се беше случило. Само че Старт менюто ми го нямаше- като натиснех на Старт бутона и ми излизаше големия прозорец на Windows 8- тези, които са с нея, знаят за какво говоря. Най-вероятно е вирус и реших да сканирам компютъра с ЕСЕТ. Нищо не откри. Сканирах го и с MCAFEE, пак нищо. По-късно го сканирах и с Microsoft Safety Scanner, като му дадох Пълно сканиране- нищо. Накрая и с Malicious Software Removal Tool, но пак нищо. Дали все пак имам вирус?
  10. Непрекъснато получавам и изпращам пакети докато всички възможни програми които използват интернет са изключени. Също така regedit Task Manager и т.н са ми забранени. Ето и двата файла които ви трябват ! FRST.txt Addition.txt
  11. Здравеите от известно време лаптопа почна да зарежда бавно папките се отварят много бавно антивирусната нищо неоткрива.Ако може да погледнете дали има нещо или е друг проблема.Благодаря предварително.
  12. Здравейте , от известно време лаптопа ми започна да работи по-бавно.Извърших някои почиствания които са споменати в темата за забавяне на компютъра , но не помогнаха.Дайте съвет какво да направя. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by pc1 (administrator) on PC1123333 on 15-03-2015 22:52:49 Running from C:\Users\pc1\Downloads Loaded Profiles: pc1 (Available profiles: pc1) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd) HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381584a-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381585b-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {40e522f1-30c1-11e2-a9c3-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8ca-10a0-11e2-be1c-e0ca94e19ff0} - G:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8dd-10a0-11e2-be1c-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81318-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81336-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81364-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {b017f233-e98d-11e2-b241-e0ca94e19ff0} - H:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e7868358-918e-11e2-ab1d-e0ca94e19ff0} - I:\AutoRun.exe HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e786836c-918e-11e2-ab1d-e0ca94e19ff0} - H:\AutoRun.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: CGMFragment Class -> {0695F52A-89A2-4246-81B5-AFAD2D3B865F} -> C:\Program Files (x86)\Ematek\MetaWeb\MetaBHO.dll [2007-01-20] () BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWOW64\cgmopenbho.dll [2005-06-09] (CGM Open Consortium, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-27] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-27] (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{68329BAA-58A1-41E8-82B3-0CD8FF13112A}: [NameServer] 212.39.90.42 212.39.90.43 Tcpip\..\Interfaces\{C105DB8B-578E-4900-8490-E7400F1B18D5}: [NameServer] 212.39.90.42 212.39.90.43 Tcpip\..\Interfaces\{FDA2D1B6-5B09-419F-A793-DE955FE1B9AE}: [NameServer] FireFox: ======== FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default FF DefaultSearchEngine,S: FF SearchEngineOrder.1: FF SearchEngineOrder.1,S: FF SelectedSearchEngine: FF SelectedSearchEngine,S: FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPGTSPlugin.dll [2011-09-11] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml [2015-01-11] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml [2015-01-11] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml [2015-01-11] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-01-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-02-23] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.bg/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-05-11] (Autodata Limited) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2013-03-21] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-18] () S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2013-03-21] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) S3 Tosrfcom; No ImagePath R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [285696 2007-06-17] (Jungo) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-15 22:52 - 2015-03-15 22:53 - 00016760 _____ () C:\Users\pc1\Downloads\FRST.txt 2015-03-15 22:52 - 2015-03-15 22:52 - 02095616 _____ (Farbar) C:\Users\pc1\Downloads\FRST64.exe 2015-03-15 22:30 - 2015-03-15 22:31 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1 2015-03-15 22:30 - 2015-03-15 22:30 - 00004108 _____ () C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly 2015-03-15 22:30 - 2015-03-15 22:30 - 00003428 _____ () C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily 2015-03-15 22:30 - 2015-03-15 22:30 - 00000863 _____ () C:\Users\Public\Desktop\MyDefrag.lnk 2015-03-15 22:30 - 2015-03-15 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2015-03-15 22:30 - 2010-05-21 12:11 - 01147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe 2015-03-15 22:30 - 2010-05-21 12:11 - 00485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr 2015-03-15 22:28 - 2015-03-15 22:28 - 02082630 _____ (J.C. Kessels ) C:\Users\pc1\Downloads\MyDefrag-v4.3.1.exe 2015-03-15 22:17 - 2015-03-15 22:17 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanUp! 2015-03-15 22:17 - 2015-03-15 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanUp! 2015-03-15 22:17 - 2015-03-15 22:17 - 00000000 ____D () C:\Program Files (x86)\CleanUp! 2015-03-15 22:16 - 2015-03-15 22:17 - 00339257 _____ () C:\Users\pc1\Downloads\CleanUp452.exe 2015-03-14 17:01 - 2015-03-14 17:06 - 364946328 ____R () C:\Users\pc1\Desktop\Vikings.S03E03.HDTV.XviD-FUM.avi 2015-03-14 17:01 - 2015-03-14 17:01 - 00065501 _____ () C:\Users\pc1\Downloads\Vikings.s03e03.(subs.sab.bz).rar 2015-03-14 17:00 - 2015-03-14 17:01 - 00000000 ____D () C:\Users\pc1\Desktop\Vikings.S03E04.HDTVRip.XviD-REFLUXTV 2015-03-14 17:00 - 2015-03-14 17:00 - 00051973 _____ () C:\Users\pc1\Downloads\Vikings.s03e04.(subs.sab.bz).rar 2015-03-14 16:58 - 2015-03-14 16:59 - 00000000 ____D () C:\Users\pc1\Desktop\viking 2015-03-14 14:53 - 2015-03-14 14:54 - 00000000 ____D () C:\Users\pc1\Desktop\rod durvo 2015-03-10 21:21 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-10 21:21 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-10 21:21 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-10 21:21 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-10 21:21 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-10 21:21 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-10 21:21 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-10 21:21 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-10 21:21 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-10 21:21 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-10 21:21 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-10 21:21 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-10 21:21 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-10 21:21 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-10 21:21 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-10 21:21 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-10 21:21 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-10 21:21 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-10 21:21 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-10 21:21 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-10 21:21 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-10 21:21 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-10 21:21 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-10 21:21 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-10 21:21 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-10 21:21 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-10 21:21 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-10 21:21 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-10 21:21 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-10 21:21 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-10 21:21 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-10 21:21 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-10 21:21 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-10 21:21 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-10 21:21 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-10 21:21 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-10 21:21 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-10 21:21 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-10 21:21 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-10 21:21 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-10 21:21 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-10 21:21 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-10 21:21 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-10 21:21 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-10 21:21 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-10 21:21 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-10 21:21 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-10 21:21 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-10 21:21 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-10 21:21 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-10 21:21 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-10 21:21 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-10 21:21 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-10 21:21 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-10 21:21 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-10 21:21 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-10 21:21 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-10 21:21 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-10 21:21 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-10 21:21 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-10 21:21 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-10 21:21 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-10 21:21 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-10 21:21 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-10 21:21 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-10 21:21 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-10 21:20 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-10 21:20 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-10 21:20 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-10 21:20 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-10 21:20 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-10 21:20 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-10 21:20 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-10 21:20 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-10 21:20 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-10 21:20 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-10 21:20 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-10 21:20 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-10 21:20 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-10 21:20 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-10 21:20 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-10 21:20 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-10 21:20 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-10 21:20 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-10 21:20 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-10 21:20 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-10 21:20 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-10 21:20 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-10 21:20 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-10 21:20 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-10 21:20 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-10 21:20 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-10 21:18 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-10 21:18 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-10 21:18 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-10 21:18 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-10 21:18 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-10 21:18 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-10 21:18 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-10 21:18 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-10 21:18 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-10 21:18 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-10 21:18 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-10 21:18 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-10 21:18 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-10 21:18 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-10 21:18 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-10 21:18 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-10 21:18 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-10 21:18 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-10 21:18 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-10 21:18 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-10 21:17 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-10 21:17 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-10 21:17 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-10 21:17 - 2015-01-31 05:48 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-10 21:17 - 2015-01-31 05:05 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-10 21:17 - 2015-01-31 05:04 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2015-03-10 21:17 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-10 21:17 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-10 21:13 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-10 21:13 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-08 16:17 - 2015-03-08 16:17 - 00000000 ____D () C:\Users\pc1\Desktop\Canon 2015-03-08 15:02 - 2015-03-08 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series User Registration 2015-03-08 14:59 - 2015-03-08 14:59 - 00000000 ____D () C:\Program Files\Common Files\CANON 2015-03-08 14:59 - 2015-03-08 14:59 - 00000000 ____D () C:\Program Files\Canon 2015-03-08 14:57 - 2015-03-08 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-03-08 14:55 - 2015-03-08 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series Manual 2015-03-08 14:54 - 2015-03-08 14:54 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2015-03-08 14:54 - 2015-03-08 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series 2015-03-08 14:53 - 2008-05-26 22:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9E.DLL 2015-03-08 14:52 - 2015-03-08 14:52 - 00000000 ___HD () C:\Program Files\CanonBJ 2015-03-08 14:52 - 2008-05-30 02:28 - 00293376 _____ (CANON INC.) C:\Windows\system32\CNC540L.DLL 2015-03-08 14:52 - 2008-04-07 07:59 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC540C.DLL 2015-03-08 14:52 - 2008-04-07 07:59 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC540I.DLL 2015-03-08 14:52 - 2007-03-15 07:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC540O.DLL 2015-03-08 14:51 - 2015-03-08 15:02 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-03-08 14:34 - 2015-03-08 14:34 - 00000000 ___HD () C:\ProgramData\CanonBJ 2015-03-07 19:56 - 2015-03-07 19:56 - 00000742 _____ () C:\Windows\KB893803v2.log 2015-03-05 21:30 - 2015-03-05 21:35 - 00000000 ____D () C:\Users\pc1\Desktop\tel 2015-03-04 22:07 - 2015-03-04 22:07 - 01303972 _____ () C:\Users\pc1\Downloads\alreader2.win32.en__0.zip 2015-03-04 20:57 - 2015-03-04 21:01 - 00000000 ____D () C:\Users\pc1\Desktop\chitanka-info-archive-sfb 2015-03-03 23:26 - 2015-03-03 23:26 - 00000000 ____D () C:\Users\pc1\Desktop\Vreme razdelno - The Threat (Zaplahata){1988} DVDRip.XviD.AC3 - C_B 2015-03-03 19:29 - 2015-03-03 19:29 - 00772207 _____ () C:\Users\pc1\Downloads\Dzhordzh_R._R._Martin_-_Igra_na_tronove_-1349-b.txt.zip 2015-02-27 21:01 - 2015-02-27 21:12 - 1315495124 ____R () C:\Users\pc1\Desktop\VANish.2015.BRRip.avi 2015-02-25 20:56 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-25 20:56 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-25 20:56 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-25 20:56 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-24 23:19 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-24 23:19 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-23 20:23 - 2015-02-23 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-14 12:25 - 2015-02-14 12:25 - 14942044 _____ () C:\Users\pc1\Downloads\2.wmv ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-15 22:52 - 2014-09-15 21:04 - 00000000 ____D () C:\FRST 2015-03-15 22:52 - 2012-09-28 22:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-15 22:36 - 2012-09-25 21:48 - 01622086 _____ () C:\Windows\WindowsUpdate.log 2015-03-15 22:29 - 2012-09-26 19:19 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\uTorrent 2015-03-15 22:21 - 2012-10-06 18:59 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-15 14:44 - 2009-07-14 07:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-15 14:21 - 2012-10-06 18:59 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-15 14:00 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-15 14:00 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-15 13:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-15 13:42 - 2009-07-14 06:51 - 00182521 _____ () C:\Windows\setupact.log 2015-03-15 13:41 - 2013-03-11 21:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-15 01:35 - 2013-01-12 17:27 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\vlc 2015-03-15 01:01 - 2015-01-17 01:28 - 00000069 _____ () C:\Windows\NeroDigital.ini 2015-03-13 20:21 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-12 22:09 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-03-11 22:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-03-11 19:58 - 2009-07-14 06:45 - 00410312 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-11 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-11 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2015-03-11 19:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-11 19:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\bg-BG 2015-03-11 00:23 - 2013-04-06 20:30 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 00:23 - 2009-07-14 04:34 - 00000653 _____ () C:\Windows\win.ini 2015-03-10 23:55 - 2013-08-13 22:40 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-10 23:42 - 2012-09-26 20:34 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-08 21:54 - 2015-02-08 14:25 - 00000000 ____D () C:\Users\pc1\Desktop\obuchenie 2015-03-08 15:01 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2015-03-07 19:56 - 2013-02-16 16:36 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\DAEMON Tools Lite 2015-03-04 21:26 - 2014-03-10 21:55 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-03-03 15:17 - 2010-11-21 05:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-03 13:28 - 2009-07-14 07:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-28 18:11 - 2013-05-11 08:31 - 00000000 ____D () C:\ADCDA2 2015-02-26 21:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2015-02-23 22:49 - 2014-02-15 20:03 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\Skype 2015-02-23 21:49 - 2014-02-15 20:03 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-02-23 21:49 - 2014-02-15 20:03 - 00000000 ____D () C:\ProgramData\Skype ==================== Files in the root of some directories ======= 2014-09-08 21:41 - 2014-09-08 21:41 - 0000094 _____ () C:\Users\pc1\AppData\Roaming\settings.xml Some content of TEMP: ==================== C:\Users\pc1\AppData\Local\Temp\MSETUP4.EXE C:\Users\pc1\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-15 19:03 ==================== End Of Log ============================ Addition Addition.txt
