Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'РЕШЕН'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
    • Спорт
    • Автомобили
    • Дом и семейство
    • Домашни любимци
    • Пътешествия и туризъм
    • Кулинар
    • Изповеди
    • Празни приказки и забава
  • За kaldata.com
    • Новини относно сайта
    • Предложения, Въпроси и Проблеми свързани със сайта
  • групите за са стадото аз съм вълк единак Теми
  • Photoshop майнаци Теми
  • Аудио-видео и компютърна техника За приемане на членове
  • Аудио-видео и компютърна техника Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 212 резултата

  1. Здравейте, от известно време лаптопът ми издава звуци направо като прахосмукачка. Вентилаторът се скъсва да върти от някакви слаби натоварвания като един браузър например. Ще съм много благодарен ако ми помогнете! FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014 01 Ran by ixi (administrator) on PC on 26-08-2014 00:18:21 Running from C:UsersixiDesktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Български (България) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:Program FilesMicrosoft Security ClientMsMpEng.exe (AMD) C:WindowsSystem32atiesrxx.exe (AMD) C:WindowsSystem32atieclxx.exe (Microsoft Corporation) C:WindowsSystem32wlanext.exe (Apple Computer, Inc.) C:Program Files (x86)BonjourmDNSResponder.exe (Microsoft Corporation) C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe (mst software GmbH, Germany) C:Program Files (x86)AshampooAshampoo WinOptimizer 10DfSdkS64.exe (Acer Incorporated) C:Program FilesAcerAcer PowerSmart ManagerePowerSvc.exe (Acer Incorporated) C:Program Files (x86)AcerRegistrationGREGsvc.exe (Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe (Malwarebytes Corporation) C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe (NewTech Infosystems, Inc.) C:Program Files (x86)NewTech InfosystemsAcer Backup ManagerIScheduleSvc.exe (NTI, Inc.) C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe () C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe (Acer Incorporated) C:Program Files (x86)AcerAcer VCMRS_Service.exe (Acer Group) C:Program FilesAcerAcer UpdaterUpdaterService.exe (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (Microsoft Corporation) C:Program FilesMicrosoft Security Clientmsseces.exe (Intel Corporation) C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE () C:Program Files (x86)RocketDockRocketDock.exe (Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe (Dritek System Inc.) C:Program Files (x86)Launch ManagerLManager.exe (Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (Microsoft Corporation) C:Program FilesMicrosoft Security ClientNisSrv.exe (Advanced Micro Devices Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ATI Technologies Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (Microsoft Corporation) C:WindowsSystem32dllhost.exe (Nero AG) C:Program Files (x86)NeroUpdateNASvc.exe (Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM...Run: [MSC] => c:Program FilesMicrosoft Security Clientmsseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM...Run: [synTPEnh] => C:Program FilesSynapticsSynTPSynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated) HKLM-x32...Run: [LManager] => C:Program Files (x86)Launch ManagerLManager.exe [1157640 2009-10-07] (Dritek System Inc.) HKLM-x32...Run: [sunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32...Run: [startCCC] => C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.) HKU.DEFAULT...RunOnce: [sPReview] => C:WindowsSystem32SPReviewSPReview.exe [301568 2013-09-11] (Microsoft Corporation) HKUS-1-5-21-2411341698-1123546938-1689852013-1001...Run: [RocketDock] => C:Program Files (x86)RocketDockRocketDock.exe [495616 2007-09-02] () HKUS-1-5-21-2411341698-1123546938-1689852013-1001...Run: [DAEMON Tools Lite] => C:Program Files (x86)DAEMON Tools LiteDTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKUS-1-5-21-2411341698-1123546938-1689852013-1001...MountPoints2: {ab90fd37-1deb-11e3-94da-1c7508401a5a} - G:HTC_Sync_Manager_PC.exe HKUS-1-5-21-2411341698-1123546938-1689852013-1001...MountPoints2: {ec7ae6cf-4a05-11e3-b95b-1c7508401a5a} - G:LGAutoRun.exe Lsa: [Notification Packages] ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://acer.msn.com SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre7binssv.dll (Oracle Corporation) BHO-x32: Помощник за влизане на Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:Program Files (x86)Windows LiveCompanioncompanioncore.dll (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (Microsoft Corporation) TcpipParameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:UsersixiAppDataRoamingMozillaFirefoxProfilesrhzvr050.default FF SearchEngineOrder.3: Bing FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_14_0_0_179.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~2Office14NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_14_0_0_179.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:Program Files (x86)GooglePicasa3npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:Program Files (x86)Javajre7bindtpluginnpDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:Program Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.30514.0npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~3Office14NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~3Office14NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:Program Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.24.15npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.24.15npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:UsersixiAppDataRoamingMozillapluginsnpgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:UsersixiAppDataRoamingMozillapluginsnpo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:UsersixiAppDataLocalGoogleUpdate1.3.24.15npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:UsersixiAppDataLocalGoogleUpdate1.3.24.15npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:UsersixiAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS) FF user.js: detected! => C:UsersixiAppDataRoamingMozillaFirefoxProfilesrhzvr050.defaultuser.js FF Plugin ProgramFiles/Appdata: C:Program Files (x86)mozilla firefoxpluginsnpwachk.dll (Nullsoft, Inc.) FF Plugin ProgramFiles/Appdata: C:UsersixiAppDataRoamingmozillapluginsnpgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:UsersixiAppDataRoamingmozillapluginsnpo1d.dll (Google) FF SearchPlugin: C:UsersixiAppDataRoamingMozillaFirefoxProfilesrhzvr050.defaultsearchpluginsbingp.xml FF SearchPlugin: C:Program Files (x86)mozilla firefoxbrowsersearchplugins911bg.xml FF SearchPlugin: C:Program Files (x86)mozilla firefoxbrowsersearchpluginsdiribg.xml FF SearchPlugin: C:Program Files (x86)mozilla firefoxbrowsersearchpluginspe-bg.xml FF SearchPlugin: C:Program Files (x86)mozilla firefoxbrowsersearchpluginsportalbgdict.xml FF Extension: Super Start - C:UsersixiAppDataRoamingMozillaFirefoxProfilesrhzvr050.defaultExtensionssuperstart@enjoyfreeware.org [2014-06-27] FF Extension: QuickStores-Toolbar - C:Program Files (x86)Mozilla Firefoxextensionsquickstores@quickstores.de [2014-08-04] FF Extension: Skype Click to Call - C:Program Files (x86)Mozilla Firefoxbrowserextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-04] Chrome: ======= CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP255423B5-9DF1-4CC4-9137-E687D3ECE348 CHR StartupUrls: Default -> "chrome://newtab/" CHR Profile: C:UsersixiAppDataLocalGoogleChromeUser DataDefault CHR Extension: (Momentum New Tab Page) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsabdholagkagimalmpmohnkmpcbjomlgp [2014-07-28] CHR Extension: (Google Документи) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2014-07-28] CHR Extension: (Google Диск) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2014-07-28] CHR Extension: (YouTube) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-28] CHR Extension: (Google Търсене) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2014-07-28] CHR Extension: (Jewel Quest) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsdeigkcoephgpkjhckaiimibhkfeabfjk [2014-08-18] CHR Extension: (Anti-Like Facebook) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsniheeajpplilbehnllnneaihbhgenhkk [2014-07-28] CHR Extension: (Google Wallet) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2014-07-28] CHR Extension: (Jewels HD) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionsopmonmpnlegnelddekgpmmhileohhpma [2014-08-18] CHR Extension: (Gmail) - C:UsersixiAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2014-07-28] CHR HKLM-x32...ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:Program Files (x86)SkypeToolbarsChromeExtensionskype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Bonjour Service; C:Program Files (x86)BonjourmDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] R2 c2cautoupdatesvc; C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DfSdkS; C:Program Files (x86)AshampooAshampoo WinOptimizer 10DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed] R2 ePowerSvc; C:Program FilesAcerAcer PowerSmart ManagerePowerSvc.exe [783392 2010-02-26] (Acer Incorporated) S3 FLEXnet Licensing Service; C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848 2013-09-11] (Macrovision Europe Ltd.) [File not signed] S3 IDriverT; C:Program Files (x86)Common FilesInstallShieldDriver1150Intel 32IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 MSCSPTISRV; C:Program Files (x86)Common FilesSony SharedAVLibMSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed] R2 MsMpSvc; C:Program FilesMicrosoft Security ClientMsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:Program FilesMicrosoft Security ClientNisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NTISchedulerSvc; C:Program Files (x86)NewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) S3 PACSPTISVR; C:Program Files (x86)Common FilesSony SharedAVLibPACSPTISVR.exe [57344 2006-12-14] () [File not signed] R2 PassThru Service; C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 RS_Service; C:Program Files (x86)AcerAcer VCMRS_Service.exe [260640 2010-01-30] (Acer Incorporated) S3 SonicStage Back-End Service; C:Program Files (x86)Common FilesSony SharedAVLibSsBeSvc.exe [112184 2007-02-05] (Sony Corporation) S3 SPTISRV; C:Program Files (x86)Common FilesSony SharedAVLibSPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed] S3 SSScsiSV; C:Program Files (x86)Common FilesSony SharedAVLibSSScsiSV.exe [75320 2007-02-05] (Sony Corporation) S3 TunngleService; C:Program Files (x86)TunngleTnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 amdkmdap; C:WindowsSystem32DRIVERSatikmpag.sys [638976 2014-04-18] (Advanced Micro Devices, Inc.) [File not signed] S3 AtiHDAudioService; C:WindowsSystem32driversAtihdW76.sys [94720 2013-12-19] (Advanced Micro Devices) [File not signed] R1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [283200 2013-09-11] (DT Soft Ltd) S0 johci; C:WindowsSystem32DRIVERSjohci.sys [20392 2009-09-21] (JMicron ) R3 MBAMProtector; C:Windowssystem32driversmbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:Windowssystem32driversmwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 tap0901t; C:WindowsSystem32DRIVERStap0901t.sys [31232 2009-09-16] (Tunngle.net) R2 TurboB; C:WindowsSystem32DRIVERSTurboB.sys [13784 2009-11-02] () S3 andnetadb; System32Driverslgandnetadb.sys [X] S3 AndNetDiag; system32DRIVERSlgandnetdiag64.sys [X] S3 ANDNetModem; system32DRIVERSlgandnetmodem64.sys [X] S3 NPF; system32driversNPF.sys [X] S3 pccsmcfd; system32DRIVERSpccsmcfdx64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the filefolder will be moved.) 2014-08-26 00:18 - 2014-08-26 00:19 - 00018803 _____ () C:UsersixiDesktopFRST.txt 2014-08-26 00:18 - 2014-08-26 00:18 - 00000000 ____D () C:FRST 2014-08-26 00:16 - 2014-08-26 00:17 - 02103296 _____ (Farbar) C:UsersixiDesktopFRST64.exe 2014-08-26 00:09 - 2014-08-26 00:09 - 00000056 _____ () C:Windowssetupact.log 2014-08-26 00:09 - 2014-08-26 00:09 - 00000000 _____ () C:Windowssetuperr.log 2014-08-25 23:41 - 2014-08-25 23:41 - 00000000 ____D () C:UsersixiDocumentsTunngle 2014-08-23 16:37 - 2014-08-23 16:37 - 00000000 ____D () C:UsersixiAppDataRoamingbizarre creations 2014-08-22 18:24 - 2014-08-22 18:24 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsBlur 2014-08-22 15:52 - 2014-08-22 15:52 - 00000000 ____D () C:UsersixiAppDataRoamingLeadertech 2014-08-21 16:15 - 2014-08-22 15:55 - 00000000 ____D () C:UsersixiAppDataRoamingLucasArts 2014-08-20 18:27 - 2014-08-22 15:53 - 00000183 _____ () C:Windowsdisney.ini 2014-08-20 18:04 - 2014-08-20 18:04 - 00000000 ____D () C:UsersixiAppDataLocalMercurySteam 2014-08-20 18:04 - 2014-08-20 18:04 - 00000000 ____D () C:UsersixiAppDataLocalEMU 2014-08-18 15:58 - 2014-08-18 15:58 - 00001315 _____ () C:UsersixiDesktopOneDrive.lnk 2014-08-18 15:55 - 2014-08-18 15:57 - 00000000 ___RD () C:UsersixiOneDrive 2014-08-18 15:55 - 2014-08-18 15:56 - 00002166 _____ () C:UsersixiAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft OneDrive.lnk 2014-08-18 15:55 - 2014-08-18 15:55 - 00000000 ____D () C:ProgramDataMicrosoft OneDrive 2014-08-18 15:55 - 2014-08-18 15:55 - 00000000 ____D () C:Program Files (x86)Microsoft OneDrive 2014-08-17 12:56 - 2014-07-01 01:24 - 00008856 _____ (Microsoft Corporation) C:Windowssystem32icardres.dll 2014-08-17 12:56 - 2014-07-01 01:14 - 00008856 _____ (Microsoft Corporation) C:WindowsSysWOW64icardres.dll 2014-08-17 12:56 - 2014-03-10 00:48 - 01389208 _____ (Microsoft Corporation) C:Windowssystem32icardagt.exe 2014-08-17 12:56 - 2014-03-10 00:48 - 00171160 _____ (Microsoft Corporation) C:Windowssystem32infocardapi.dll 2014-08-17 12:56 - 2014-03-10 00:47 - 00619672 _____ (Microsoft Corporation) C:WindowsSysWOW64icardagt.exe 2014-08-17 12:56 - 2014-03-10 00:47 - 00099480 _____ (Microsoft Corporation) C:WindowsSysWOW64infocardapi.dll 2014-08-17 12:55 - 2014-06-06 09:16 - 00035480 _____ (Microsoft Corporation) C:WindowsSysWOW64TsWpfWrp.exe 2014-08-17 12:55 - 2014-06-06 09:12 - 00035480 _____ (Microsoft Corporation) C:Windowssystem32TsWpfWrp.exe 2014-08-17 12:54 - 2014-08-01 02:41 - 00348856 _____ (Microsoft Corporation) C:Windowssystem32iedkcs32.dll 2014-08-17 12:54 - 2014-08-01 02:16 - 00307384 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll 2014-08-17 12:54 - 2014-07-25 17:52 - 23645696 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll 2014-08-17 12:54 - 2014-07-25 17:02 - 02724864 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb 2014-08-17 12:54 - 2014-07-25 17:01 - 00004096 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollectorres.dll 2014-08-17 12:54 - 2014-07-25 16:51 - 17524224 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll 2014-08-17 12:54 - 2014-07-25 16:30 - 00066048 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll 2014-08-17 12:54 - 2014-07-25 16:28 - 00548352 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll 2014-08-17 12:54 - 2014-07-25 16:28 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32ieetwproxystub.dll 2014-08-17 12:54 - 2014-07-25 16:25 - 02774528 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll 2014-08-17 12:54 - 2014-07-25 16:25 - 00083968 _____ (Microsoft Corporation) C:Windowssystem32MshtmlDac.dll 2014-08-17 12:54 - 2014-07-25 16:11 - 00051200 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll 2014-08-17 12:54 - 2014-07-25 16:10 - 00033792 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll 2014-08-17 12:54 - 