  13. Здравейте! Пиша ви от телефона, защото на компютъра почти е невъзможно да се направи нещо.. в task-manager ми показва че диска е 100% и компа здраво бави. Това се получава чак когато системата зареди. самото включване е доста бързо, а след като се логна и започват да зареждат процесите компа става бавен. Съмненията ми са че е някакъв вирус, не знам но е много бавен Addition.txt FRST.txt
  14. Усеща се леко забавяне в работата на машината най-вече при google chrome Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014 01 Ran by Venci (administrator) on VENCI-PC on 20-10-2014 23:10:13 Running from C:\Users\Venci\Desktop Loaded Profile: Venci (Available profiles: Venci) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Английски (Съединени щати) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Trace Software International) C:\Program Files\SolidWorks Corp\SolidWorks Electrical\server\EwServer.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe () C:\Program Files\Genymobile\Genymotion\genymotion.exe () C:\Program Files\Genymobile\Genymotion\player.exe (Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe () C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe () C:\Program Files\Oracle\VirtualBox\VBoxNetDHCP.exe () C:\Program Files\Genymobile\Genymotion\tools\adb.exe () C:\Program Files\Genymobile\Genymotion\tools\adb.exe () C:\Program Files\Genymobile\Genymotion\tools\adb.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET) HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\Policies\Explorer: [] HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {1ce2e127-df60-11e3-86f4-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {36111fdf-c009-11e3-aea5-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {779e7243-32a3-11e4-8f16-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {91bf97d0-327b-11e4-bc29-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {c014bcf6-32b4-11e4-bc1b-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3328014198-438540201-1253216375-1001\...\MountPoints2: {c07cfd7b-bfbc-11e3-94e8-90e6ba33f1df} - H:\HTC_Sync_Manager_PC.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55B66FC92BEBCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-08] Chrome: ======= CHR Profile: C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Диск) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2002-01-01] CHR Extension: (YouTube) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2002-01-01] CHR Extension: (Adblock Plus) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-20] CHR Extension: (Google Търсене) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2002-01-01] CHR Extension: (Google Wallet) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-08] CHR Extension: (Gmail) - C:\Users\Venci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2002-01-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 ewserver; C:\Program Files\SolidWorks Corp\SolidWorks Electrical\server\EwServer.exe [193024 2014-03-31] (Trace Software International) [File not signed] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [235656 2014-03-31] (Mentor Graphics Corporation) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-10-16] (SolidWorks) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-09] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S3 OSFMount; \??\C:\Users\Venci\Desktop\bin\OSFMount.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 23:10 - 2014-10-20 23:10 - 00010761 _____ () C:\Users\Venci\Desktop\FRST.txt 2014-10-20 23:09 - 2014-10-20 23:10 - 00000000 ____D () C:\FRST 2014-10-20 23:07 - 2014-10-20 23:07 - 02110976 _____ (Farbar) C:\Users\Venci\Desktop\FRST64.exe 2014-10-20 22:55 - 2014-10-20 23:00 - 00000996 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-20 22:55 - 2014-10-20 23:00 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-20 22:55 - 2014-10-20 22:55 - 00003992 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-20 22:55 - 2014-10-20 22:55 - 00003740 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-10-20 22:55 - 2014-10-20 22:55 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-20 22:55 - 2014-10-20 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-20 22:35 - 2014-10-20 22:35 - 00000552 _____ () C:\Windows\PFRO.log 2014-10-20 22:34 - 2014-10-20 22:35 - 00000056 _____ () C:\Windows\setupact.log 2014-10-20 22:34 - 2014-10-20 22:34 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-20 22:30 - 2014-10-20 22:31 - 00000000 ___SD () C:\ComboFix 2014-10-20 22:30 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-10-20 22:30 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-10-20 22:30 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-10-20 22:30 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-10-20 22:30 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-10-20 22:30 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe 2014-10-20 22:30 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe 2014-10-20 22:30 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe 2014-10-20 22:29 - 2014-10-20 22:30 - 00000000 ____D () C:\Qoobox 2014-10-20 22:29 - 2014-10-20 22:29 - 00000000 ____D () C:\Windows\erdnt 2014-10-20 22:26 - 2014-10-20 22:26 - 00000000 ____D () C:\Windows\ERUNT 2014-10-20 22:18 - 2014-10-20 22:20 - 00000000 ____D () C:\AdwCleaner 2014-10-20 22:04 - 2014-10-20 22:54 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\Opera 2014-10-20 22:04 - 2014-10-20 22:54 - 00000000 ____D () C:\Users\Venci\AppData\Local\Opera 2014-10-20 22:04 - 2014-10-20 22:54 - 00000000 ____D () C:\Program Files\Opera x64 2014-10-20 22:02 - 2014-10-20 22:03 - 14491632 _____ (Opera Software ASA) C:\Users\Venci\Downloads\Opera_1217_int_Setup_x64.exe 2014-10-20 21:50 - 2014-10-20 21:50 - 00000000 ____D () C:\Users\Venci\AppData\Local\Mozilla 2014-10-20 21:50 - 2014-10-20 21:50 - 00000000 ____D () C:\Users\Venci\AppData\Local\Macromedia 2014-10-20 12:08 - 2014-10-20 12:08 - 00000000 ____D () C:\Users\Venci\Desktop\Нова папка 2014-10-17 18:43 - 2014-10-17 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion 2014-10-17 14:08 - 2014-10-17 14:26 - 00000400 __RSH () C:\ProgramData\ntuser.pol 2014-10-17 04:08 - 2014-10-17 04:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-10-17 04:08 - 2014-10-17 04:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2014-10-16 20:33 - 2014-10-16 20:54 - 00000000 ____D () C:\Windows\AutoKMS 2014-10-16 20:33 - 2014-10-16 20:33 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS 2014-10-16 20:27 - 2014-09-29 03:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 20:27 - 2014-09-20 03:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 20:27 - 2014-09-20 02:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 20:27 - 2014-09-20 02:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 20:27 - 2014-09-20 02:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 20:27 - 2014-09-20 02:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 20:27 - 2014-09-20 02:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 20:27 - 2014-09-20 02:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-10-16 20:27 - 2014-09-20 02:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 20:27 - 2014-09-20 02:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 20:27 - 2014-09-20 02:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-10-16 20:27 - 2014-09-20 02:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 20:27 - 2014-09-20 02:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 20:27 - 2014-09-20 02:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 20:27 - 2014-09-20 02:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 20:27 - 2014-09-20 02:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 20:27 - 2014-09-20 02:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 20:27 - 2014-09-20 02:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 20:27 - 2014-09-20 02:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-10-16 20:27 - 2014-09-20 02:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-10-16 20:27 - 2014-09-20 02:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 20:27 - 2014-09-20 02:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-10-16 20:27 - 2014-09-20 01:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 20:27 - 2014-09-20 01:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 20:27 - 2014-09-20 01:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 20:27 - 2014-09-20 01:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 20:27 - 2014-09-20 01:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 20:27 - 2014-09-20 01:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 20:27 - 2014-09-20 01:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-10-16 20:27 - 2014-09-20 01:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 20:27 - 2014-09-20 01:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 20:27 - 2014-09-20 01:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 20:27 - 2014-09-20 01:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-10-16 20:27 - 2014-09-20 01:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 20:27 - 2014-09-20 01:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 20:27 - 2014-09-20 01:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-10-16 20:27 - 2014-09-20 01:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 20:27 - 2014-09-20 01:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 20:27 - 2014-09-20 01:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 20:27 - 2014-09-20 01:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 20:27 - 2014-09-20 01:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-10-16 20:27 - 2014-09-20 01:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-10-16 20:27 - 2014-09-20 01:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 20:27 - 2014-08-19 06:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-16 20:27 - 2014-08-19 06:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-16 20:27 - 2014-07-07 05:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-16 20:27 - 2014-07-07 05:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-16 20:27 - 2014-07-07 05:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-16 20:27 - 2014-07-07 04:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-16 20:27 - 2014-07-07 04:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-16 20:27 - 2014-07-07 04:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-16 20:27 - 2014-06-28 03:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-16 20:27 - 2014-06-28 03:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 20:27 - 2014-06-19 01:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 20:26 - 2014-08-19 06:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-16 20:26 - 2014-08-19 06:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-16 20:26 - 2014-08-19 06:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-16 20:26 - 2014-08-19 06:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-16 20:26 - 2014-08-19 06:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-16 20:26 - 2014-08-19 06:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-16 20:26 - 2014-08-19 06:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-16 20:26 - 2014-08-19 06:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-16 20:26 - 2014-08-19 05:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-16 20:26 - 2014-08-19 05:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-16 20:26 - 2014-08-19 05:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-16 20:26 - 2014-07-07 05:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-16 20:26 - 2014-07-07 05:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-16 20:26 - 2014-07-07 05:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-16 20:26 - 2014-07-07 05:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-16 20:26 - 2014-07-07 05:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-16 20:26 - 2014-07-07 05:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-16 20:26 - 2014-07-07 05:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-16 20:26 - 2014-07-07 05:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-16 20:26 - 2014-07-07 05:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-16 20:26 - 2014-07-07 04:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-16 20:26 - 2014-07-07 04:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-16 20:26 - 2014-07-07 04:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-16 20:26 - 2014-07-07 04:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-16 20:26 - 2014-07-07 04:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-16 20:26 - 2014-07-07 04:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-16 20:26 - 2014-07-07 04:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-16 20:26 - 2014-07-07 04:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-16 20:26 - 2014-06-28 03:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-16 20:25 - 2014-09-18 05:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 20:25 - 2014-09-18 04:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 20:25 - 2014-09-04 08:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 20:25 - 2014-09-04 08:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 20:25 - 2014-08-29 05:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 20:25 - 2014-07-17 05:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 20:25 - 2014-07-17 05:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 20:25 - 2014-07-17 05:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 20:25 - 2014-07-17 05:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 20:25 - 2014-07-17 05:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 20:25 - 2014-07-17 04:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 20:25 - 2014-07-17 04:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 20:25 - 2014-07-17 04:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 20:25 - 2014-07-17 04:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 20:25 - 2014-07-17 04:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-16 20:25 - 2011-01-16 03:01 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 20:24 - 2014-09-13 04:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 20:24 - 2014-09-13 04:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 20:24 - 2014-09-05 05:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 20:24 - 2014-09-05 04:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 20:16 - 2014-10-16 20:16 - 00000000 ____D () C:\Users\Venci\AppData\Local\TempSWBackupDirectory 2014-10-16 20:15 - 2014-10-16 20:15 - 00000000 ____D () C:\Users\Venci\AppData\Local\SolidWorks 2014-10-16 19:55 - 2014-10-16 19:55 - 00000000 ____D () C:\ProgramData\Simpoe 2014-10-16 19:53 - 2014-10-16 19:53 - 00000000 ____D () C:\ProgramData\SolidWorks Flow Simulation 2014-10-16 19:53 - 2014-10-16 19:53 - 00000000 ____D () C:\ProgramData\COSMOS Applications 2014-10-16 19:52 - 2014-10-16 19:52 - 00000000 ____D () C:\Users\Venci\Documents\SolidWorksComposer 2014-10-16 19:51 - 2014-10-16 19:51 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-10-16 19:51 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\system32\pdfcmnnt.dll 2014-10-16 19:51 - 1998-07-06 01:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 2014-10-16 19:51 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX 2014-10-16 19:48 - 2014-10-16 19:48 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\help_images_otherUI 2014-10-16 19:48 - 2014-10-16 19:48 - 00000000 ____D () C:\Program Files (x86)\SolidWorks Corp 2014-10-16 19:48 - 2014-10-16 19:48 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI 2014-10-16 19:46 - 2014-10-16 19:46 - 00000000 ____D () C:\Users\Venci\Documents\SolidWorks Visual Studio Tools for Applications 2014-10-16 19:46 - 2014-10-16 19:46 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\DassaultSystemes 2014-10-16 19:46 - 2014-10-16 19:46 - 00000000 ____D () C:\Users\Venci\AppData\Local\DassaultSystemes 2014-10-16 19:46 - 2014-10-16 19:46 - 00000000 ____D () C:\ProgramData\DassaultSystemes 2014-10-16 19:36 - 2014-10-16 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014 2014-10-16 19:32 - 2014-10-16 19:55 - 00000000 ____D () C:\Program Files\SolidWorks Corp 2014-10-16 19:32 - 2014-10-16 19:49 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-10-16 19:32 - 2014-10-16 19:32 - 00000000 ____D () C:\ProgramData\SolidWorks 2014-10-16 19:32 - 2014-10-16 19:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-16 19:30 - 2014-10-16 19:43 - 00000000 ____D () C:\SolidWorks Data (2) 2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8 2014-10-16 19:23 - 2012-02-11 08:46 - 00180312 _____ (Microsoft Corporation) C:\Windows\system32\hadrres.dll 2014-10-16 19:23 - 2012-02-11 08:46 - 00082520 _____ (Microsoft Corporation) C:\Windows\system32\fssres.dll 2014-10-16 19:14 - 2014-10-16 19:14 - 00000000 ____D () C:\Users\Venci\Documents\Visual Studio 2005 2014-10-16 19:14 - 2014-10-16 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 2014-10-16 19:13 - 2014-10-16 19:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8 2014-10-16 19:12 - 2014-10-16 19:51 - 00000000 ____D () C:\ProgramData\SolidWorks Electrical 2014-10-16 19:12 - 2014-10-16 19:12 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-10-16 19:11 - 2014-10-16 19:11 - 00000000 ____D () C:\SolidWorks Data 2014-10-16 19:10 - 2014-10-16 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks Installation Manager 2014-10-16 19:06 - 2014-10-16 20:15 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\SolidWorks 2014-10-16 19:06 - 2014-10-16 19:30 - 00000000 ____D () C:\Windows\SolidWorks 2014-10-12 16:02 - 2014-10-12 16:02 - 00003102 _____ () C:\Windows\System32\Tasks\{AC653DED-26D9-4D42-A580-5CE2FA2D6526} 2014-10-10 15:07 - 2014-10-10 15:08 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-10 15:07 - 2014-10-10 15:07 - 00000000 ____D () C:\ProgramData\Sun 2014-10-07 19:04 - 2014-10-08 11:30 - 00000000 ____D () C:\Users\Venci\Documents\FIFA 14 2014-10-07 19:04 - 2014-10-07 19:04 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-10-07 19:03 - 2014-10-07 19:03 - 00000000 ____D () C:\ProgramData\Origin 2014-10-07 17:04 - 2014-10-10 19:00 - 00000000 ____D () C:\Users\Venci\AppData\Local\LogMeIn Hamachi 2014-10-07 17:04 - 2014-10-07 17:04 - 00000000 ____D () C:\Users\Venci\AppData\Local\LogMeIn 2014-10-07 17:04 - 2014-10-07 17:04 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-10-07 17:01 - 2014-10-07 17:01 - 00045270 _____ () C:\Users\Venci\AppData\Roaming\room_v3.dat 2014-10-07 16:55 - 2014-10-07 17:03 - 00000000 ____D () C:\Program Files (x86)\Garena Plus 2014-10-07 15:58 - 2014-10-07 17:13 - 00000000 ____D () C:\Users\Venci\Documents\FIFA 08 2014-10-07 15:51 - 2014-10-07 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports 2014-10-01 11:42 - 2014-09-25 05:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 11:42 - 2014-09-25 04:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-25 18:53 - 2014-09-25 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-24 09:37 - 2014-09-10 01:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 09:37 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-21 01:01 - 2014-09-21 01:01 - 00000000 ____D () C:\Program Files\Genymobile ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-20 22:55 - 2002-01-01 01:55 - 00000000 ____D () C:\Program Files (x86)\Google 2014-10-20 22:54 - 2002-01-01 01:44 - 00001427 _____ () C:\Users\Venci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-20 22:54 - 2002-01-01 01:44 - 00001393 _____ () C:\Users\Venci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-10-20 22:46 - 2014-08-11 17:09 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Venci-PC-Venci Venci-PC 2014-10-20 22:42 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\Venci\.VirtualBox 2014-10-20 22:42 - 2014-09-01 16:03 - 00000000 ____D () C:\Users\Venci\AppData\Local\Genymobile 2014-10-20 22:40 - 2014-04-24 22:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-20 22:36 - 2014-04-08 23:44 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\Skype 2014-10-20 22:35 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-20 22:34 - 2009-07-14 07:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-20 22:34 - 2009-07-14 07:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-20 22:34 - 2002-01-01 11:41 - 01198871 _____ () C:\Windows\WindowsUpdate.log 2014-10-20 22:24 - 2014-04-09 00:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-10-20 22:05 - 2014-04-09 00:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-20 20:52 - 2014-04-24 22:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-20 20:52 - 2014-04-24 22:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-20 20:52 - 2014-04-24 22:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-20 20:52 - 2014-04-09 00:24 - 00000000 ____D () C:\Users\Venci\AppData\Local\Adobe 2014-10-20 20:33 - 2014-04-17 15:04 - 00000000 ____D () C:\The KMPlayer 2014-10-20 19:58 - 2014-04-09 00:11 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-10-20 19:28 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-10-20 15:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache 2014-10-20 11:40 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-19 13:01 - 2014-04-09 00:09 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-19 13:00 - 2014-04-09 00:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-10-19 02:28 - 2002-01-01 01:49 - 00124432 _____ () C:\Users\Venci\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-19 01:47 - 2009-07-14 07:45 - 00460416 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 19:42 - 2014-04-09 00:04 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\DAEMON Tools Lite 2014-10-17 19:42 - 2014-04-08 19:02 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\uTorrent 2014-10-17 18:05 - 2014-09-19 15:56 - 00000000 ____D () C:\Program Files\Andy 2014-10-17 18:05 - 2002-01-01 01:43 - 00000000 ____D () C:\Users\Venci 2014-10-17 14:08 - 2009-07-14 06:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-10-17 14:08 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-10-17 00:56 - 2009-07-14 08:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-10-17 00:53 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-17 00:53 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2014-10-17 00:53 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-17 00:53 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-10-16 21:48 - 2009-07-14 05:34 - 00000478 _____ () C:\Windows\win.ini 2014-10-16 21:41 - 2014-04-09 11:11 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 21:36 - 2014-04-09 11:11 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-16 20:35 - 2014-04-09 00:28 - 00000000 ____D () C:\Windows\pss 2014-10-16 19:30 - 2014-05-14 13:29 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-10-16 19:23 - 2009-07-14 08:13 - 00912614 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-16 19:13 - 2014-04-09 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-10-15 11:11 - 2009-07-14 08:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-13 13:24 - 2014-07-31 17:19 - 00000000 ____D () C:\Users\Venci\Documents\My Recorded Scripts 2014-10-12 19:48 - 2014-09-03 00:54 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\TeamViewer 2014-10-09 17:48 - 2014-04-09 00:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-07 19:46 - 2014-07-14 23:27 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-10-07 19:44 - 2014-04-14 18:40 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\AIMP3 2014-10-07 17:03 - 2014-04-24 22:07 - 00000000 ____D () C:\Users\Venci\AppData\Roaming\GameRanger 2014-10-07 15:55 - 2014-04-24 22:10 - 00000000 ___RD () C:\Users\Venci\Desktop\Games 2014-10-07 15:49 - 2014-04-24 22:09 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-09-25 18:53 - 2014-04-14 17:59 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-25 18:53 - 2014-04-08 23:44 - 00000000 ____D () C:\ProgramData\Skype 2014-09-21 18:46 - 2014-09-03 00:08 - 00000000 ____D () C:\Users\Venci\VirtualBox VMs Files to move or delete: ==================== C:\ProgramData\ezsid.dat Some content of TEMP: ==================== C:\Users\Venci\AppData\Local\Temp\Quarantine.exe C:\Users\Venci\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe [2014-10-16 20:25] - [2011-01-16 03:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll [2010-11-21 06:24] - [2011-01-16 03:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-20 15:27 ==================== End Of Log ============================ Addition.txt
  15. Здравейте имам следния проблем, при надграждане на системата до windows 10,лаптопът стана адски бавен. при стартирана зарежда адски бавно и диспечъра на задачите показва че хард дискът работи на 100 процента постоянно. незнам от какво се получава това,почистих със CCleaner и фрагментирам със MyDefrag но положението е същото. нямам представа може системата да е заразена и затова пиша тук. Прикачам указаните файлове. Addition.txt FRST.txt
  16. Така, значи проблемът е, че не мога да си вляза във фейса от компютъра, а от телефона се логвам спокойно. При опит да вляза изписва следното съобщение : You account is temporarily locked Unfortunately, your computer may be infected with a virus. Don`t worry. We will help you find and remove any infected files right away. След което му давам продължи и то ми пуска някакъв скан на микрософт есеншълс, който не открива нищо. Сканирах го и онлайн с нод 32, излязоха 4-5 потенциално опасни файла, сложи ги под карантина и пак нищо. Пробвах да си сменя паролата, смених я и от телефона пак си влизам, а от компютъра не мога. Пробвах също така да вляза от 3-те браузъра (експлорер, файър фокс и Гугъл хром) и пак не става през нито един от тях. Вече не знам какво да правя, това е адски изнервящо. Обръщам се към вас с надеждата някой да ми помогне, тъй като не ми се ще да си преинсталирам компютъра, нямам много свободно време. П.С. Извинявам се, ако има друга такава тема, просто ми посочете линк.
  17. Прикачила съм двата файл. Моля да ми кажете дали има проблем. Addition.txtFRST.txt
  18. Здравейте на екипа на HJT Тeam, лаптопа ми забива, излиза това съобщение Your computer is low on memory. A в момента ми е забила антивирусната програма. Ето файловете, ще се радвам на помоща ви. Благодаря. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014 Ran by admin (administrator) on ADMIN-PC on 24-10-2014 10:48:09 Running from C:\Users\admin\Downloads Loaded Profile: admin (Available profiles: admin) Platform: Windows 7 Home Premium (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (BitTorrent, Inc.) D:\Program Files\uTorrent\uTorrent.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-12-01] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [uTorrent] => D:\Program Files\uTorrent\uTorrent.exe [963984 2012-10-28] (BitTorrent, Inc.) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [Facebook Update] => C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [Google Update] => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-28] (Google Inc.) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [Twoo] => C:\Users\admin\AppData\Roaming\Massive Media\Twoo.exe [10476000 2013-10-03] (Massive Media) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-902560758-1637908631-278369674-1000\...\MountPoints2: {cf46c2ef-d06a-11e2-9e32-b4749ffd895d} - F:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=053013 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {11FC8F27-2307-41B5-8245-FF7C49BC604E} URL = http://websearch.ask.com/redirect?client=ie&tb=STT&o=102865&src=crm&q={searchTerms}&locale=&apn_ptnrs=^5M&apn_dtid=^YYYYYY^YY^GB&apn_uid=bf08d7d4-1541-4c1e-a49d-e0600659416d&apn_sauid=46E0423F-9B9C-48A2-8A42-8318498A1116 BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rdyj9r5c.default FF DefaultSearchEngine: Ask.com FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Ask.com FF Homepage: hxxp://www.search.ask.com/?l=dis&o=102865&gct=hp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_215.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_215.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml FF Extension: Avira Browser Safety - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rdyj9r5c.default\Extensions\[email protected] [2014-09-04] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-20] Chrome: ======= CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=053013 CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=053013" CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms} CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language} CHR Plugin: (Shockwave Flash) - C:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Windows LiveВ™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Google Update) - C:\Users\admin\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24] CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-06] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-05-19] CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR HKLM-x32\...\Chrome\Extension: [aaaapkhcbchjhhhbhljkcpmldmflnccm] - C:\Users\admin\AppData\Local\APN\GoogleCRXs\aaaapkhcbchjhhhbhljkcpmldmflnccm_7.15.23.0.crx [] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-28] () S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AIDA64Driver; C:\Program Files\popa666\Aida64X\kerneld.x64 [28320 2012-01-24] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 10:48 - 2014-10-24 10:48 - 00014842 _____ () C:\Users\admin\Downloads\FRST.txt 2014-10-24 10:48 - 2014-10-24 10:48 - 00000000 ____D () C:\FRST 2014-10-24 10:46 - 2014-10-24 10:47 - 02112000 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe 2014-10-23 15:17 - 2014-10-23 15:17 - 03249480 _____ (Unity Technologies ApS) C:\Users\admin\Downloads\UnityWebPlayer.exe 2014-10-21 10:45 - 2014-10-21 10:48 - 00000000 ____D () C:\AdwCleaner 2014-10-21 10:44 - 2014-10-21 10:44 - 01962496 _____ () C:\Users\admin\Downloads\adwcleaner_4.001.exe 2014-10-20 14:06 - 2014-10-20 14:06 - 00074656 _____ () C:\Users\admin\Downloads\FLVPlayer-Chrome (4).exe 2014-10-18 21:41 - 2014-10-18 21:41 - 00000075 _____ () C:\Users\admin\Desktop\Final_ (1).pdf.url 2014-10-17 12:33 - 2014-10-17 12:33 - 00002340 _____ () C:\Users\admin\Downloads\1349467750905.unknown 2014-10-16 15:10 - 2014-10-16 15:10 - 00001093 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-10-16 15:10 - 2014-10-16 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-10-13 20:51 - 2014-10-16 11:07 - 00000000 ____D () C:\Users\admin\AppData\Local\Windows Live 2014-10-12 23:40 - 2014-10-15 17:03 - 00000000 ____D () C:\Users\admin\Desktop\New folder 2014-10-12 22:28 - 2014-10-12 22:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-10-12 14:09 - 2014-10-12 14:09 - 00405792 _____ () C:\Users\admin\Downloads\FLVPlayer-Chrome (3).exe 2014-10-12 14:08 - 2014-10-12 14:08 - 00405792 _____ () C:\Users\admin\Downloads\FLVPlayer-Chrome (2).exe 2014-10-10 11:06 - 2014-10-10 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-09 21:02 - 2014-10-09 21:02 - 00000034 _____ () C:\Users\admin\Downloads\bg (2).m3u 2014-10-09 19:58 - 2014-10-09 19:58 - 00391824 _____ () C:\Users\admin\Downloads\FLVPlayer-Chrome.exe 2014-10-09 19:58 - 2014-10-09 19:58 - 00391824 _____ () C:\Users\admin\Downloads\FLVPlayer-Chrome (1).exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-24 10:34 - 2012-10-28 05:42 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype 2014-10-24 10:18 - 2012-12-28 10:24 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA.job 2014-10-24 10:18 - 2012-11-17 23:04 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA.job 2014-10-24 10:18 - 2012-10-28 08:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-24 10:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-10-23 22:17 - 2012-11-17 23:04 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core.job 2014-10-23 19:16 - 2012-10-28 08:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-23 19:16 - 2012-10-28 08:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-23 19:16 - 2012-10-28 08:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-23 17:53 - 2012-12-28 10:24 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core.job 2014-10-23 17:46 - 2012-10-30 02:11 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps 2014-10-23 12:00 - 2009-07-14 05:51 - 00073536 _____ () C:\Windows\setupact.log 2014-10-23 10:04 - 2013-01-29 23:33 - 00000000 ____D () C:\Users\admin\AppData\Roaming\SoftGrid Client 2014-10-22 20:23 - 2009-07-14 06:13 - 00714754 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-21 10:59 - 2009-07-14 05:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-21 10:59 - 2009-07-14 05:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-21 10:49 - 2013-12-04 22:38 - 00000000 ____D () C:\Users\admin\AppData\Local\Pokki 2014-10-21 10:49 - 2012-10-28 04:16 - 00327680 _____ () C:\Windows\system32\Ikeext.etl 2014-10-21 10:49 - 2012-10-28 04:13 - 00373748 _____ () C:\Windows\PFRO.log 2014-10-21 10:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-21 09:22 - 2014-09-10 00:07 - 00000000 ____D () C:\Users\admin\Desktop\supra 2014-10-18 07:03 - 2012-12-28 10:25 - 00002362 _____ () C:\Users\admin\Desktop\Google Chrome.lnk 2014-10-17 22:08 - 2014-09-06 00:57 - 00005558 _____ () C:\Users\admin\Desktop\adresi geri.ods 2014-10-16 15:10 - 2014-08-05 14:40 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-16 15:10 - 2012-10-28 08:11 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-10-16 15:10 - 2010-12-30 19:57 - 01011475 _____ () C:\Windows\WindowsUpdate.log 2014-10-16 13:30 - 2012-10-27 21:43 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-10-16 13:30 - 2012-10-27 21:43 - 00000000 ____D () C:\ProgramData\Skype 2014-10-12 23:37 - 2014-08-05 16:29 - 00000000 ____D () C:\Users\admin\Desktop\snimki ot tela 2014-10-10 11:06 - 2014-03-02 15:53 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-10-09 11:18 - 2013-05-09 01:16 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-10-09 11:18 - 2013-03-28 18:26 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-10-09 11:18 - 2013-03-28 18:26 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Some content of TEMP: ==================== C:\Users\admin\AppData\Local\Temp\avgnt.exe C:\Users\admin\AppData\Local\Temp\GURD873.exe C:\Users\admin\AppData\Local\Temp\MSN1E3C.exe C:\Users\admin\AppData\Local\Temp\Quarantine.exe C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe C:\Users\admin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-17 12:21 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014 Ran by admin at 2014-10-24 10:49:10 Running from C:\Users\admin\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) „Messenger“ pagalbinė priemonė (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.215 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.215 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Àðõèâàòîð WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation) Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Dragons of Atlantis (HKCU\...