2014-07-25 16:04 - 02724864 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb 2014-08-17 12:54 - 2014-07-25 16:03 - 00598016 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll 2014-08-17 12:54 - 2014-07-25 16:00 - 00139264 _____ (Microsoft Corporation) C:Windowssystem32ieUnatt.exe 2014-08-17 12:54 - 2014-07-25 16:00 - 00111616 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollector.exe 2014-08-17 12:54 - 2014-07-25 15:59 - 00758272 _____ (Microsoft Corporation) C:Windowssystem32jscript9diag.dll 2014-08-17 12:54 - 2014-07-25 15:47 - 00940032 _____ (Microsoft Corporation) C:Windowssystem32MsSpellCheckingFacility.exe 2014-08-17 12:54 - 2014-07-25 15:40 - 00452096 _____ (Microsoft Corporation) C:Windowssystem32dxtmsft.dll 2014-08-17 12:54 - 2014-07-25 15:34 - 00455168 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll 2014-08-17 12:54 - 2014-07-25 15:34 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64iesetup.dll 2014-08-17 12:54 - 2014-07-25 15:33 - 00051200 _____ (Microsoft Corporation) C:WindowsSysWOW64ieetwproxystub.dll 2014-08-17 12:54 - 2014-07-25 15:30 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64MshtmlDac.dll 2014-08-17 12:54 - 2014-07-25 15:28 - 05824512 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll 2014-08-17 12:54 - 2014-07-25 15:28 - 00072704 _____ (Microsoft Corporation) C:Windowssystem32JavaScriptCollectionAgent.dll 2014-08-17 12:54 - 2014-07-25 15:21 - 02184704 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll 2014-08-17 12:54 - 2014-07-25 15:19 - 00195584 _____ (Microsoft Corporation) C:Windowssystem32msrating.dll 2014-08-17 12:54 - 2014-07-25 15:18 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll 2014-08-17 12:54 - 2014-07-25 15:17 - 00085504 _____ (Microsoft Corporation) C:Windowssystem32mshtmled.dll 2014-08-17 12:54 - 2014-07-25 15:17 - 00032768 _____ (Microsoft Corporation) C:WindowsSysWOW64iernonce.dll 2014-08-17 12:54 - 2014-07-25 15:12 - 00438784 _____ (Microsoft Corporation) C:WindowsSysWOW64ieui.dll 2014-08-17 12:54 - 2014-07-25 15:10 - 00292864 _____ (Microsoft Corporation) C:Windowssystem32dxtrans.dll 2014-08-17 12:54 - 2014-07-25 15:10 - 00112128 _____ (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe 2014-08-17 12:54 - 2014-07-25 15:08 - 00597504 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9diag.dll 2014-08-17 12:54 - 2014-07-25 15:06 - 04204032 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll 2014-08-17 12:54 - 2014-07-25 14:52 - 00367104 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtmsft.dll 2014-08-17 12:54 - 2014-07-25 14:47 - 00631808 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll 2014-08-17 12:54 - 2014-07-25 14:43 - 00060416 _____ (Microsoft Corporation) C:WindowsSysWOW64JavaScriptCollectionAgent.dll 2014-08-17 12:54 - 2014-07-25 14:42 - 00692736 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe 2014-08-17 12:54 - 2014-07-25 14:39 - 02087936 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl 2014-08-17 12:54 - 2014-07-25 14:39 - 01249280 _____ (Microsoft Corporation) C:Windowssystem32mshtmlmedia.dll 2014-08-17 12:54 - 2014-07-25 14:36 - 00164864 _____ (Microsoft Corporation) C:WindowsSysWOW64msrating.dll 2014-08-17 12:54 - 2014-07-25 14:34 - 00069632 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll 2014-08-17 12:54 - 2014-07-25 14:29 - 00239616 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtrans.dll 2014-08-17 12:54 - 2014-07-25 14:23 - 13547008 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll 2014-08-17 12:54 - 2014-07-25 14:13 - 00526336 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll 2014-08-17 12:54 - 2014-07-25 14:07 - 02001920 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl 2014-08-17 12:54 - 2014-07-25 14:07 - 01068032 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmlmedia.dll 2014-08-17 12:54 - 2014-07-25 14:03 - 11772928 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll 2014-08-17 12:54 - 2014-07-25 13:52 - 02266624 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll 2014-08-17 12:54 - 2014-07-25 13:26 - 01431040 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll 2014-08-17 12:54 - 2014-07-25 13:17 - 00846336 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll 2014-08-17 12:54 - 2014-07-25 13:09 - 00704512 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll 2014-08-17 12:54 - 2014-07-25 13:05 - 01792512 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll 2014-08-17 12:54 - 2014-07-25 13:00 - 01169920 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll 2014-08-17 12:54 - 2014-07-16 06:23 - 00002048 _____ (Microsoft Corporation) C:Windowssystem32tzres.dll 2014-08-17 12:54 - 2014-07-16 05:46 - 00002048 _____ (Microsoft Corporation) C:WindowsSysWOW64tzres.dll 2014-08-17 12:54 - 2014-06-03 13:02 - 03241984 _____ (Microsoft Corporation) C:Windowssystem32msi.dll 2014-08-17 12:54 - 2014-06-03 13:02 - 01941504 _____ (Microsoft Corporation) C:Windowssystem32authui.dll 2014-08-17 12:54 - 2014-06-03 13:02 - 00504320 _____ (Microsoft Corporation) C:Windowssystem32msihnd.dll 2014-08-17 12:54 - 2014-06-03 13:02 - 00112064 _____ (Microsoft Corporation) C:Windowssystem32consent.exe 2014-08-17 12:54 - 2014-06-03 12:29 - 02363392 _____ (Microsoft Corporation) C:WindowsSysWOW64msi.dll 2014-08-17 12:54 - 2014-06-03 12:29 - 01805824 _____ (Microsoft Corporation) C:WindowsSysWOW64authui.dll 2014-08-17 12:54 - 2014-06-03 12:29 - 00337408 _____ (Microsoft Corporation) C:WindowsSysWOW64msihnd.dll 2014-08-17 12:53 - 2014-07-14 05:02 - 01216000 _____ (Microsoft Corporation) C:Windowssystem32rpcrt4.dll 2014-08-17 12:53 - 2014-07-14 04:40 - 00664064 _____ (Microsoft Corporation) C:WindowsSysWOW64rpcrt4.dll 2014-08-17 12:53 - 2014-06-25 05:05 - 14175744 _____ (Microsoft Corporation) C:Windowssystem32shell32.dll 2014-08-17 12:53 - 2014-06-25 04:41 - 12874240 _____ (Microsoft Corporation) C:WindowsSysWOW64shell32.dll 2014-08-17 12:53 - 2014-06-16 05:10 - 00985536 _____ (Microsoft Corporation) C:Windowssystem32Driversdxgkrnl.sys 2014-08-17 12:38 - 2014-08-17 12:38 - 00000000 ____D () C:ProgramDataATI 2014-08-17 12:35 - 2014-08-17 12:35 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCatalyst Control Center 2014-08-17 12:34 - 2009-11-12 00:31 - 06106624 _____ (ATI Technologies Inc.) C:Windowssystem32Driversatikmdag.sys 2014-08-17 12:34 - 2009-11-11 23:18 - 00053248 _____ (Advanced Micro Devices Inc.) C:WindowsSysWOW64aticalrt.dll 2014-08-17 12:34 - 2009-11-11 23:18 - 00053248 _____ (Advanced Micro Devices Inc.) C:WindowsSysWOW64aticalcl.dll 2014-08-17 12:34 - 2009-11-11 23:18 - 00043008 _____ (Advanced Micro Devices Inc.) C:Windowssystem32aticalrt64.dll 2014-08-17 12:34 - 2009-11-11 23:18 - 00039936 _____ (Advanced Micro Devices Inc.) C:Windowssystem32aticalcl64.dll 2014-08-17 12:34 - 2009-11-11 23:17 - 04634112 _____ (Advanced Micro Devices Inc.) C:Windowssystem32aticaldd64.dll 2014-08-17 12:34 - 2009-11-11 23:16 - 03547136 _____ (Advanced Micro Devices Inc.) C:WindowsSysWOW64aticaldd.dll 2014-08-17 12:34 - 2009-11-11 22:34 - 00479232 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32ATIDEMGX.dll 2014-08-17 12:34 - 2009-11-11 22:34 - 00438784 _____ (AMD) C:Windowssystem32atieclxx.exe 2014-08-17 12:34 - 2009-11-11 22:33 - 00202752 _____ (AMD) C:Windowssystem32atiesrxx.exe 2014-08-17 12:34 - 2009-11-11 22:32 - 00120320 _____ (AMD) C:Windowssystem32atitmm64.dll 2014-08-17 12:34 - 2009-11-11 22:31 - 00421376 _____ (ATI Technologies, Inc.) C:Windowssystem32atipdl64.dll 2014-08-17 12:34 - 2009-11-11 22:31 - 00356352 _____ (ATI Technologies, Inc.) C:WindowsSysWOW64atipdlxx.dll 2014-08-17 12:34 - 2009-11-11 22:31 - 00059392 _____ (ATI Technologies, Inc.) C:Windowssystem32atiedu64.dll 2014-08-17 12:34 - 2009-11-11 22:31 - 00043520 _____ (ATI Technologies, Inc.) C:WindowsSysWOW64ati2edxx.dll 2014-08-17 12:34 - 2009-11-11 22:31 - 00012288 _____ (AMD) C:Windowssystem32atimuixx.dll 2014-08-17 12:34 - 2009-11-11 22:28 - 03034624 _____ (ATI Technologies Inc. ) C:WindowsSysWOW64atidxx32.dll 2014-08-17 12:34 - 2009-11-11 22:23 - 17199616 _____ (ATI Technologies Inc.) C:Windowssystem32atio6axx.dll 2014-08-17 12:34 - 2009-11-11 22:20 - 03624448 _____ (ATI Technologies Inc. ) C:Windowssystem32atidxx64.dll 2014-08-17 12:34 - 2009-11-11 22:12 - 03602432 _____ (ATI Technologies Inc. ) C:WindowsSysWOW64atiumdag.dll 2014-08-17 12:34 - 2009-11-11 22:06 - 04661760 _____ (ATI Technologies Inc. ) C:Windowssystem32atiumd64.dll 2014-08-17 12:34 - 2009-11-11 22:00 - 12964352 _____ (ATI Technologies Inc.) C:WindowsSysWOW64atioglxx.dll 2014-08-17 12:34 - 2009-11-11 22:00 - 02599424 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atiumd6a.dll 2014-08-17 12:34 - 2009-11-11 21:57 - 00402016 _____ () C:Windowssystem32atiumd6a.cap 2014-08-17 12:34 - 2009-11-11 21:54 - 02899456 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atiumdva.dll 2014-08-17 12:34 - 2009-11-11 21:53 - 00402016 _____ () C:WindowsSysWOW64atiumdva.cap 2014-08-17 12:34 - 2009-11-11 21:41 - 00302592 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atiadlxx.dll 2014-08-17 12:34 - 2009-11-11 21:41 - 00208896 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64atiadlxy.dll 2014-08-17 12:34 - 2009-11-11 21:41 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atimpc64.dll 2014-08-17 12:34 - 2009-11-11 21:41 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdpcom64.dll 2014-08-17 12:34 - 2009-11-11 21:41 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atimpc32.dll 2014-08-17 12:34 - 2009-11-11 21:41 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdpcom32.dll 2014-08-17 12:34 - 2009-11-11 21:26 - 00053248 _____ (ATI Technologies Inc.) C:Windowssystem32Driversati2erec.dll 2014-08-17 12:34 - 2009-09-08 23:14 - 00018618 _____ () C:Windowsatiogl.xml 2014-08-17 12:34 - 2009-09-01 15:55 - 00195855 _____ () C:Windowssystem32atiicdxx.dat 2014-08-17 12:34 - 2009-02-18 13:55 - 00332288 _____ () C:Windowssystem32ATIODE.exe 2014-08-17 12:34 - 2009-02-03 16:52 - 00051200 _____ () C:Windowssystem32ATIODCLI.exe 2014-08-17 12:33 - 2014-08-17 12:35 - 00000000 ____D () C:Program FilesATI Technologies 2014-08-17 12:27 - 2014-08-17 12:27 - 00060968 _____ () C:WindowsSysWOW64CCCInstall_201408171227475244.log 2014-08-16 11:44 - 2014-08-16 11:44 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsFinalWire 2014-08-15 20:08 - 2014-08-16 01:10 - 00000000 ____D () C:ProgramDataHi-Rez Studios 2014-08-15 20:08 - 2014-08-15 20:08 - 00000000 ____D () C:UsersixiAppDataRoamingAwesomium 2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:UsersixiAppDataRoamingMicrosoftWindowsStart MenuProgramsAMD Gaming Evolved 2014-08-15 19:33 - 2014-08-17 12:28 - 00000000 ____D () C:ProgramDataAMD 2014-08-15 19:33 - 2014-08-16 11:22 - 00000000 ____D () C:UsersixiAppDataRoamingRaptr 2014-08-15 19:33 - 2014-08-15 19:34 - 00000000 ____D () C:Program Files (x86)Raptr 2014-08-15 19:33 - 2014-08-15 19:33 - 00061828 _____ () C:WindowsSysWOW64CCCInstall_201408151933168008.log 2014-08-15 19:33 - 2014-08-15 19:33 - 00000000 ____D () C:UsersixiAppDataRoaminglibrary_dir 2014-08-15 19:30 - 2014-08-15 19:30 - 00000000 ____D () C:Program FilesCommon FilesATI Technologies 2014-08-15 19:29 - 2014-08-15 19:29 - 00000000 ____D () C:Program FilesATI 2014-08-14 15:01 - 2014-08-14 15:01 - 00000000 ____D () C:Program FilesAMD 2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:UsersixiAppDataRoamingATI 2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:UsersixiAppDataLocalATI 2014-08-13 02:00 - 2014-08-13 02:00 - 04575232 _____ (Google Inc.) C:WindowsSysWOW64GPhotos.scr 2014-08-08 23:52 - 2014-08-08 23:52 - 00000000 ____D () C:UsersixiAppDataLocalSkyrim 2014-08-08 23:44 - 2014-08-08 23:44 - 00272808 _____ (Oracle Corporation) C:WindowsSysWOW64javaws.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00175528 _____ (Oracle Corporation) C:WindowsSysWOW64javaw.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00175528 _____ (Oracle Corporation) C:WindowsSysWOW64java.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00098216 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-32.dll 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:WindowsSun 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:UsersixiAppDataRoamingOracle 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:ProgramDataOracle 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsJava 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:Program Files (x86)Java 2014-08-07 23:22 - 2014-08-07 23:22 - 00000001 _____ () C:UsersixiAppDataLocalllftool.4.40.agreement 2014-08-04 20:26 - 2014-08-04 20:26 - 00000000 ____D () C:Program Files (x86)Mozilla Firefox 2014-07-29 20:17 - 2014-07-29 20:17 - 00003154 _____ () C:WindowsSystem32Tasks{105E1070-765D-47E0-B952-AB4259F339C9} 2014-07-29 11:22 - 2014-08-25 23:50 - 00000830 _____ () C:WindowsTasksAdobe Flash Player Updater.job 2014-07-29 11:22 - 2014-08-20 15:58 - 00003768 _____ () C:WindowsSystem32TasksAdobe Flash Player Updater 2014-07-28 23:06 - 2014-08-16 01:06 - 00002185 _____ () C:UsersPublicDesktopGoogle Chrome.lnk 2014-07-27 15:30 - 2014-07-27 15:30 - 00003168 _____ () C:WindowsSystem32Tasks{45C9B672-0BA5-4BC0-8CC5-3956706456A8} 2014-07-27 15:13 - 2014-08-15 19:07 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner 2014-07-27 15:13 - 2014-07-27 15:14 - 00000000 ____D () C:Program FilesCCleaner 2014-07-27 15:13 - 2014-07-27 15:13 - 00002768 _____ () C:WindowsSystem32TasksCCleanerSkipUAC ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the filefolder will be moved.) 2014-08-26 00:19 - 2014-08-26 00:18 - 00018803 _____ () C:UsersixiDesktopFRST.txt 2014-08-26 00:18 - 2014-08-26 00:18 - 00000000 ____D () C:FRST 2014-08-26 00:17 - 2014-08-26 00:16 - 02103296 _____ (Farbar) C:UsersixiDesktopFRST64.exe 2014-08-26 00:17 - 2009-07-14 07:45 - 00009920 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-26 00:17 - 2009-07-14 07:45 - 00009920 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-26 00:15 - 2009-07-14 08:13 - 00799264 _____ () C:Windowssystem32PerfStringBackup.INI 2014-08-26 00:13 - 2013-09-11 15:14 - 01406453 _____ () C:WindowsWindowsUpdate.log 2014-08-26 00:10 - 2014-07-25 22:59 - 00000988 _____ () C:WindowsTasksGoogleUpdateTaskMachineCore.job 2014-08-26 00:10 - 2009-07-14 08:08 - 00000006 ____H () C:WindowsTasksSA.DAT 2014-08-26 00:09 - 2014-08-26 00:09 - 00000056 _____ () C:Windowssetupact.log 2014-08-26 00:09 - 2014-08-26 00:09 - 00000000 _____ () C:Windowssetuperr.log 2014-08-26 00:09 - 2013-09-11 16:46 - 00000000 ____D () C:UsersixiAppDataRoaminguTorrent 2014-08-26 00:04 - 2014-07-25 22:59 - 00000992 _____ () C:WindowsTasksGoogleUpdateTaskMachineUA.job 2014-08-25 23:58 - 2014-07-19 10:31 - 00000000 ____D () C:ProgramDataTunngle 2014-08-25 23:50 - 2014-07-29 11:22 - 00000830 _____ () C:WindowsTasksAdobe Flash Player Updater.job 2014-08-25 23:48 - 2014-07-11 23:43 - 00001000 _____ () C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-2411341698-1123546938-1689852013-1001UA.job 2014-08-25 23:48 - 2014-07-11 23:43 - 00000948 _____ () C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-2411341698-1123546938-1689852013-1001Core.job 2014-08-25 23:42 - 2013-10-12 17:20 - 00000000 ____D () C:UsersixiDocumentsMy Games 2014-08-25 23:41 - 2014-08-25 23:41 - 00000000 ____D () C:UsersixiDocumentsTunngle 2014-08-25 03:13 - 2014-05-31 07:32 - 00122584 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys 2014-08-24 12:13 - 2009-07-14 08:08 - 00032534 _____ () C:WindowsTasksSCHEDLGU.TXT 