\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b) (Version: 1.1.5.54813 - Pokki) Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.) Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.) Easy Network Manager (HKLM-x32\...\{FCF2085E-ABE5-4AA8-B07C-65BBD56DA243}) (Version: 4.4.6 - Samsung) Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.) EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung) ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.) Intel PROSet Wireless (Version: - ) Hidden Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 9.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - ) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Pratilac (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Suradnik (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger 사이트 공유 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger 浏览器插件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.16.00.03 - Huawei Technologies Co.,Ltd) Mozilla Firefox 32.0.2 (x86 bg) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 bg)) (Version: 32.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden Nero 8 Micro v8.0.3.0 (HKLM-x32\...\Nero8030_Micro_is1) (Version: - www.nero.com) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.) Revo Uninstaller 1.80 (HKLM-x32\...\Revo Uninstaller) (Version: 1.80 - VS Revo Group) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.8 - Samsung) Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.) Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.1.0 - Samsung Electronics Co., Ltd.) Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Spremljevalec Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.1000 - SRS Labs, Inc.) Twoo 2.1.1011 (HKCU\...\{AE0A260B-E40D-4B82-B603-2D98BAD7EFDA}_is1) (Version: 2.1.1011 - Massive Media) UpdateMyDrivers (HKLM-x32\...\UpdateMyDrivers) (Version: 9.0.0.10 - SmartTweak Software) UpdateMyDrivers (x32 Version: 9.0.0.10 - SmartTweak Software) Hidden War Thunder Launcher 1.0.1.153 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation) WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Помощник на Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-902560758-1637908631-278369674-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-902560758-1637908631-278369674-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-902560758-1637908631-278369674-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File CustomCLSID: HKU\S-1-5-21-902560758-1637908631-278369674-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-902560758-1637908631-278369674-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0469B813-E120-49DD-9FE8-E6AC2DA269ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23] (Adobe Systems Incorporated) Task: {1FF1617B-18AA-4264-A5F0-DE329EBCAD12} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics) Task: {22BD65CF-D1BE-4A19-B093-AEF00129E9D6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-29] (SRS Labs, Inc.) Task: {34DF6C69-4B82-40D8-BD32-FD6935ACF298} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {354B473A-B60C-449E-9650-3CC362B49397} - System32\Tasks\{B51770B0-3B4F-4634-B1F2-D187D69CEE70} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsBing Task: {36F2497F-EDEA-4E00-B9B7-C25747EA24D9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core => C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-17] (Facebook Inc.) Task: {37639328-A522-4BD7-94D9-FCD2118B1B14} - System32\Tasks\{CEA34408-5F8F-4DA9-82BD-D99A62C33FDC} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsMain Task: {433B9BEA-A6C5-4439-9A89-881A62C103FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.) Task: {456455C1-7E90-4C3D-8310-A60D57051740} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {4A3FA123-436B-461C-90D2-D1615D10BE7B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA => C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-17] (Facebook Inc.) Task: {4BE2BF8D-AD1B-4EFE-AFFC-81E2D106CA93} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.) Task: {4CC4397A-DD57-413B-9C38-03BA2F64B19A} - System32\Tasks\{615C80CD-15B2-4F20-A7EA-D1794F5BD49D} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsMain Task: {50C047CE-7A10-4FF2-A2FA-DBDC10AAFFC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-01] (Samsung Electronics. Co. Ltd.) Task: {51C61342-95FF-4151-B00A-5305C7D81072} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC) Task: {7103B51B-1FF2-466B-B28A-B16054789775} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe Task: {8320EDCE-A0FF-48A1-B8CB-EDEDD893E2A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.) Task: {9E9400CA-38BC-4B7C-9FC5-AF6D01EC6A58} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-01] (Samsung Electronics) Task: {A32965BE-07B3-4CBA-AF31-3ED6F3098258} - System32\Tasks\{D1C9C32A-84D2-4425-B129-CDCE9325656B} => c:\program files (x86)\opera\opera.exe Task: {A863B7C5-0BDF-466E-95CE-1263A1867812} - System32\Tasks\{5EC5AA53-02CB-4350-9DCC-3AF48CB2018A} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsMain Task: {AC10B76B-1144-419F-AC35-BD449A305780} - System32\Tasks\{07F97338-E77B-4086-B642-51E9B438B4A3} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsMain Task: {D7D1EDA3-6EE6-4EC9-AADE-171E4CC564FB} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe Task: {F9426226-D55F-471B-9C7A-EE7F8BBEF683} - System32\Tasks\{3B370A64-2684-4DF5-AC77-0401AAB46118} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/en/abandoninstall?page=tsBing Task: {FDFD6E98-FFD1-463E-B73E-13FF9FA076C1} - System32\Tasks\{9438D677-63D0-42ED-B28D-0E358CBC515A} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsMain Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core.job => C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA.job => C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-902560758-1637908631-278369674-1000UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-10-27 21:42 - 2008-06-05 00:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll 2012-10-28 07:13 - 2005-06-07 13:26 - 00043008 _____ () C:\Program Files (x86)\WinRar\rarext64.dll 2013-06-10 10:27 - 2012-06-28 07:19 - 00233344 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2012-10-27 21:42 - 2010-04-21 00:44 - 00719872 _____ () C:\Windows\system32\SnMinDrv.dll 2012-10-29 05:25 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe 2012-10-29 05:25 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2010-12-30 20:09 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll 2010-12-30 20:16 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== admin (S-1-5-21-902560758-1637908631-278369674-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-902560758-1637908631-278369674-500 - Administrator - Disabled) Guest (S-1-5-21-902560758-1637908631-278369674-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-902560758-1637908631-278369674-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/23/2014 05:46:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0x80000003 Fault offset: 0x004eb612 Faulting process id: 0x100c Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/23/2014 09:34:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error: (10/21/2014 11:42:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0xc0000005 Fault offset: 0x0000881b Faulting process id: 0xed8 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/21/2014 11:01:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error: (10/21/2014 08:52:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error: (10/20/2014 10:30:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0xc0000005 Fault offset: 0x0000881b Faulting process id: 0x13e78 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/20/2014 07:47:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0xc0000005 Fault offset: 0x0000881b Faulting process id: 0x118b4 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/20/2014 05:26:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0xc0000005 Fault offset: 0x0000881b Faulting process id: 0x1758 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/20/2014 02:03:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: chrome.exe, version: 38.0.2125.104, time stamp: 0x5437298b Faulting module name: chrome.dll, version: 38.0.2125.104, time stamp: 0x543726b0 Exception code: 0xc0000005 Fault offset: 0x0001494e Faulting process id: 0x1d35c Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (10/20/2014 02:03:22 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: The Desktop Window Manager has encountered a fatal error (0x8007000e) System errors: ============= Error: (10/23/2014 00:25:43 PM) (Source: bowser) (EventID: 8003) (User: ) Description: The master browser has received a server announcement from the computer SONY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{693B37B2-C9A5-49E4-9874-29C1850C8E18}. The master browser is stopping or an election is being forced. Error: (10/22/2014 09:22:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (10/21/2014 00:18:05 PM) (Source: bowser) (EventID: 8003) (User: ) Description: The master browser has received a server announcement from the computer SONY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{693B37B2-C9A5-49E4-9874-29C1850C8E18}. The master browser is stopping or an election is being forced. Error: (10/21/2014 10:51:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Avira Service Host service to connect. Error: (10/21/2014 10:50:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error: %%-2147196306 Error: (10/21/2014 10:49:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (10/21/2014 10:49:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (10/21/2014 10:49:03 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (10/21/2014 10:48:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s). Error: (10/21/2014 10:48:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (10/23/2014 05:46:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b080000003004eb612100c01cfeed43d97bfbcC:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dll173146cf-5ad4-11e4-96e6-b4749ffd895d Error: (10/23/2014 09:34:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (10/21/2014 11:42:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b0c00000050000881bed801cfed15392ca168C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dllf2ca28a4-590e-11e4-96e6-b4749ffd895d Error: (10/21/2014 11:01:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (10/21/2014 08:52:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (10/20/2014 10:30:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b0c00000050000881b13e7801cfec9652c4a08cC:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dll43bcc913-58a0-11e4-8f92-b4749ffd895d Error: (10/20/2014 07:47:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b0c00000050000881b118b401cfec8c7ecb5baeC:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dll92567cf0-5889-11e4-8f92-b4749ffd895d Error: (10/20/2014 05:26:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b0c00000050000881b175801cfec664bd76aa5C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dlldb8ce349-5875-11e4-8f92-b4749ffd895d Error: (10/20/2014 02:03:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: chrome.exe38.0.2125.1045437298bchrome.dll38.0.2125.104543726b0c00000050001494e1d35c01cfebcdc1f8fa4fC:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\admin\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome.dll785285fc-5859-11e4-8f92-b4749ffd895d Error: (10/20/2014 02:03:22 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: 0x8007000e ==================== Memory info =========================== Processor: Intel® Core i3 CPU M 380 @ 2.53GHz Percentage of memory in use: 52% Total physical RAM: 2932.56 MB Available physical RAM: 1384.92 MB Total Pagefile: 2930.71 MB Available Pagefile: 1099.11 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:142.53 GB) (Free:81.46 GB) NTFS Drive d: (New Volume) (Fixed) (Total:135.46 GB) (Free:120.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 9E731359) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=142.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=135.5 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=20 GB) - (Type=12) ==================== End Of Log ============================
  19. Здравейте колеги ! Имах късмета да си заразя машината със това упорито чудо Sality. Компютъра ми стана тотално неизползваем, сканирах с MBAM и Avast - уж почистиха но инатия вирус отново и отново се появяваше. Принудих се да направя преинсталация, като форматирах само C:\. След преинсталацията сканирах D:\ с Avast без да го отварям предварително. Откри някакви два нови троянеца, но не бяха Sality. Изтрих ги и повече нищо не ми открива. Сега имам няколко въпроса които не са ми ясни: 1) Дали съм почистил всичко след като форматирах само системния партишън ? Възможно ли е да е останало нещо в D:\ и отново да плъзне това чудо ? 2) Sality краде ли пароли от сайтове където имам регистрации ? 3) Ако се наложи нова преинсталация с пълен формат на диска, ще мога ли да си прехвърля някои неща от D:\ които смятам за важни (не са програми или изпълними .exe файлове) на външния хард ? Въобще това нещо е най-гадното с което съм се сблъсквал. Страх ме е да свържа каквито и да е флашки/дискове за да не плъзне заразата по тях, и така цикъла да се повтори. Ще дам каквито е да логове при необходимост, просто от тук насетне ще чакам вашите съвети как да постъпя. Не съм дал нищо все още, тъй като не знам какво точно да предоставя, а и както казах системата е преинсталирана. Благодаря ви предварително !
  20. Някой сайтове не ми ги отваря.. това е от 3 дни. А някой супер бавно ми ги отваря.. не е от интернет доставчика , защото съседа ми е на същият интернет и няма този проблем + това им се обадих и казаха ,че проблема е в мен на 100%. Пробвах с 3 други браузъра.. ресвах рутер безброй пъти, но отново не мога да влизам в някой сайтове.. а единия от тях просто ми е адски нужен... пробва с прокси... става но е много бавно. Ето я и грешката -> Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 Ran by juFo (administrator) on JUFO-PC on 14-12-2014 20:51:15 Running from C:\Users\juFo\Desktop Loaded Profile: juFo (Available profiles: juFo) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Английски (Съединени щати) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Vimisoft Studio) C:\Program Files\IM Magician\vicamon.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Google Inc.) C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-11-16] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [iMMON] => C:\Program Files\IM Magician\Vicamon.exe [143360 2008-07-25] (Vimisoft Studio) HKU\S-1-5-21-1201496608-2706920769-1597985146-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-1201496608-2706920769-1597985146-1000\...\MountPoints2: {34b6628d-6dae-11e4-9bad-001617f028e7} - F:\Setup.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1201496608-2706920769-1597985146-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\kqcrodzg.default FF Homepage: hxxp://www.google.bg/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1201496608-2706920769-1597985146-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\juFo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: ABV Notifier - C:\Users\juFo\AppData\Roaming\Mozilla\Firefox\Profiles\kqcrodzg.default\Extensions\[email protected] [2014-12-08] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\juFo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Документи) - C:\Users\juFo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-21] CHR Extension: (Google Wallet) - C:\Users\juFo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-14] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915784 2014-11-06] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18182984 2014-11-06] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-11-16] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET) R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2014-11-16] (JMicron Technology Corp.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18760 2014-11-06] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33096 2014-10-03] (NVIDIA Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 20:51 - 2014-12-14 20:52 - 00008270 _____ () C:\Users\juFo\Desktop\FRST.txt 2014-12-14 20:51 - 2014-12-14 20:51 - 00000000 ____D () C:\FRST 2014-12-14 20:50 - 2014-12-14 20:50 - 01111552 _____ (Farbar) C:\Users\juFo\Desktop\FRST.exe 2014-12-14 14:25 - 2014-12-14 14:25 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-13 00:54 - 2014-12-13 00:54 - 00020772 _____ () C:\Users\juFo\Desktop\aqos-savaged.2013.uncut.brrip.xvid(subsunacs.net).rar 2014-12-12 23:33 - 2014-12-12 23:33 - 00000000 ____D () C:\Users\juFo\Desktop\zaek 2014-12-12 23:33 - 2014-12-12 23:33 - 00000000 ____D () C:\Users\juFo\Desktop\qke 2014-12-11 21:32 - 2014-12-11 21:32 - 00000000 ____D () C:\Program Files\Counter-Strike 1.6 2014-12-11 17:42 - 2014-12-11 17:42 - 00000000 __SHD () C:\Users\juFo\AppData\Local\EmieUserList 2014-12-11 17:42 - 2014-12-11 17:42 - 00000000 __SHD () C:\Users\juFo\AppData\Local\EmieSiteList 2014-12-11 17:42 - 2014-12-11 17:42 - 00000000 __SHD () C:\Users\juFo\AppData\Local\EmieBrowserModeList 2014-12-11 10:48 - 2014-11-27 03:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-11 10:48 - 2014-11-22 04:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-11 10:48 - 2014-11-22 04:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-11 10:48 - 2014-11-22 04:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-11 10:48 - 2014-11-22 04:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-11 10:48 - 2014-11-22 04:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-11 10:48 - 2014-11-22 04:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-11 10:48 - 2014-11-22 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-11 10:48 - 2014-11-22 04:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-11 10:48 - 2014-11-22 03:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-11 10:48 - 2014-11-22 03:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-11 10:48 - 2014-11-22 03:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-11 10:48 - 2014-11-22 03:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-11 10:48 - 2014-11-22 03:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-11 10:48 - 2014-11-22 03:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-11 10:48 - 2014-11-22 03:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-11 10:48 - 2014-11-22 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-11 10:48 - 2014-11-22 03:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-11 10:48 - 2014-11-22 03:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-11 10:48 - 2014-11-22 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-11 10:48 - 2014-11-22 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-11 10:48 - 2014-11-22 03:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-11 10:48 - 2014-11-22 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-11 10:48 - 2014-11-22 03:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-11 10:48 - 2014-11-22 03:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-11 10:48 - 2014-11-22 03:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-11 10:48 - 2014-11-22 03:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-11 10:48 - 2014-11-22 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-11 10:48 - 2014-11-22 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-11 10:48 - 2014-11-22 02:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-11 10:48 - 2014-11-11 04:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 17:37 - 2014-12-10 17:38 - 00000133 _____ () C:\Users\juFo\Desktop\ITTT.txt 2014-12-09 16:41 - 2014-12-09 16:41 - 00000000 ____D () C:\Windows\XSxS 2014-12-09 16:41 - 2014-12-09 16:41 - 00000000 ____D () C:\Program Files\Xenocode 2014-12-09 16:40 - 2014-12-09 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-12-09 16:40 - 2014-12-09 16:40 - 00001068 _____ () C:\Users\Public\Desktop\Picasa 3.lnk 2014-12-09 13:23 - 2014-12-09 13:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-12-08 19:01 - 2014-12-09 16:54 - 00000000 ____D () C:\Users\juFo\Desktop\baneri 2014-12-08 17:04 - 2014-12-14 20:49 - 00000000 ___HD () C:\Users\juFo\Desktop\.picasaoriginals 2014-12-08 11:43 - 2014-12-08 13:38 - 00000000 ____D () C:\Users\juFo\Desktop\iPhone 4 2014-12-07 12:06 - 2014-12-07 12:06 - 00000636 _____ () C:\Users\juFo\Desktop\L2 - Пряк път.lnk 2014-12-06 21:13 - 2014-12-11 21:37 - 00001165 _____ () C:\Users\juFo\Desktop\Counter Strike 1.6 Non Steam.lnk 2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 2014-12-06 19:22 - 2006-02-04 03:50 - 00005174 _____ () C:\Windows\system32\nppt9x.vxd 2014-12-06 19:22 - 2006-02-04 03:50 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\npptNT2.sys 2014-12-06 19:14 - 2014-12-06 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lineage II 2014-12-06 18:56 - 2014-12-06 18:56 - 00000990 _____ () C:\Users\juFo\Desktop\Axife Mouse Recorder DEMO.lnk 2014-12-06 18:56 - 2014-12-06 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axife Mouse Recorder DEMO 2014-12-06 18:56 - 2014-12-06 18:56 - 00000000 ____D () C:\Program Files\Axife Mouse Recorder DEMO 2014-12-06 18:34 - 2014-12-06 18:34 - 00000000 ____D () C:\Windows\USB Vibration 2014-12-06 18:33 - 2014-12-06 18:33 - 00000000 ____D () C:\Program Files\USB Vibration 2014-12-06 18:33 - 2014-12-06 18:33 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-12-06 18:07 - 2014-12-06 18:07 - 00000331 _____ () C:\Users\juFo\Desktop\Destorus.ru-aatjufo.txt 2014-12-03 17:36 - 2014-12-03 17:36 - 00000000 ___RD () C:\Program Files\Skype 2014-12-03 17:36 - 2014-12-03 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-12-03 17:36 - 2014-12-03 17:36 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-12-03 12:09 - 2014-12-03 12:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-12-02 14:33 - 2014-12-02 14:33 - 00000000 ____D () C:\Users\juFo\AppData\Local\FLT 2014-12-02 14:31 - 2014-12-02 14:32 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\MKKE 2014-12-02 14:30 - 2014-12-02 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Komplete Edition 2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 ____D () C:\Windows\system32\directx 2014-12-01 21:30 - 2014-12-01 21:33 - 00003584 _____ () C:\Users\juFo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-29 20:13 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-29 20:13 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-11-29 20:13 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-29 20:13 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-29 20:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-11-29 20:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-11-29 20:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-11-29 20:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-11-29 20:13 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-11-29 20:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-11-29 20:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-11-29 20:13 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-11-29 20:13 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-11-29 20:13 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-11-29 20:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-29 20:13 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2014-11-29 20:13 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2014-11-29 20:13 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2014-11-29 20:13 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2014-11-29 20:13 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2014-11-29 20:13 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2014-11-29 20:13 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2014-11-29 20:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2014-11-29 20:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2014-11-29 20:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2014-11-29 20:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2014-11-29 20:13 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-11-29 20:13 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-11-29 20:13 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-11-29 20:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2014-11-29 20:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2014-11-29 20:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2014-11-29 20:13 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2014-11-29 20:13 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2014-11-29 20:13 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2014-11-29 20:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2014-11-29 20:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2014-11-29 20:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2014-11-29 20:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2014-11-29 20:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2014-11-29 20:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2014-11-29 20:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2014-11-29 20:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2014-11-29 20:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2014-11-29 20:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2014-11-29 20:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2014-11-29 20:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2014-11-29 20:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2014-11-29 20:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-11-29 20:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2014-11-29 20:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2014-11-29 20:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2014-11-29 20:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2014-11-29 20:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2014-11-29 20:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2014-11-29 20:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2014-11-29 20:13 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2014-11-29 20:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2014-11-29 20:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2014-11-29 20:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2014-11-29 20:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2014-11-29 20:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2014-11-29 20:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2014-11-29 20:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-11-29 20:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2014-11-29 20:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2014-11-29 20:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-11-29 20:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-11-29 20:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-11-29 20:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-11-29 20:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-11-29 20:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-11-29 20:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-11-29 20:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-11-29 20:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-11-29 20:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-11-29 20:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-11-29 20:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-11-29 20:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-11-29 20:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-11-29 20:10 - 2014-11-30 10:15 - 00000000 ____D () C:\Users\juFo\Downloads\Gameforge Live 2014-11-29 20:10 - 2014-11-29 20:10 - 00000000 ____D () C:\Users\juFo\AppData\Local\Gameforge4d 2014-11-29 20:09 - 2014-11-30 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-11-29 20:09 - 2014-11-29 20:12 - 00000000 ____D () C:\Program Files\GameforgeLive 2014-11-27 10:32 - 2014-11-27 10:32 - 00000019 ____H () C:\Windows\Uni47.dat 2014-11-27 08:26 - 2014-11-27 08:30 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Audacity 2014-11-27 08:25 - 2014-11-30 14:39 - 00000000 ____D () C:\Program Files\Audacity 2014-11-26 20:14 - 2014-11-26 20:14 - 00284442 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2014-11-26 20:14 - 2014-11-26 20:14 - 00279940 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-11-26 20:14 - 2014-11-26 20:14 - 00000000 ____D () C:\Program Files\MSXML 4.0 2014-11-26 16:51 - 1999-01-11 01:31 - 00000000 ____D () C:\Users\juFo\Desktop\;p 2014-11-26 07:38 - 2014-11-26 07:38 - 00001763 _____ () C:\Users\Public\Desktop\IM Magician.lnk 2014-11-26 07:38 - 2014-11-26 07:38 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Vimisoft Studio 2014-11-26 07:38 - 2014-11-26 07:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IM Magician 2014-11-26 07:38 - 2014-11-26 07:38 - 00000000 ____D () C:\Program Files\Vimicro Corporation 2014-11-26 07:38 - 2014-11-26 07:38 - 00000000 ____D () C:\Program Files\Common Files\Vimisoft Studio 2014-11-26 07:38 - 2008-07-25 10:17 - 00073728 ____R (Vimicro Corporation) C:\Windows\system32\exvmuvc.ax 2014-11-26 07:38 - 2008-07-09 13:35 - 00446464 _____ (FotoFan) C:\Windows\system32\newlistview2.dll 2014-11-26 07:38 - 2008-07-09 13:35 - 00077824 _____ (FotoFan Studio) C:\Windows\system32\vgf.dll 2014-11-26 07:38 - 2008-01-29 19:00 - 00004608 ___SH () C:\Windows\Thumbs.db 2014-11-26 07:37 - 2014-12-06 19:14 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-11-26 07:37 - 2014-11-26 07:38 - 00000000 ____D () C:\Program Files\IM Magician 2014-11-26 07:37 - 2014-11-26 07:37 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\InstallShield 2014-11-24 15:01 - 2014-11-24 15:01 - 00000000 ____D () C:\Windows\Sun 2014-11-24 15:01 - 2014-11-24 15:01 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\java 2014-11-24 15:00 - 2014-11-24 15:00 - 00000000 ____D () C:\ProgramData\Sun 2014-11-24 15:00 - 2014-11-24 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-24 15:00 - 2014-11-24 15:00 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-11-24 15:00 - 2014-11-24 14:59 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-11-24 14:59 - 2014-11-24 15:01 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-24 14:59 - 2014-11-24 14:59 - 00000000 ____D () C:\Program Files\Java 2014-11-24 14:58 - 2014-11-30 14:39 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\.minecraft 2014-11-23 19:58 - 2014-12-06 19:03 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-11-23 19:58 - 2014-11-25 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElastoMania111 2014-11-23 14:53 - 2014-11-23 14:53 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\TeamViewer 2014-11-23 14:46 - 2014-11-23 14:46 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-11-23 14:46 - 2014-11-23 14:46 - 00000000 ____D () C:\Program Files\TeamViewer 2014-11-21 07:11 - 2014-11-21 07:11 - 00000026 _____ () C:\Windows\neosetup.INI 2014-11-21 07:11 - 2014-11-21 07:11 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Carom3D 2014-11-21 07:11 - 2014-11-21 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carom3D 2014-11-21 07:11 - 2002-07-22 16:11 - 00139264 _____ (Neoact) C:\Windows\NeoUninstall.exe 2014-11-21 07:03 - 2014-11-21 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-21 07:02 - 2014-12-14 20:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-21 07:02 - 2014-12-14 20:13 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-21 07:02 - 2014-12-09 16:40 - 00000000 ____D () C:\Users\juFo\AppData\Local\Google 2014-11-21 07:02 - 2014-12-09 16:40 - 00000000 ____D () C:\Program Files\Google 2014-11-21 06:59 - 2014-11-21 06:59 - 00000000 ____D () C:\Windows\system32\Adobe 2014-11-21 06:49 - 2014-11-21 06:49 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Unity 2014-11-21 06:47 - 2014-11-21 07:29 - 00000000 ____D () C:\Users\juFo\AppData\Local\Unity 2014-11-20 05:18 - 2014-11-20 05:18 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Wargaming.net 2014-11-20 04:37 - 2014-11-20 04:37 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2014-11-20 02:11 - 2014-11-20 02:11 - 00000062 _____ () C:\Users\juFo\Desktop\listen.pls 2014-11-19 03:20 - 2014-11-11 04:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-19 03:20 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-17 04:39 - 2014-11-17 04:39 - 00000000 __SHD () C:\found.000 2014-11-17 03:15 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-11-17 03:15 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-11-17 03:15 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-11-17 03:15 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-11-17 03:14 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-11-16 21:21 - 2014-11-16 21:31 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Winamp 2014-11-16 21:21 - 2014-11-16 21:21 - 00000941 _____ () C:\Users\Public\Desktop\Winamp.lnk 2014-11-16 21:21 - 2014-11-16 21:21 - 00000000 ____D () C:\Program Files\Winamp 2014-11-16 21:21 - 2014-11-16 21:21 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine 2014-11-16 21:21 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-11-16 21:21 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-11-16 20:47 - 2014-09-07 15:47 - 00000080 _____ () C:\Users\juFo\Desktop\Нов текстов документ (3).txt 2014-11-16 20:47 - 2014-09-06 20:05 - 00000346 _____ () C:\Users\juFo\Desktop\Нов текстов документ (2).txt 2014-11-16 20:46 - 2014-11-16 20:46 - 00000000 ____D () C:\Users\juFo\AppData\Local\Criterion Games 2014-11-16 20:45 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2014-11-16 20:45 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2014-11-16 20:45 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2014-11-16 20:45 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2014-11-16 20:45 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2014-11-16 20:45 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2014-11-16 20:34 - 2014-11-16 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise 2014-11-16 20:16 - 2014-07-17 09:08 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2014-11-16 20:13 - 2014-11-16 20:13 - 00000000 ____D () C:\Users\juFo\Documents\My Games 2014-11-16 20:06 - 2014-11-16 20:09 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\DAEMON Tools Lite 2014-11-16 20:06 - 2014-11-16 20:09 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-11-16 20:06 - 2014-11-16 20:06 - 00242240 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-11-16 20:06 - 2014-11-16 20:06 - 00001900 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2014-11-16 20:06 - 2014-11-16 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2014-11-16 20:06 - 2014-11-16 20:06 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite 2014-11-16 18:51 - 2014-12-14 20:31 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Skype 2014-11-16 18:51 - 2014-12-03 17:36 - 00002503 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-11-16 18:51 - 2014-12-03 17:36 - 00000000 ____D () C:\ProgramData\Skype 2014-11-16 18:51 - 2014-11-16 18:51 - 00000000 ____D () C:\Users\juFo\AppData\Local\Skype 2014-11-16 17:52 - 2014-11-16 17:52 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-11-16 17:52 - 2014-11-16 17:52 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-11-16 17:52 - 2014-11-16 17:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-11-16 17:51 - 2014-12-14 20:32 - 01358885 _____ () C:\Windows\WindowsUpdate.log 2014-11-16 17:49 - 2014-11-16 17:51 - 00001355 _____ () C:\Windows\TSSysprep.log 2014-11-16 17:38 - 2014-11-16 07:57 - 00000000 ____D () C:\Windows\Panther 2014-11-16 10:01 - 2014-11-16 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-11-16 10:01 - 2014-11-16 10:01 - 00000000 ____D () C:\ProgramData\ESET 2014-11-16 10:01 - 2014-11-16 10:01 - 00000000 ____D () C:\Program Files\ESET 2014-11-16 09:54 - 2014-11-16 09:54 - 00002560 _____ () C:\Windows\system32\SecuredImage32.dll 2014-11-16 09:53 - 2014-11-16 09:54 - 00000000 ____D () C:\Program Files\Flex Anticheat cs.sector.bg 2014-11-16 09:53 - 2014-11-16 09:53 - 00001235 _____ () C:\Users\juFo\Desktop\Flex Anticheat cs.sector.bg.lnk 2014-11-16 09:50 - 2014-11-16 09:50 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\NVIDIA 2014-11-16 09:16 - 2014-11-16 09:16 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\ProductData 2014-11-16 09:15 - 2014-11-16 09:42 - 00000000 ____D () C:\Program Files\IObit 2014-11-16 09:15 - 2014-11-16 09:15 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Apple Computer 2014-11-16 09:15 - 2014-11-16 09:15 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-16 09:15 - 2014-11-16 09:15 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-11-16 09:14 - 2014-11-16 09:14 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll 2014-11-16 09:14 - 2014-11-16 09:14 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll 2014-11-16 09:14 - 2014-11-16 09:14 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll 2014-11-16 09:14 - 2014-11-16 09:14 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-11-16 09:13 - 2014-11-16 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-11-16 09:12 - 2014-12-14 06:05 - 00000000 ____D () C:\The KMPlayer 2014-11-16 09:12 - 2014-11-16 09:12 - 00000634 _____ () C:\Users\juFo\Desktop\KMPlayer.lnk 2014-11-16 09:12 - 2014-11-16 09:12 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer 2014-11-16 09:12 - 2014-10-18 03:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-16 09:12 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-11-16 09:12 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-16 09:12 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-16 09:12 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-16 09:12 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-11-16 09:12 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-11-16 09:12 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-11-16 09:12 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-11-16 09:12 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-11-16 09:12 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-11-16 09:12 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-11-16 09:12 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-11-16 09:12 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-11-16 09:12 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-11-16 09:10 - 2014-10-10 02:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-16 09:10 - 2014-10-03 03:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-16 09:10 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-16 09:10 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-16 09:10 - 2014-10-03 03:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-16 09:10 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-16 09:10 - 2014-09-19 11:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-16 09:10 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-11-16 09:10 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-11-16 09:10 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-11-16 09:10 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-11-16 09:10 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-16 09:10 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-11-16 09:10 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-11-16 09:10 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-11-16 09:10 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-11-16 09:09 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-16 09:09 - 2014-08-29 03:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-11-16 09:09 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-11-16 09:09 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-11-16 09:09 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-11-16 09:09 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-11-16 09:08 - 2014-08-30 03:50 - 05702656 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-11-16 09:08 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-11-16 09:08 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-11-16 09:08 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-11-16 09:08 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-11-16 09:08 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-11-16 09:08 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-11-16 09:08 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-11-16 09:08 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-11-16 09:08 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-11-16 09:08 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-11-16 09:07 - 2014-10-14 03:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-16 09:07 - 2014-10-14 03:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-16 09:07 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-16 09:07 - 2014-10-14 03:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-16 09:07 - 2014-10-14 03:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-16 09:07 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-11-16 09:07 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-11-16 09:07 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-11-16 09:07 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-11-16 09:07 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-11-16 08:55 - 2014-12-14 20:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-16 08:55 - 2014-12-10 02:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-16 08:55 - 2014-12-10 02:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-16 08:55 - 2014-11-21 07:01 - 00000000 ____D () C:\Windows\system32\Macromed 2014-11-16 08:55 - 2014-11-16 08:55 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Macromedia 2014-11-16 08:55 - 2014-11-16 08:55 - 00000000 ____D () C:\Users\juFo\AppData\Local\Macromedia 2014-11-16 08:54 - 2014-11-16 08:55 - 00000000 ____D () C:\Users\juFo\AppData\Local\Adobe 2014-11-16 08:53 - 2014-12-14 16:40 - 00000000 ____D () C:\Users\juFo\Desktop\ITOPIA 2014-11-16 08:53 - 2014-12-03 15:12 - 00000000 ____D () C:\Users\juFo\Desktop\INTECS 2014-11-16 08:53 - 2014-11-16 08:53 - 00000000 ____D () C:\Windows\system32\Drivers\bg-BG 2014-11-16 08:53 - 2014-11-16 08:53 - 00000000 ____D () C:\Windows\bg-BG 2014-11-16 08:36 - 2014-11-16 08:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-11-16 08:36 - 2014-11-16 08:36 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-11-16 08:36 - 2014-11-16 08:36 - 00000000 ____D () C:\Program Files\Realtek 2014-11-16 08:35 - 2014-11-16 08:35 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2014-11-16 08:35 - 2014-11-16 08:35 - 28062296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 14585432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 11821656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-11-16 08:35 - 2014-11-16 08:35 - 05086984 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 03683416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 03086040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2014-11-16 08:35 - 2014-11-16 08:35 - 02566872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 02140976 _____ () C:\Windows\system32\SStudio.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2014-11-16 08:35 - 2014-11-16 08:35 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01691224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01116248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-11-16 08:35 - 2014-11-16 08:35 - 00987224 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00916696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00890160 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00798296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00265376 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys 2014-11-16 08:35 - 2014-11-16 08:35 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00029496 _____ () C:\Windows\system32\audioLibVc.dll 2014-11-16 08:35 - 2014-11-16 08:35 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll 2014-11-16 08:34 - 2014-11-16 08:34 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll 2014-11-16 08:34 - 2014-11-16 08:34 - 00719064 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2014-11-16 08:34 - 2014-11-16 08:34 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys 2014-11-16 08:34 - 2014-11-16 08:34 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll 2014-11-16 08:34 - 2014-11-16 08:34 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll 2014-11-16 08:34 - 2014-11-16 08:34 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll 2014-11-16 08:30 - 2014-12-09 18:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-16 08:30 - 2014-11-16 08:30 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-16 08:30 - 2014-11-16 08:30 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-11-16 08:30 - 2014-11-16 08:30 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Mozilla 2014-11-16 08:30 - 2014-11-16 08:30 - 00000000 ____D () C:\Users\juFo\AppData\Local\Mozilla 2014-11-16 08:30 - 2014-11-16 08:30 - 00000000 ____D () C:\ProgramData\Mozilla 2014-11-16 08:25 - 2014-11-16 08:25 - 00000355 _____ () C:\Users\juFo\Desktop\My Computer.lnk 2014-11-16 08:24 - 2014-11-16 08:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-16 08:22 - 2014-11-16 08:26 - 00000000 ____D () C:\Users\juFo\AppData\Local\NVIDIA Corporation 2014-11-16 08:21 - 2014-11-16 08:26 - 00000000 ____D () C:\Users\juFo\AppData\Local\NVIDIA 2014-11-16 08:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-11-16 08:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-11-16 08:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-16 08:20 - 2014-11-16 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-16 08:20 - 2014-11-06 19:13 - 02197680 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll 2014-11-16 08:20 - 2014-11-06 19:13 - 01291280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll 2014-11-16 08:18 - 2014-11-16 08:18 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-11-16 08:17 - 2014-10-03 21:23 - 00033096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys 2014-11-16 08:17 - 2014-10-03 21:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll 2014-11-16 08:15 - 2014-11-16 08:15 - 00001193 _____ () C:\Users\juFo\Desktop\AIDA64 Extreme Edition.lnk 2014-11-16 08:15 - 2014-11-16 08:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2014-11-16 08:14 - 2014-11-16 08:14 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\WinRAR 2014-11-16 08:14 - 2014-11-16 08:14 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-11-16 08:14 - 2014-11-16 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-11-16 08:14 - 2014-11-16 08:14 - 00000000 ____D () C:\Program Files\WinRAR 2014-11-16 08:14 - 2014-11-16 08:14 - 00000000 ____D () C:\Program Files\FinalWire 2014-11-16 08:10 - 2014-11-16 08:22 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-11-16 08:10 - 2014-11-16 08:11 - 00000000 ____D () C:\ProgramData\DriverGenius 2014-11-16 08:10 - 2014-11-16 08:10 - 00000000 ____D () C:\Program Files\Driver-Soft 2014-11-16 08:10 - 2014-07-02 21:42 - 04389848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-11-16 08:10 - 2014-07-02 21:42 - 03063256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2014-11-16 08:10 - 2014-07-02 21:42 - 00670552 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-11-16 08:10 - 2014-07-02 21:42 - 00377288 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-11-16 08:10 - 2014-07-02 21:42 - 00062936 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-11-16 08:10 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin 2014-11-16 08:09 - 2014-11-16 08:21 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-11-16 08:09 - 2014-11-16 08:09 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 16122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 14498552 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-11-16 08:09 - 2014-11-16 08:09 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 02814656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2014-11-16 08:09 - 2014-11-16 08:09 - 00021215 _____ () C:\Windows\system32\nvinfo.pb 2014-11-16 08:06 - 2014-11-16 09:15 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\IObit 2014-11-16 08:06 - 2014-11-16 09:15 - 00000000 ____D () C:\ProgramData\IObit 2014-11-16 08:00 - 2014-12-14 20:32 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\uTorrent 2014-11-16 08:00 - 2014-12-06 21:11 - 00058416 _____ () C:\Users\juFo\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-16 08:00 - 2014-11-16 08:00 - 00000849 _____ () C:\Users\juFo\Desktop\µTorrent.lnk 2014-11-16 08:00 - 2014-11-16 08:00 - 00000829 _____ () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-11-16 08:00 - 2014-11-16 08:00 - 00000000 ____D () C:\ProgramData\APN 2014-11-16 07:58 - 2014-11-16 07:58 - 00001417 _____ () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-16 07:58 - 2014-11-16 07:58 - 00000020 ___SH () C:\Users\juFo\ntuser.ini 2014-11-16 07:58 - 2014-11-16 07:58 - 00000000 ____D () C:\Users\juFo\AppData\Roaming\Adobe 2014-11-16 07:58 - 2014-11-16 07:58 - 00000000 ____D () C:\Users\juFo\AppData\Local\VirtualStore 2014-11-16 07:58 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-16 07:58 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\juFo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-16 07:57 - 2014-11-24 14:04 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-16 07:57 - 2014-11-16 07:58 - 00000000 ____D () C:\Users\juFo 2014-11-16 07:57 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-16 07:57 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-16 07:57 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-16 07:57 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-16 07:56 - 2014-11-16 07:56 - 00000000 __SHD () C:\Recovery 2014-11-16 07:56 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-16 07:56 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-16 07:56 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-16 07:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-16 07:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-16 07:56 - 2014-03-02 14:03 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-14 20:48 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-14 20:48 - 2009-07-14 06:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-14 20:47 - 2010-11-20 23:01 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-14 20:40 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-14 20:40 - 2009-07-14 06:39 - 00042688 _____ () C:\Windows\setupact.log 2014-12-12 18:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-12-09 18:17 - 2010-11-20 23:48 - 00010026 _____ () C:\Windows\PFRO.log 2014-12-06 21:01 - 2009-07-14 06:33 - 00269136 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-02 14:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-11-29 20:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-27 12:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-11-26 07:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-11-17 05:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-11-17 04:00 - 2010-11-21 02:46 - 00000000 ____D () C:\Program Files\Windows Journal 2014-11-16 17:52 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-16 17:52 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-16 17:49 - 2010-11-21 02:46 - 00000000 ____D () C:\Windows\CSC 2014-11-16 17:49 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log 2014-11-16 17:37 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-11-16 17:37 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-11-16 08:53 - 2010-11-21 02:38 - 00000000 ____D () C:\Windows\system32\WCN 2014-11-16 08:53 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-11-16 08:53 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-11-16 08:53 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-16 08:53 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker 2014-11-16 08:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-11-16 08:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help 2014-11-16 07:56 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2014-11-16 07:56 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries 2014-11-16 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\Recovery Some content of TEMP: ==================== C:\Users\juFo\AppData\Local\Temp\InstHelper.exe C:\Users\juFo\AppData\Local\Temp\NeoSetup.exe C:\Users\juFo\AppData\Local\Temp\NeoUninstall.exe C:\Users\juFo\AppData\Local\Temp\ochelper.dll C:\Users\juFo\AppData\Local\Temp\ochelper.exe C:\Users\juFo\AppData\Local\Temp\PIPInstaller_PTV_.exe C:\Users\juFo\AppData\Local\Temp\Uninstall.exe C:\Users\juFo\AppData\Local\Temp\utt3523.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-06 00:31 ==================== End Of Log ============================ Addition.txt
  21. Здравейте, преди малко инсталирах Daemon Tools на компютъра си, но към нея се инсталира и някакъв друг софтуер ( omiga- plus), явно злонамерен. Опитах се да го деинсталирам, но не става. Ако някой може да ми помогне ще съм му много благодарен!
  22. Пускам компа и веднага започва да излиза за 1-2 секунди малко прозорче "Client has stopped working" , затваря се , излиза пак , пак се затваря и т.н. В таск мениджъра видях , че е свързано с някакъв Microsoft NET error . Възможно ли е да е вирус? Сканирах и антивирусната изкарва един куп файлове , до които не е получила достъп (главно amd 64).