2014-08-23 16:37 - 2014-08-23 16:37 - 00000000 ____D () C:UsersixiAppDataRoamingbizarre creations 2014-08-22 18:24 - 2014-08-22 18:24 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsBlur 2014-08-22 18:24 - 2010-09-13 11:56 - 00000000 ___HD () C:Program Files (x86)InstallShield Installation Information 2014-08-22 16:08 - 2009-07-14 08:32 - 00000000 ___RD () C:ProgramDataMicrosoftWindowsStart MenuProgramsGames 2014-08-22 15:55 - 2014-08-21 16:15 - 00000000 ____D () C:UsersixiAppDataRoamingLucasArts 2014-08-22 15:53 - 2014-08-20 18:27 - 00000183 _____ () C:Windowsdisney.ini 2014-08-22 15:52 - 2014-08-22 15:52 - 00000000 ____D () C:UsersixiAppDataRoamingLeadertech 2014-08-20 18:04 - 2014-08-20 18:04 - 00000000 ____D () C:UsersixiAppDataLocalMercurySteam 2014-08-20 18:04 - 2014-08-20 18:04 - 00000000 ____D () C:UsersixiAppDataLocalEMU 2014-08-20 17:46 - 2013-09-11 16:48 - 00000000 ____D () C:UsersixiAppDataRoamingDAEMON Tools Lite 2014-08-20 15:58 - 2014-07-29 11:22 - 00003768 _____ () C:WindowsSystem32TasksAdobe Flash Player Updater 2014-08-20 15:58 - 2013-09-12 15:02 - 00699568 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe 2014-08-20 15:58 - 2013-09-12 15:02 - 00071344 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl 2014-08-20 00:31 - 2013-09-11 17:09 - 00000000 ____D () C:UsersixiAppDataRoamingSkype 2014-08-18 20:49 - 2013-09-11 16:57 - 00000000 ____D () C:ProgramDataSkype 2014-08-18 15:58 - 2014-08-18 15:58 - 00001315 _____ () C:UsersixiDesktopOneDrive.lnk 2014-08-18 15:57 - 2014-08-18 15:55 - 00000000 ___RD () C:UsersixiOneDrive 2014-08-18 15:56 - 2014-08-18 15:55 - 00002166 _____ () C:UsersixiAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft OneDrive.lnk 2014-08-18 15:55 - 2014-08-18 15:55 - 00000000 ____D () C:ProgramDataMicrosoft OneDrive 2014-08-18 15:55 - 2014-08-18 15:55 - 00000000 ____D () C:Program Files (x86)Microsoft OneDrive 2014-08-18 15:55 - 2013-09-11 15:48 - 00000000 ____D () C:Usersixi 2014-08-18 15:36 - 2009-07-14 06:20 - 00000000 ____D () C:Windowsrescache 2014-08-17 13:10 - 2009-07-14 06:20 - 00000000 ____D () C:WindowsSysWOW64bg-BG 2014-08-17 13:10 - 2009-07-14 06:20 - 00000000 ____D () C:Windowssystem32bg-BG 2014-08-17 13:10 - 2009-07-14 06:20 - 00000000 ____D () C:WindowsPolicyDefinitions 2014-08-17 13:09 - 2013-09-11 16:51 - 00000000 ____D () C:ProgramDataMicrosoft Help 2014-08-17 13:04 - 2013-09-11 22:50 - 00000000 ____D () C:Windowssystem32MRT 2014-08-17 13:00 - 2013-09-11 22:49 - 99218768 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe 2014-08-17 12:38 - 2014-08-17 12:38 - 00000000 ____D () C:ProgramDataATI 2014-08-17 12:35 - 2014-08-17 12:35 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCatalyst Control Center 2014-08-17 12:35 - 2014-08-17 12:33 - 00000000 ____D () C:Program FilesATI Technologies 2014-08-17 12:28 - 2014-08-15 19:33 - 00000000 ____D () C:ProgramDataAMD 2014-08-17 12:28 - 2013-09-11 15:13 - 00000000 ____D () C:Program Files (x86)ATI Technologies 2014-08-17 12:27 - 2014-08-17 12:27 - 00060968 _____ () C:WindowsSysWOW64CCCInstall_201408171227475244.log 2014-08-16 13:58 - 2013-10-28 12:54 - 00000000 ____D () C:Program Files (x86)Steam 2014-08-16 11:48 - 2013-09-12 04:30 - 00000000 ____D () C:Program Files (x86)SpeedFan 2014-08-16 11:44 - 2014-08-16 11:44 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsFinalWire 2014-08-16 11:44 - 2013-09-13 22:31 - 00000000 ____D () C:Program Files (x86)FinalWire 2014-08-16 11:22 - 2014-08-15 19:33 - 00000000 ____D () C:UsersixiAppDataRoamingRaptr 2014-08-16 01:10 - 2014-08-15 20:08 - 00000000 ____D () C:ProgramDataHi-Rez Studios 2014-08-16 01:06 - 2014-07-28 23:06 - 00002185 _____ () C:UsersPublicDesktopGoogle Chrome.lnk 2014-08-15 20:08 - 2014-08-15 20:08 - 00000000 ____D () C:UsersixiAppDataRoamingAwesomium 2014-08-15 19:34 - 2014-08-15 19:34 - 00000000 ____D () C:UsersixiAppDataRoamingMicrosoftWindowsStart MenuProgramsAMD Gaming Evolved 2014-08-15 19:34 - 2014-08-15 19:33 - 00000000 ____D () C:Program Files (x86)Raptr 2014-08-15 19:33 - 2014-08-15 19:33 - 00061828 _____ () C:WindowsSysWOW64CCCInstall_201408151933168008.log 2014-08-15 19:33 - 2014-08-15 19:33 - 00000000 ____D () C:UsersixiAppDataRoaminglibrary_dir 2014-08-15 19:30 - 2014-08-15 19:30 - 00000000 ____D () C:Program FilesCommon FilesATI Technologies 2014-08-15 19:30 - 2013-09-18 17:03 - 00000000 ____D () C:ProgramDataPackage Cache 2014-08-15 19:29 - 2014-08-15 19:29 - 00000000 ____D () C:Program FilesATI 2014-08-15 19:07 - 2014-07-27 15:13 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner 2014-08-15 19:07 - 2014-07-25 23:00 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome 2014-08-15 19:07 - 2013-09-15 12:30 - 00000000 ____D () C:WindowsMinidump 2014-08-15 19:07 - 2009-07-14 06:20 - 00000000 ____D () C:Windowsregistration 2014-08-15 19:07 - 2009-07-14 06:20 - 00000000 ____D () C:WindowsAppCompat 2014-08-14 15:01 - 2014-08-14 15:01 - 00000000 ____D () C:Program FilesAMD 2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:UsersixiAppDataRoamingATI 2014-08-14 14:53 - 2014-08-14 14:53 - 00000000 ____D () C:UsersixiAppDataLocalATI 2014-08-13 02:00 - 2014-08-13 02:00 - 04575232 _____ (Google Inc.) C:WindowsSysWOW64GPhotos.scr 2014-08-08 23:52 - 2014-08-08 23:52 - 00000000 ____D () C:UsersixiAppDataLocalSkyrim 2014-08-08 23:44 - 2014-08-08 23:44 - 00272808 _____ (Oracle Corporation) C:WindowsSysWOW64javaws.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00175528 _____ (Oracle Corporation) C:WindowsSysWOW64javaw.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00175528 _____ (Oracle Corporation) C:WindowsSysWOW64java.exe 2014-08-08 23:44 - 2014-08-08 23:44 - 00098216 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-32.dll 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:WindowsSun 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:UsersixiAppDataRoamingOracle 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:ProgramDataOracle 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsJava 2014-08-08 23:44 - 2014-08-08 23:44 - 00000000 ____D () C:Program Files (x86)Java 2014-08-07 23:22 - 2014-08-07 23:22 - 00000001 _____ () C:UsersixiAppDataLocalllftool.4.40.agreement 2014-08-07 10:50 - 2013-09-11 16:52 - 00000000 ____D () C:Program Files (x86)Mozilla Maintenance Service 2014-08-04 20:26 - 2014-08-04 20:26 - 00000000 ____D () C:Program Files (x86)Mozilla Firefox 2014-08-01 02:41 - 2014-08-17 12:54 - 00348856 _____ (Microsoft Corporation) C:Windowssystem32iedkcs32.dll 2014-08-01 02:16 - 2014-08-17 12:54 - 00307384 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll 2014-07-29 22:09 - 2009-07-14 06:20 - 00000000 ____D () C:Windowssecurity 2014-07-29 20:17 - 2014-07-29 20:17 - 00003154 _____ () C:WindowsSystem32Tasks{105E1070-765D-47E0-B952-AB4259F339C9} 2014-07-28 23:06 - 2013-09-11 16:49 - 00000000 ____D () C:UsersixiAppDataLocalGoogle 2014-07-27 15:30 - 2014-07-27 15:30 - 00003168 _____ () C:WindowsSystem32Tasks{45C9B672-0BA5-4BC0-8CC5-3956706456A8} 2014-07-27 15:14 - 2014-07-27 15:13 - 00000000 ____D () C:Program FilesCCleaner 2014-07-27 15:13 - 2014-07-27 15:13 - 00002768 _____ () C:WindowsSystem32TasksCCleanerSkipUAC 2014-07-27 12:36 - 2013-09-11 18:40 - 00000000 ____D () C:Program FilesMicrosoft Silverlight 2014-07-27 12:36 - 2013-09-11 18:40 - 00000000 ____D () C:Program Files (x86)Microsoft Silverlight Some content of TEMP: ==================== C:UsersixiAppDataLocalTemp_isAA35.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:WindowsSystem32winlogon.exe => File is digitally signed C:WindowsSystem32wininit.exe => File is digitally signed C:WindowsSysWOW64wininit.exe => File is digitally signed C:Windowsexplorer.exe => File is digitally signed C:WindowsSysWOW64explorer.exe => File is digitally signed C:WindowsSystem32svchost.exe => File is digitally signed C:WindowsSysWOW64svchost.exe => File is digitally signed C:WindowsSystem32services.exe => File is digitally signed C:WindowsSystem32User32.dll => File is digitally signed C:WindowsSysWOW64User32.dll => File is digitally signed C:WindowsSystem32userinit.exe => File is digitally signed C:WindowsSysWOW64userinit.exe => File is digitally signed C:WindowsSystem32rpcss.dll => File is digitally signed C:WindowsSystem32Driversvolsnap.sys => File is digitally signed LastRegBack: 2014-08-17 21:00 ==================== End Of Log ============================ Addition.txt