  23. Здравейте! Искам да помоля за помощ... Лаптопа ми е много бавен. Преди да пусна темата пробвах всички съвети от колегата icotonev. Имаше някакво задвижване от страна на лаптопа не не е нещо драстично. Още се товари и зарежда много бавно. Защитен съм с Nod32, не е оригинален... username и password е. Не знам дали е добра антивирусна. Прикачих файловете от FRST програмата. ПС: В момента съм много зает и може да се забавям малко с отговорите. Мерси предварително за помощта! FRST.txt Addition.txt
  24. Напоследък лаптопа ми стана много бавен, дълго чакам да ми зареди дадена програма и увисва на моменти, имах някакъв вирус hi.ru ама уж го махнах с mbam ама не съм сигурен компа продължава да е бавен. Чистя си го с CCleaner от време на време, сканирам си го с mbam, нямам излишни програми за стартиране, нямам и антивирусна ползвам вградената и пак е бавен. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015 Ran by Galin_2 (administrator) on GALIN on 21-02-2015 19:32:11 Running from C:\Users\Galin_2\Desktop Loaded Profiles: Galin_2 (Available profiles: User & Galin_2) Platform: Windows 8.1 Pro (X64) OS Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (AMD) C:\Windows\System32\atieclxx.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\ProgramData\Package Cache\{8c13edfc-064c-4ba0-91cd-5b04248be882}\vs_ultimate.exe (Microsoft Corporation) C:\ProgramData\Package Cache\{8c13edfc-064c-4ba0-91cd-5b04248be882}\vs_ultimate.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (J.C. Kessels ) C:\Users\Galin_2\Desktop\MyDefrag-v4.3.1.exe () C:\Users\Galin_2\AppData\Local\Temp\is-UHQR5.tmp\MyDefrag-v4.3.1.tmp (J.C. Kessels ) C:\Users\Galin_2\Desktop\MyDefrag-v4.3.1.exe () C:\Users\Galin_2\AppData\Local\Temp\is-DF9I2.tmp\MyDefrag-v4.3.1.tmp (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\RunOnce: [{8c13edfc-064c-4ba0-91cd-5b04248be882}] => C:\ProgramData\Package Cache\{8c13edfc-064c-4ba0-91cd-5b04248be882}\vs_ultimate.exe [1128032 2015-02-08] (Microsoft Corporation) <===== ATTENTION HKU\S-1-5-21-3194590359-1798276408-3218949495-1005\...\Run: [] => [X] HKU\S-1-5-21-3194590359-1798276408-3218949495-1005\...\MountPoints2: D - "D:\vs_ultimate.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Hosts: Hosts file not detected in the default directory Tcpip\..\Interfaces\{B762F04B-85AC-434F-A21A-EF197EE55EC1}: [NameServer] 8.8.8.8 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.bg/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-11] CHR Extension: (Google Docs) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-11] CHR Extension: (Google Drive) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-11] CHR Extension: (YouTube) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-11] CHR Extension: (Google Search) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-11] CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2014-12-14] CHR Extension: (Google Sheets) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-11] CHR Extension: (EditThisCookie) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-11-11] CHR Extension: (Google Wallet) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-11] CHR Extension: (Gmail) - C:\Users\Galin_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-11] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-02-08] (Microsoft Corporation) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [File not signed] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2014-11-10] (Visicom Media Inc.) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [36000 2014-11-10] (Visicom Media Inc.) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 19:32 - 2015-02-21 19:32 - 00010446 _____ () C:\Users\Galin_2\Desktop\FRST.txt 2015-02-21 19:32 - 2015-02-21 19:32 - 00000875 _____ () C:\Users\Public\Desktop\MyDefrag.lnk 2015-02-21 19:32 - 2015-02-21 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2015-02-21 19:32 - 2015-02-21 19:32 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1 2015-02-21 19:32 - 2015-02-21 19:32 - 00000000 ____D () C:\FRST 2015-02-21 19:31 - 2015-02-21 19:31 - 02086912 _____ (Farbar) C:\Users\Galin_2\Desktop\FRST64.exe 2015-02-21 19:27 - 2015-02-21 19:28 - 02082630 _____ (J.C. Kessels ) C:\Users\Galin_2\Desktop\MyDefrag-v4.3.1.exe 2015-02-21 19:10 - 2015-02-21 19:10 - 00007605 _____ () C:\Users\Galin_2\AppData\Local\Resmon.ResmonCfg 2015-02-21 18:52 - 2015-02-21 18:52 - 00015586 _____ () C:\Users\Galin_2\Desktop\Microsoft.Visual.Studio.Ultimate.2012-REMEDY.torrent 2015-02-21 18:44 - 2015-02-21 18:44 - 00000000 ____D () C:\Users\Galin_2\Desktop\CABUHardwareSalesAndInventory 2015-02-21 18:43 - 2015-02-21 18:44 - 00528612 _____ () C:\Users\Galin_2\Desktop\cabuhardwaresalesandinventory.zip 2015-02-15 16:59 - 2015-01-23 06:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-15 16:59 - 2015-01-23 05:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-15 16:42 - 2015-02-15 16:45 - 00432176 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-14 14:18 - 2015-02-14 14:22 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Dev-Cpp 2015-02-14 14:13 - 2015-02-14 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-02-14 14:11 - 2015-02-14 14:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-02-14 14:11 - 2015-02-14 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-02-14 14:04 - 2015-02-14 14:04 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\AMD 2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2015-02-12 08:21 - 2015-02-12 08:39 - 00000000 ____D () C:\Users\Galin_2\Desktop\Нова папка 2015-02-12 08:20 - 2015-02-12 16:51 - 00000000 ____D () C:\Users\Galin_2\Desktop\pic 2015-02-12 07:57 - 2015-02-12 07:57 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-02-11 20:57 - 2015-02-12 22:04 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Notepad++ 2015-02-11 20:57 - 2015-02-11 20:57 - 00001056 _____ () C:\Users\Public\Desktop\XML Marker 2.lnk 2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XML Marker 2 2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ____D () C:\Program Files (x86)\XML Marker 2 2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2015-02-11 20:49 - 2015-02-21 19:04 - 00000000 ____D () C:\Users\Galin_2\Desktop\KST 6 semestur 2015-02-11 20:47 - 2015-02-11 20:47 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-02-11 20:42 - 2015-01-14 00:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 20:42 - 2015-01-14 00:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 20:42 - 2015-01-12 05:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 20:42 - 2015-01-12 04:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 20:42 - 2015-01-12 04:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 20:42 - 2015-01-12 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 20:42 - 2015-01-12 04:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-02-11 20:42 - 2015-01-12 04:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 20:42 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 20:42 - 2015-01-12 04:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 20:42 - 2015-01-12 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 20:42 - 2015-01-12 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 20:42 - 2015-01-12 04:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 20:42 - 2015-01-12 03:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-02-11 20:42 - 2015-01-12 03:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-02-11 20:42 - 2015-01-12 03:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-02-11 20:42 - 2015-01-12 03:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 20:42 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 20:42 - 2015-01-12 03:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 20:42 - 2015-01-12 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 20:42 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 20:42 - 2015-01-12 03:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 20:42 - 2015-01-12 03:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-02-11 20:42 - 2015-01-12 03:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-02-11 20:42 - 2015-01-12 03:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-02-11 20:42 - 2015-01-12 03:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 20:42 - 2015-01-12 03:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-02-11 20:42 - 2015-01-12 03:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 20:42 - 2015-01-12 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 20:42 - 2015-01-12 03:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 20:42 - 2015-01-12 03:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 20:42 - 2015-01-12 03:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 20:42 - 2015-01-12 03:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 20:42 - 2015-01-12 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 20:42 - 2015-01-12 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 20:42 - 2015-01-12 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 20:42 - 2015-01-10 11:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 20:42 - 2015-01-10 11:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-02-11 20:42 - 2015-01-10 10:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-02-11 20:42 - 2015-01-10 09:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 20:42 - 2015-01-10 08:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 20:42 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 20:42 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 20:42 - 2014-12-09 01:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml 2015-02-11 20:42 - 2014-10-29 04:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-02-11 20:42 - 2014-10-29 04:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-02-11 20:42 - 2014-10-29 03:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-02-11 20:42 - 2014-10-29 03:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-02-11 20:42 - 2014-10-29 03:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-02-11 20:42 - 2014-10-29 03:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-02-11 20:42 - 2014-10-29 03:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-02-11 20:42 - 2014-10-29 03:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-02-11 20:41 - 2015-02-04 01:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 20:41 - 2015-02-04 01:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 20:41 - 2015-02-04 01:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 20:41 - 2015-02-03 01:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 20:41 - 2015-02-03 01:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 20:41 - 2015-02-03 01:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 20:41 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-02-11 20:41 - 2015-01-10 10:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-09 21:04 - 2015-02-09 21:04 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\NuGet 2015-02-09 20:54 - 2015-02-14 14:05 - 00000000 ____D () C:\Users\Galin_2\AppData\Local\Adobe 2015-02-08 21:39 - 2015-02-09 21:05 - 00000000 ____D () C:\Users\Galin_2\Documents\Visual Studio 2013 2015-02-08 21:34 - 2015-02-08 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2015-02-08 21:33 - 2015-02-08 21:33 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions 2015-02-08 21:33 - 2015-02-08 21:33 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK 2015-02-08 21:32 - 2015-02-08 21:32 - 00000000 ____D () C:\Program Files\Windows Identity Foundation 2015-02-08 21:30 - 2015-02-08 21:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2015-02-08 21:30 - 2015-02-08 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-02-08 21:21 - 2015-02-08 21:21 - 00000000 ____D () C:\Program Files\IIS Express 2015-02-08 21:21 - 2015-02-08 21:21 - 00000000 ____D () C:\Program Files (x86)\IIS Express 2015-02-08 21:19 - 2015-02-08 21:20 - 00000000 ____D () C:\Program Files\IIS 2015-02-08 21:19 - 2015-02-08 21:19 - 00000000 ____D () C:\Program Files (x86)\IIS 2015-02-08 21:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-02-08 21:17 - 2015-02-08 21:27 - 00000000 ____D () C:\Program Files (x86)\Windows Kits 2015-02-08 21:10 - 2015-02-08 21:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer 2015-02-08 21:08 - 2015-02-21 19:27 - 00000000 ____D () C:\Windows\SysWOW64\1033 2015-02-08 20:58 - 2015-02-21 19:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-02-08 20:58 - 2015-02-21 19:30 - 00000000 ____D () C:\Windows\system32\1033 2015-02-08 20:58 - 2015-02-08 20:58 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe 2015-02-08 20:58 - 2015-02-08 20:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf 2015-02-08 20:58 - 2015-02-08 20:58 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool 2015-02-08 20:55 - 2015-02-21 19:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2015-02-08 20:55 - 2015-02-08 20:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0 2015-02-08 20:53 - 2015-02-21 18:56 - 01882837 _____ () C:\Windows\WindowsUpdate.log 2015-02-08 20:53 - 2015-02-08 20:56 - 00000000 ____D () C:\AdwCleaner 2015-02-08 20:49 - 2015-02-08 20:50 - 02112512 _____ () C:\Users\Galin_2\Downloads\adwcleaner_4.110.exe 2015-02-08 20:49 - 2015-02-08 20:49 - 00753184 _____ () C:\Users\Galin_2\Downloads\Adware-Removal-Tool-v3.9.1.exe 2015-02-08 20:09 - 2015-02-11 20:47 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-02-08 20:06 - 2015-02-08 20:06 - 00001056 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk 2015-02-08 19:57 - 2015-02-08 19:57 - 00001562 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2015-02-08 19:51 - 2015-02-08 20:08 - 00000000 ____D () C:\Program Files\Adobe 2015-02-01 13:27 - 2015-02-01 13:27 - 05325208 _____ (Piriform Ltd) C:\Users\Galin_2\Downloads\ccsetup502.exe 2015-02-01 13:19 - 2015-02-01 13:19 - 00000000 ____D () C:\Windows\pss 2015-02-01 13:17 - 2015-02-01 13:17 - 00000000 ____D () C:\ProgramData\BootRacer 2015-02-01 13:16 - 2015-02-01 13:17 - 00004096 ____H () C:\Users\Public\Documents\bootracer.his 2015-02-01 13:09 - 2015-02-01 13:25 - 00037185 ____H () C:\Users\Public\Documents\bootracer.log 2015-02-01 13:09 - 2015-02-01 13:25 - 00000640 ____H () C:\Users\Public\Documents\bootracer.ini 2015-02-01 13:09 - 2015-02-01 13:09 - 00000000 ____D () C:\Users\Galin_2\AppData\Local\ESET 2015-02-01 12:54 - 2015-02-01 12:55 - 04669510 _____ () C:\Users\Galin_2\Downloads\bootracer_free.zip 2015-02-01 12:48 - 2015-02-01 12:48 - 00012592 _____ () C:\Users\Galin_2\Downloads\ESET Smart Security 8.0.304.1 Final & ESET NOD32 Antivirus System 8.0.304.1 Final (32bit & 64bit).torrent 2015-01-26 21:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2015-01-26 21:18 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-01-23 14:00 - 2015-01-23 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ 2015-01-23 13:59 - 2015-01-23 14:00 - 00000000 ____D () C:\Dev-Cpp 2015-01-23 13:58 - 2015-01-23 13:58 - 09326468 _____ () C:\Users\Galin_2\Downloads\devcpp4.9.9.2_setup.exe 2015-01-23 11:44 - 2015-01-23 11:44 - 00000000 ____D () C:\ProgramData\Origin 2015-01-23 11:44 - 2015-01-23 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-01-23 11:43 - 2015-01-23 11:44 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-23 11:17 - 2015-01-23 11:44 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-01-23 11:16 - 2015-01-23 11:43 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts 2015-01-23 11:16 - 2015-01-23 11:16 - 00000060 _____ () C:\Windows\wininit.ini 2015-01-23 11:15 - 2015-01-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE 2015-01-23 11:14 - 2015-02-14 14:40 - 00083594 _____ () C:\Windows\system32\perfh002.dat 2015-01-23 11:14 - 2015-02-14 14:40 - 00025730 _____ () C:\Windows\system32\perfc002.dat 2015-01-23 11:11 - 2015-02-21 19:15 - 00000000 ____D () C:\Program Files\MSBuild 2015-01-23 11:11 - 2015-02-08 20:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-01-23 11:11 - 2015-01-23 11:11 - 00000000 ____D () C:\Program Files\Reference Assemblies 2015-01-23 11:11 - 2015-01-23 11:11 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2015-01-23 11:02 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2015-01-23 11:02 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-01-23 11:02 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2015-01-23 11:02 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-01-23 10:58 - 2015-01-23 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-01-23 10:57 - 2015-01-23 10:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-01-22 21:52 - 2015-01-23 11:22 - 00000000 ____D () C:\Users\Galin_2\Documents\Electronic Arts 2015-01-22 21:31 - 2008-09-04 20:17 - 00447752 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2015-01-22 21:20 - 2015-02-12 16:41 - 00038400 ___SH () C:\Users\Galin_2\Downloads\Thumbs.db 2015-01-22 21:06 - 2015-01-22 21:06 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\PowerISO 2015-01-22 21:03 - 2015-01-22 21:03 - 00000000 ____D () C:\Users\Galin_2\Downloads\My Dictionaries 2015-01-22 21:03 - 2011-11-18 03:46 - 01615360 _____ (Stefan Angelov) C:\Users\Galin_2\Downloads\Diction.exe 2015-01-22 21:03 - 2011-11-18 02:18 - 00007355 _____ () C:\Users\Galin_2\Downloads\EngHelp.htm 2015-01-22 21:03 - 2011-11-18 02:10 - 00015305 _____ () C:\Users\Galin_2\Downloads\BgHelp.htm 2015-01-22 21:03 - 2009-10-01 15:52 - 05896179 _____ () C:\Users\Galin_2\Downloads\engbul.dat 2015-01-22 21:03 - 2009-09-29 08:59 - 00008136 _____ () C:\Users\Galin_2\Downloads\Tips.sad 