  2. Здравейте , Проблема ми е следния , като вляза в онлайн игра без значение каква е започва да лагва пинга ми стой (примерно) 50 - 50 - 50 200 - 200 - 200 - 50 - 50 - 50 , че до безкрай . Забелязвам ,че вместо обичайната 2.4 mb/s в момента тегля максимум със 1.8 mb/s . Ходих при приятели за да съм уверен , че проблема не е от нета ми . Поздрави , Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015 02 Ran by Кико (administrator) on КИКО-PC (12-08-2015 22:10:15) Running from C:\Users\Кико\Downloads Loaded Profiles: Кико (Available Profiles: Кико) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 10 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe () C:\Users\Кико\AppData\Local\Viber\Viber.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe () C:\Program Files (x86)\T-Mobile\ConnectionManager\Background\ModemListener.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6326448 2012-12-21] (ESET) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\ConnectionManager\Background\ModemListener.exe [114552 2012-12-05] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2056131698-3958520328-2186146214-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2056131698-3958520328-2186146214-1000\...\Run: [uTorrent] => C:\Users\Кико\AppData\Roaming\uTorrent\uTorrent.exe [1693024 2015-08-01] (BitTorrent Inc.) HKU\S-1-5-21-2056131698-3958520328-2186146214-1000\...\Run: [Viber] => C:\Users\Кико\AppData\Local\Viber\Viber.exe [72389840 2015-07-15] () HKU\S-1-5-18\...\Run: [20090604] => D:\games\Encore\Hoyle\RegApp\encore_reg.exe /r "D:\games\Encore\Hoyle\RegApp\encore_reg.rpd" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-04-09] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-09] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2056131698-3958520328-2186146214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/ BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{07AFA42B-6F8B-4398-8B05-B05E75053358}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8781299D-5F6C-4C3D-8278-09851F1EA46F}: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-08-02] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2056131698-3958520328-2186146214-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Кико\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2056131698-3958520328-2186146214-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Кико\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2056131698-3958520328-2186146214-1000: pcpitstop.com/PCMaticPlugin -> C:\Users\Кико\AppData\Roaming\PCPitstop\PC Matic Plugin\1.0.0.1\npPCMaticPlugin.1.0.0.1.dll [2013-07-22] (PC Pitstop LLC) FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-09-03] Chrome: ======= CHR Profile: C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-03] CHR Extension: (Google Drive) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-03] CHR Extension: (YouTube) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-03] CHR Extension: (Google Search) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-03] CHR Extension: (Heroes & Generals) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-08-23] CHR Extension: (Arcane Legends) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2015-01-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03] CHR Extension: (Gmail) - C:\Users\Кико\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-03] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1333424 2012-12-21] (ESET) S2 HiPatchService; d:\games\Hi-Rez Studios\HiPatchService.exe [8704 2015-07-27] (Hi-Rez Studios) [File not signed] S4 Modem Device Helper; C:\Program Files (x86)\T-Mobile\ConnectionManager\BackgroundService\ServiceManager.exe [51576 2012-12-04] () [File not signed] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3071632 2014-05-06] (INCA Internet Co., Ltd.) S4 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-26] () S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 A38CCID; C:\Windows\System32\DRIVERS\a38ccid.sys [62592 2014-03-24] (Advanced Card Systems Ltd.) S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2012-12-04] (Windows ® Codename Longhorn DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-03] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-01-10] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET) S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2012-12-04] (TCT International Mobile Ltd) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-09] (NVIDIA Corporation) S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 npkcrypt; \??\D:\Games\Lineage II\system\npkcrypt.sys [X] S3 npkycryp; \??\D:\Games\Lineage II\system\npkycryp.sys [X] S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 X6va020; \??\C:\Windows\SysWOW64\Drivers\X6va020 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-12 22:10 - 2015-08-12 22:10 - 00013335 _____ C:\Users\Кико\Downloads\FRST.txt 2015-08-12 22:10 - 2015-08-12 22:10 - 00000000 ____D C:\FRST 2015-08-12 22:09 - 2015-08-12 22:10 - 02172928 _____ (Farbar) C:\Users\Кико\Downloads\FRST64.exe 2015-08-12 21:57 - 2015-08-12 21:57 - 00000312 _____ C:\Users\Кико\Desktop\Системата ми е инфектирана - Какво да правя сега- - Премахване на зловреден софтуер - HiJackThis логове - kaldata.com - Форуми.url 2015-08-12 21:50 - 2015-08-12 21:51 - 02082630 _____ (J.C. Kessels ) C:\Users\Кико\Downloads\MyDefrag-v4.3.1.exe 2015-08-12 20:46 - 2015-08-12 20:46 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2015-08-12 17:41 - 2015-08-12 17:41 - 00019402 _____ C:\Users\Кико\Downloads\Terminator Genisys 2015 READNFO 480p HDRip XviD AC3-NoGroup.torrent 2015-08-12 17:41 - 2015-08-12 17:41 - 00019402 _____ C:\Users\Кико\Downloads\Terminator Genisys 2015 READNFO 480p HDRip XviD AC3-NoGroup (1).torrent 2015-08-12 02:41 - 2015-07-30 16:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 02:41 - 2015-07-30 16:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-11 22:39 - 2015-07-30 21:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-11 22:39 - 2015-07-30 20:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-11 22:39 - 2015-07-30 20:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-11 22:39 - 2015-07-30 20:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-11 22:39 - 2015-07-30 20:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-11 22:39 - 2015-07-30 20:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-11 22:39 - 2015-07-30 20:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-11 22:39 - 2015-07-30 19:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-11 22:39 - 2015-07-30 19:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-11 22:39 - 2015-07-30 19:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-11 22:39 - 2015-07-28 23:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-11 22:39 - 2015-07-28 23:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-11 22:39 - 2015-07-28 23:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-11 22:39 - 2015-07-28 23:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-11 22:39 - 2015-07-28 23:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-11 