2015-01-22 21:03 - 2009-09-27 18:10 - 04891299 _____ () C:\Users\Galin_2\Downloads\buleng.dat 2015-01-22 21:03 - 2008-07-21 13:18 - 01146880 _____ () C:\Users\Galin_2\Downloads\Bul_Eng.dic 2015-01-22 21:03 - 2008-07-21 13:18 - 01056768 _____ () C:\Users\Galin_2\Downloads\Eng_Bul.dic 2015-01-22 21:03 - 2008-07-21 13:18 - 00281444 _____ () C:\Users\Galin_2\Downloads\SAFonB.ttf 2015-01-22 21:03 - 2008-07-21 13:18 - 00268752 _____ () C:\Users\Galin_2\Downloads\SAFon.ttf 2015-01-22 21:03 - 2008-07-21 13:18 - 00112640 _____ () C:\Users\Galin_2\Downloads\Exam.exe 2015-01-22 20:59 - 2015-01-22 21:02 - 08138498 _____ () C:\Users\Galin_2\Downloads\saplatform.com_12beta1.zip 2015-01-22 20:25 - 2015-01-22 20:26 - 09471280 _____ () C:\Users\Galin_2\Downloads\BitComet_1.37_x64_setup.exe 2015-01-22 20:02 - 2015-01-22 20:02 - 00022880 _____ () C:\Users\Galin_2\Downloads\The.Sims.4-RELOADED.torrent ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 19:25 - 2014-11-11 17:34 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3194590359-1798276408-3218949495-1005 2015-02-21 19:23 - 2014-11-11 17:04 - 00001018 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-21 19:18 - 2014-11-11 19:09 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\uTorrent 2015-02-21 19:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2015-02-21 19:08 - 2014-11-11 17:28 - 00000000 ____D () C:\Users\Galin_2\AppData\Local\Packages 2015-02-21 18:49 - 2014-12-31 21:41 - 00246272 ___SH () C:\Users\Galin_2\Desktop\Thumbs.db 2015-02-21 18:48 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-02-21 18:36 - 2014-12-31 20:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-21 18:33 - 2014-11-11 17:28 - 00000000 ____D () C:\Users\Galin_2 2015-02-21 18:33 - 2014-11-11 17:04 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-21 18:33 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-21 18:29 - 2014-11-11 18:54 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-15 16:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-02-15 16:55 - 2014-11-11 17:47 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F0478AA-DACD-4621-9AE1-3C322F78D00A} 2015-02-15 16:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-02-15 16:36 - 2014-11-11 16:45 - 00000000 __SHD () C:\Recovery 2015-02-14 14:40 - 2013-09-30 06:22 - 01006732 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-14 14:37 - 2014-12-31 19:53 - 00000000 ____D () C:\KMPlayer 2015-02-14 14:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2015-02-14 14:28 - 2014-11-11 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-14 14:17 - 2014-12-23 12:49 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-14 14:17 - 2014-12-23 12:49 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-14 14:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-02-14 14:13 - 2015-01-01 20:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-14 14:13 - 2015-01-01 20:14 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-14 14:07 - 2014-11-11 17:29 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Adobe 2015-02-12 08:12 - 2015-01-01 18:36 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\TeamViewer 2015-02-11 20:53 - 2015-01-17 16:44 - 00000000 ____D () C:\ProgramData\Adobe 2015-02-11 20:49 - 2014-11-11 17:45 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-02-11 20:49 - 2014-11-11 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-02-11 20:36 - 2014-11-11 19:01 - 00000000 ____D () C:\ProgramData\KMSAutoS 2015-02-09 20:58 - 2014-11-11 17:02 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-08 21:31 - 2014-11-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2015-02-08 21:31 - 2014-11-11 18:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2015-02-08 20:16 - 2014-11-11 17:04 - 00003990 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-08 20:16 - 2014-11-11 17:04 - 00003754 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-08 20:10 - 2015-01-17 16:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-02-08 19:40 - 2014-11-11 17:39 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\ClassicShell 2015-02-05 20:49 - 2015-01-01 18:06 - 00000000 ____D () C:\Users\Galin_2\AppData\Roaming\Skype 2015-02-03 21:31 - 2013-08-22 17:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-03 21:31 - 2013-08-22 17:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-01 13:31 - 2014-12-31 17:21 - 00000000 ___DC () C:\Users\Galin_2\AppData\Local\MigWiz 2015-02-01 13:31 - 2014-11-11 16:42 - 00000000 ____D () C:\Windows\Panther 2015-02-01 13:28 - 2014-11-11 17:17 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-23 11:38 - 2015-01-01 16:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information ==================== Files in the root of some directories ======= 2015-02-21 19:10 - 2015-02-21 19:10 - 0007605 _____ () C:\Users\Galin_2\AppData\Local\Resmon.ResmonCfg Files to move or delete: ==================== C:\ProgramData\Package Cache\{8c13edfc-064c-4ba0-91cd-5b04248be882}\vs_ultimate.exe Some content of TEMP: ==================== C:\Users\Galin\AppData\Local\Temp\utt9CFC.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-08 20:19 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015 Ran by Galin_2 at 2015-02-21 19:33:54 Running from C:\Users\Galin_2\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3194590359-1798276408-3218949495-1005\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Photoshop CC 2014.2.2 (HKLM-x32\...\Adobe Photoshop CC 2014.2.2) (Version: - ) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Azada - Ancient Magic (HKLM-x32\...\Azada - Ancient Magic1.0.6) (Version: 1.0.6 - Big Fish Games) Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - ) Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV) KMSpico v9.0.6.20131120 (HKLM\...\KMSpico_is1) (Version: 9.0.6.20131120 - ) Malwarebytes Anti-Malware, версия 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) ManyCam 4.1.0 (HKLM-x32\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{8c13edfc-064c-4ba0-91cd-5b04248be882}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden SHReK the THiRD (HKLM-x32\...\InstallShield_{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}) (Version: 1.00.0000 - Activision) SHReK the THiRD (x32 Version: 1.00.0000 - Activision) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts) The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) WinRAR 5.20 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.3 - win.rar GmbH) XML Marker version 2.2 (HKLM-x32\...\{C47C1D8C-417A-4DE9-B8AE-C9D4A8B7BE79}_is1) (Version: 2.2 - Symbol Click Software) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 09-02-2015 20:56:26 Microsoft Visual Studio Ultimate 2013 09-02-2015 20:57:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 14-02-2015 14:01:32 Windows Update 21-02-2015 18:22:31 Windows Update ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {32234430-C2CD-45CB-B890-AB0C3C3E067C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {3864FC54-8EC0-470D-A893-F32790D24BF8} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-11-20] () Task: {3CA84353-A78E-4BCF-AA17-6B95E8F5BB84} - System32\Tasks\{1FE490ED-2B10-47C2-8CE5-D183DA4AC2D7} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.64.106&amp;LastError=12007 Task: {46971730-EE2F-46FA-ACF7-1B9FB1E4B38B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {54298093-12CF-430D-9DA6-934570CD3D2D} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2014-10-13] (MSfree Inc.) Task: {5DDC5FEC-DA11-48EF-A70E-5E62301AF988} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {86C4F195-FA24-46DC-8E69-61ED08760426} - System32\Tasks\{A7E9E41A-41C5-400A-9293-6C859B14C4C6} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.64.106&amp;LastError=12007 Task: {927AB4EB-08F8-4BBB-A8A9-28340EE74A88} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {AB443EE7-F436-4069-A5F0-EE07B455276B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {B7B95941-B5EB-446D-A0C9-6D1E88BAB162} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-11] (Google Inc.) Task: {D16627B5-B839-4DAE-BD52-4DC185FFEA42} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-14] (Microsoft Corporation) Task: {E729BBA4-EF81-4A45-BD0D-B241F240C078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-11] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-02-21 19:23 - 2015-02-18 00:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-21 19:23 - 2015-02-18 00:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-21 19:23 - 2015-02-18 00:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll 2015-02-21 19:23 - 2015-02-18 00:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Galin\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3194590359-1798276408-3218949495-1005\Control Panel\Desktop\\Wallpaper -> DNS Servers: 8.8.8.8 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: BootRacerServ => 2 MSCONFIG\Services: CltMngSvc => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\Run: => "StartCCC" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "SpUninstallCleanUp" ==================== Accounts: ============================= Administrator (S-1-5-21-3194590359-1798276408-3218949495-500 - Administrator - Disabled) Galin_2 (S-1-5-21-3194590359-1798276408-3218949495-1005 - Administrator - Enabled) => C:\Users\Galin_2 Guest (S-1-5-21-3194590359-1798276408-3218949495-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3194590359-1798276408-3218949495-1003 - Limited - Enabled) User (S-1-5-21-3194590359-1798276408-3218949495-1001 - Administrator - Enabled) => C:\Users\Galin ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/21/2015 07:27:55 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: ) Description: Help Content Manager exited with error: NoBooksToUninstall Error: (02/21/2015 07:01:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program CCleaner64.exe version 5.2.0.5101 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2b0 Start Time: 01d04df7f2bbabb6 Termination Time: 3 Application Path: C:\Program Files\CCleaner\CCleaner64.exe Report Id: 3fe88c45-b9eb-11e4-826b-0024250c7ca5 Faulting package full name: Faulting package-relative application ID: Error: (02/21/2015 06:57:18 PM) (Source: MsiInstaller) (EventID: 11704) (User: galin) Description: Product: Microsoft Visual Studio 2013 Preparation -- Error 1704. An installation for Microsoft Office Professional Plus 2013 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? Error: (02/15/2015 04:43:35 PM) (Source: Microsoft-Windows-WMI) (EventID: 5601) (User: NT AUTHORITY) Description: The Windows Management Instrumentation Service failed to load the repository files under the directory %windir%\system32\wbem\repository. This can be caused by a corruption in the repository files, security settings on this directory, lack of disk space, or other system resource issues like lack of memory. If this error happens every time the machine is rebooted then the administrator on this machine may need to stop WMI Service, review the security setting on this folder and files under this folder, and run WMIDiag to validate the health of Windows Management Instrumentation Error: (02/14/2015 02:37:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program KMPlayer.exe version 3.9.0.128 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: fe4 Start Time: 01d04852d0ec9740 Termination Time: 4294967295 Application Path: C:\KMPlayer\KMPlayer.exe Report Id: 3981f696-b446-11e4-8266-0024250c7ca5 Faulting package full name: Faulting package-relative application ID: Error: (02/14/2015 02:25:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 15.0.4675.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: e84 Start Time: 01d048511e8a8953 Termination Time: 15 Application Path: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE Report Id: 784bbea9-b444-11e4-8266-0024250c7ca5 Faulting package full name: Faulting package-relative application ID: Error: (02/14/2015 02:22:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: g++.exe, версия: 0.0.0.0, времево клеймо: 0x414e8b7d Име на модул с грешки: unknown, версия: 0.0.0.0, времево клеймо: 0x00000000 Код на изключение: 0xc0000005 Отместване на грешка: 0x00000000 ИД на процес на грешка: 0x8fc Начален час на приложението с грешки: 0xg++.exe0 Път на приложението с грешки: g++.exe1 Път на модула с грешки: g++.exe2 ИД на доклад: g++.exe3 Пълно име на пакета с грешка: g++.exe4 ИД на свързаното с пакета с грешка приложение: g++.exe5 Error: (02/14/2015 02:21:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: g++.exe, версия: 0.0.0.0, времево клеймо: 0x414e8b7d Име на модул с грешки: unknown, версия: 0.0.0.0, времево клеймо: 0x00000000 Код на изключение: 0xc0000005 Отместване на грешка: 0x00000000 ИД на процес на грешка: 0xdd4 Начален час на приложението с грешки: 0xg++.exe0 Път на приложението с грешки: g++.exe1 Път на модула с грешки: g++.exe2 ИД на доклад: g++.exe3 Пълно име на пакета с грешка: g++.exe4 ИД на свързаното с пакета с грешка приложение: g++.exe5 Error: (02/14/2015 02:21:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: g++.exe, версия: 0.0.0.0, времево клеймо: 0x414e8b7d Име на модул с грешки: unknown, версия: 0.0.0.0, времево клеймо: 0x00000000 Код на изключение: 0xc0000005 Отместване на грешка: 0x00000000 ИД на процес на грешка: 0xa6c Начален час на приложението с грешки: 0xg++.exe0 Път на приложението с грешки: g++.exe1 Път на модула с грешки: g++.exe2 ИД на доклад: g++.exe3 Пълно име на пакета с грешка: g++.exe4 ИД на свързаното с пакета с грешка приложение: g++.exe5 Error: (02/14/2015 02:06:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 System errors: ============= Error: (02/21/2015 06:34:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Service KMSELDI беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (02/21/2015 06:33:19 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/21/2015 06:33:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/21/2015 06:32:09 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (02/21/2015 06:33:00 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 18:30:57 on ‎21.‎2.‎2015 ‎г. was unexpected. Error: (02/15/2015 04:48:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Неуспешно инсталиране: Windows не успя да инсталира следната актуализация с грешка 0x80248007: Definition Update for Windows Defender - KB2267602 (Definition 1.191.4757.0). Error: (02/15/2015 04:46:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Service KMSELDI беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (02/15/2015 04:45:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/15/2015 04:43:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга Superfetch прекъсна със следната грешка: %%19 Error: (02/15/2015 04:42:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Microsoft Office Sessions: ========================= Error: (02/21/2015 07:27:55 PM) (Source: HlpCtntMgr) (EventID: 1003) (User: ) Description: Help Content Manager exited with error: NoBooksToUninstall Error: (02/21/2015 07:01:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: CCleaner64.exe5.2.0.51012b001d04df7f2bbabb63C:\Program Files\CCleaner\CCleaner64.exe3fe88c45-b9eb-11e4-826b-0024250c7ca5 Error: (02/21/2015 06:57:18 PM) (Source: MsiInstaller) (EventID: 11704) (User: galin) Description: Product: Microsoft Visual Studio 2013 Preparation -- Error 1704. An installation for Microsoft Office Professional Plus 2013 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL) Error: (02/15/2015 04:43:35 PM) (Source: Microsoft-Windows-WMI) (EventID: 5601) (User: NT AUTHORITY) Description: Error: (02/14/2015 02:37:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: KMPlayer.exe3.9.0.128fe401d04852d0ec97404294967295C:\KMPlayer\KMPlayer.exe3981f696-b446-11e4-8266-0024250c7ca5 Error: (02/14/2015 02:25:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: WINWORD.EXE15.0.4675.1000e8401d048511e8a895315C:\Program Files\Microsoft Office\Office15\WINWORD.EXE784bbea9-b444-11e4-8266-0024250c7ca5 Error: (02/14/2015 02:22:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: g++.exe0.0.0.0414e8b7dunknown0.0.0.000000000c0000005000000008fc01d04850db4eb7e8C:\Dev-Cpp\Bin\g++.exeunknown1900088e-b444-11e4-8266-0024250c7ca5 Error: (02/14/2015 02:21:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: g++.exe0.0.0.0414e8b7dunknown0.0.0.000000000c000000500000000dd401d04850d4cc1845C:\Dev-Cpp\Bin\g++.exeunknown127d6b2f-b444-11e4-8266-0024250c7ca5 Error: (02/14/2015 02:21:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: g++.exe0.0.0.0414e8b7dunknown0.0.0.000000000c000000500000000a6c01d04850cdea196fC:\Dev-Cpp\Bin\g++.exeunknown0bcd7e09-b444-11e4-8266-0024250c7ca5 Error: (02/14/2015 02:06:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 CodeIntegrity Errors: =================================== Date: 2015-02-08 20:24:37.290 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i3 CPU M 350 @ 2.27GHz Percentage of memory in use: 39% Total physical RAM: 3958.69 MB Available physical RAM: 2389.7 MB Total Pagefile: 4662.69 MB Available Pagefile: 2807.78 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:110.38 GB) (Free:63.1 GB) NTFS Drive d: (envs1286) (CDROM) (Total:1.49 GB) (Free:0 GB) CDFS Drive e: (New Volume) (Fixed) (Total:355.28 GB) (Free:318.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B56A461E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=355.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================
×
×
  • Добави ново...