22:39 - 2015-07-28 23:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-11 22:39 - 2015-07-28 23:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-11 22:39 - 2015-07-28 22:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-11 22:39 - 2015-07-15 21:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-11 22:39 - 2015-07-15 21:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-11 22:39 - 2015-07-15 21:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-11 22:39 - 2015-07-15 21:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-11 22:39 - 2015-07-15 21:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-11 22:39 - 2015-07-15 21:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-11 22:39 - 2015-07-15 21:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-11 22:39 - 2015-07-15 21:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-11 22:39 - 2015-07-15 21:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-11 22:39 - 2015-07-15 21:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-11 22:39 - 2015-07-15 21:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-11 22:39 - 2015-07-15 21:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-11 22:39 - 2015-07-15 21:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-11 22:39 - 2015-07-15 21:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-11 22:39 - 2015-07-15 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-11 22:39 - 2015-07-15 21:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-11 22:39 - 2015-07-15 21:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-11 22:39 - 2015-07-15 21:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-11 22:39 - 2015-07-15 20:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-11 22:39 - 2015-07-15 20:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-11 22:39 - 2015-07-15 20:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-11 22:39 - 2015-07-15 20:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-11 22:39 - 2015-07-15 20:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-11 22:39 - 2015-07-15 20:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-11 22:39 - 2015-07-15 20:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-11 22:39 - 2015-07-15 20:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-11 22:39 - 2015-07-15 20:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-11 22:39 - 2015-07-15 20:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-11 22:39 - 2015-07-15 20:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-11 22:39 - 2015-07-15 20:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-11 22:39 - 2015-07-15 20:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-11 22:39 - 2015-07-15 20:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-11 22:39 - 2015-07-15 20:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-11 22:39 - 2015-07-15 20:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-11 22:39 - 2015-07-15 20:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-11 22:39 - 2015-07-15 19:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-11 22:39 - 2015-07-15 19:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-11 22:39 - 2015-07-15 19:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-11 22:39 - 2015-07-15 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-11 22:39 - 2015-07-15 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-11 22:39 - 2015-07-15 06:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-11 22:39 - 2015-07-15 06:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-11 22:39 - 2015-07-15 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-11 22:39 - 2015-07-15 06:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-11 22:39 - 2015-07-15 06:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-11 22:39 - 2015-07-15 05:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-11 22:39 - 2015-07-15 05:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-11 22:39 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-11 22:39 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-11 22:39 - 2015-07-10 20:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-11 22:39 - 2015-07-10 20:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2015-08-11 22:39 - 2015-07-10 20:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-11 22:39 - 2015-07-10 20:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-11 22:39 - 2015-07-10 20:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-11 22:39 - 2015-07-10 20:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-08-11 22:39 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-11 22:39 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-11 22:39 - 2015-07-09 20:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-11 22:39 - 2015-07-01 23:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-11 22:39 - 2015-07-01 23:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-11 22:39 - 2015-07-01 23:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-11 22:39 - 2015-07-01 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-11 22:38 - 2015-07-26 02:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-11 22:38 - 2015-07-26 02:17 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-11 22:38 - 2015-07-26 02:17 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-11 22:38 - 2015-07-26 02:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-11 22:38 - 2015-07-25 23:24 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-11 22:38 - 2015-07-25 23:23 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-11 22:38 - 2015-07-25 23:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-11 22:38 - 2015-07-25 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-11 22:38 - 2015-07-25 21:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-11 22:38 - 2015-07-25 21:17 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-11 22:38 - 2015-07-25 21:09 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-11 22:38 - 2015-07-25 20:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2015-08-11 22:38 - 2015-07-25 20:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2015-08-11 22:37 - 2015-07-20 21:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-11 22:37 - 2015-07-20 21:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-11 22:37 - 2015-07-20 21:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-11 22:37 - 2015-07-20 21:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-11 22:37 - 2015-07-20 20:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-11 22:37 - 2015-07-20 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-11 22:37 - 2015-07-20 20:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-11 22:37 - 2015-07-20 20:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-11 22:37 - 2015-07-20 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-11 22:37 - 2015-07-10 20:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-11 22:37 - 2015-07-10 20:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-11 22:37 - 2015-05-09 21:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-10 12:31 - 2015-08-10 12:31 - 00000069 _____ C:\Users\Кико\Desktop\-Saphir-I Am Alive- - YouTube.url 2015-08-10 00:27 - 2015-08-12 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-10 00:27 - 2015-08-12 02:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-10 00:27 - 2015-08-12 02:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-10 00:26 - 2015-08-10 00:27 - 13095136 _____ (Microsoft Corporation) C:\Users\Кико\Downloads\Silverlight_x64.exe 2015-08-10 00:24 - 2015-08-10 00:24 - 00761856 _____ C:\Users\Кико\Downloads\PCMaticPlugin (1).msi 2015-08-10 00:22 - 2015-08-10 00:22 - 00761856 _____ C:\Users\Кико\Downloads\PCMaticPlugin.msi 2015-08-10 00:22 - 2015-08-10 00:22 - 00000000 ____D C:\Users\Кико\AppData\Roaming\PCPitstop 2015-08-09 23:42 - 2015-08-09 23:47 - 00000000 ____D C:\Users\Кико\Desktop\Italo Disco 2015-08-09 20:10 - 2015-08-09 20:10 - 00000000 ____D C:\Users\Кико\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks 2015-08-09 19:27 - 2015-08-09 19:27 - 00015407 _____ C:\Users\Кико\Downloads\Malwarebytes Anti-Malware Premium v2.1.8.1057 Final.torrent 2015-08-09 16:36 - 2015-08-09 16:42 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Кико\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-09 16:34 - 2015-08-09 16:34 - 06693128 _____ (Wargaming.net ) C:\Users\Кико\Downloads\WoT_internet_install_eu.exe 2015-08-09 16:15 - 2015-08-09 16:15 - 01275427 _____ C:\Users\Кико\Downloads\J1mB0_s_Crosshair_Mod_v1.50_-_Curse_Client.zip 2015-08-09 16:10 - 2015-08-09 16:10 - 00012982 _____ C:\Users\Кико\Downloads\The.Stoning.of.Soraya.M.2008.BRRip.x264-WAR.torrent 2015-08-09 16:09 - 2015-08-09 16:09 - 00024603 _____ C:\Users\Кико\Downloads\wtsto.rar 2015-08-09 16:03 - 2015-08-09 16:03 - 00014714 _____ C:\Users\Кико\Downloads\Petite HD Porn 3.torrent 2015-08-09 16:03 - 2015-08-09 16:03 - 00014714 _____ C:\Users\Кико\Downloads\Petite HD Porn 3 (1).torrent 2015-08-07 23:03 - 2015-08-07 23:03 - 00000069 _____ C:\Users\Кико\Desktop\BOBBY O - Obsession (December 2011 NEW RELEASE) - YouTube.url 2015-08-06 11:28 - 2015-08-06 11:28 - 00098432 _____ C:\Users\Кико\Downloads\Battlefield 4 (RePack) (Update 11) [R.G. Games].torrent 2015-08-05 03:11 - 2015-08-05 03:11 - 00000249 _____ C:\Users\Кико\Desktop\Интересни решения - снимки и друго.... - Страница 12.url 2015-08-04 15:55 - 2015-08-11 22:25 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings 2015-08-04 15:55 - 2015-08-04 15:55 - 00000000 ____D C:\Program Files\Common Files\AV 2015-08-04 00:43 - 2015-08-04 00:43 - 00000069 _____ C:\Users\Кико\Desktop\The Voice UK 2013 - Conor Scott performs 'Starry Eyed' - Blind Auditions 3 - BBC One - YouTube.url 2015-08-04 00:29 - 2015-08-04 00:29 - 00000069 _____ C:\Users\Кико\Desktop\Top Greatest First Singing Auditions - YouTube.url 2015-08-04 00:25 - 2015-08-04 00:25 - 00000069 _____ C:\Users\Кико\Desktop\How To Sing Good - 3 Easy Tips For How To Sing Good - YouTube.url 2015-08-04 00:06 - 2015-08-04 00:06 - 00000069 _____ C:\Users\Кико\Desktop\Wiggle - Vintage 1920s Broadway Jason Derulo - Snoop Dogg Cover - YouTube.url 2015-08-02 13:08 - 2015-08-02 13:08 - 00405360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-02 13:08 - 2015-08-02 13:08 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2015-08-02 10:36 - 2015-08-02 10:36 - 00000813 _____ C:\Users\Public\Desktop\Smite.lnk 2015-08-02 10:36 - 2015-08-02 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2015-08-02 10:36 - 2015-08-02 10:36 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2015-08-02 10:33 - 2015-08-02 10:34 - 51997064 _____ (Hi-Rez Studios) C:\Users\Кико\Downloads\InstallHiRezGamesEnglish.exe 2015-08-02 02:22 - 2015-08-10 21:04 - 00000000 ____D C:\Users\Кико\Documents\Euro Truck Simulator 2 2015-08-02 02:19 - 2015-08-02 02:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 2015-08-01 22:12 - 2015-08-01 22:12 - 00034146 _____ C:\Users\Кико\Downloads\ComputerDesktopWallpapers.torrent 2015-08-01 22:05 - 2015-08-01 22:05 - 00015919 _____ C:\Users\Кико\Downloads\Euro.Truck.Simulator.2.v1.19.2.1.Incl.27.DLC-RePack.iso.torrent 2015-07-30 00:08 - 2015-07-30 00:08 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-07-30 00:07 - 2015-07-30 00:07 - 00931408 _____ (Google Inc.) C:\Users\Кико\Downloads\GoogleEarthSetup.exe 2015-07-29 02:24 - 2015-07-29 02:24 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo 2015-07-29 02:24 - 2015-07-29 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-07-29 02:23 - 2015-07-29 02:23 - 02143832 _____ C:\Users\Кико\Downloads\instsf449.exe 2015-07-29 01:49 - 2015-07-29 02:08 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2015-07-29 01:48 - 2015-07-29 01:49 - 21370837 _____ C:\Users\Кико\Downloads\RTSSSetup620-[Guru3D.com].rar 2015-07-29 01:46 - 2015-07-29 01:46 - 01199856 _____ ( ) C:\Users\Кико\Downloads\hwmonitor_1.28.exe 2015-07-28 18:11 - 2015-07-28 18:11 - 00000069 _____ C:\Users\Кико\Desktop\90's Megamix - Dance Hits of the 90s - Epic 2 Hour Video Mix! - YouTube.url 2015-07-27 22:00 - 2015-07-27 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Croteam 2015-07-27 13:36 - 2015-07-27 13:36 - 00023495 _____ C:\Users\Кико\Downloads\Serious.Sam.3.BFE.Gold.Edition-PROPHET.torrent 2015-07-27 13:28 - 2015-07-27 13:29 - 67701008 _____ (Viber Media Inc) C:\Users\Кико\Downloads\ViberSetup.exe 2015-07-26 23:23 - 2015-07-26 23:23 - 00000087 _____ C:\Users\Кико\The Hottest Amateur-Selfies You Have Ever Seen!! - Photo #67.url 2015-07-25 23:47 - 2015-07-25 23:47 - 00000069 _____ C:\Users\Кико\Desktop\Teena Marie - Lovergirl - YouTube.url 2015-07-24 21:53 - 2015-08-10 12:50 - 00000184 _____ C:\Users\Кико\Desktop\Acer24@abv.bg.txt 2015-07-23 09:21 - 2015-07-23 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-07-23 09:19 - 2015-07-23 09:20 - 30993712 _____ (Riot Games) C:\Users\Кико\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe 2015-07-23 00:42 - 2015-07-23 00:42 - 00000000 ____D C:\Users\Кико\AppData\Local\CEF 2015-07-18 11:58 - 2015-08-12 22:03 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0c137f342174d.job 2015-07-18 11:58 - 2015-08-12 20:44 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c137f2566f12.job 2015-07-18 11:58 - 2015-07-18 11:58 - 00003994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0c137f342174d 2015-07-18 11:58 - 2015-07-18 11:58 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0c137f2566f12 2015-07-15 12:19 - 2015-07-15 12:19 - 00000000 ____D C:\Users\Кико\AppData\Roaming\Trove 2015-07-15 10:39 - 2015-06-02 03:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 10:39 - 2015-06-02 02:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 10:38 - 2015-07-04 21:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 10:38 - 2015-07-04 20:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 10:38 - 2015-06-17 20:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 10:38 - 2015-06-17 20:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 10:38 - 2015-04-27 22:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-15 10:38 - 2015-04-27 22:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-15 10:38 - 2015-04-27 22:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-15 10:38 - 2015-04-27 22:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-15 10:38 - 2015-04-27 22:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-07-15 10:38 - 2015-04-27 22:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-07-15 10:38 - 2015-04-27 22:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-07-15 10:38 - 2015-04-27 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-07-15 10:37 - 2015-06-16 00:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 10:37 - 2015-06-16 00:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 10:37 - 2015-06-16 00:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 10:37 - 2015-06-16 00:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 10:37 - 2015-06-16 00:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 10:37 - 2015-06-16 00:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 10:37 - 2015-06-16 00:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 10:37 - 2015-06-16 00:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 10:37 - 2015-06-16 00:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 10:37 - 2015-06-16 00:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 10:37 - 2015-06-16 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 10:37 - 2015-06-16 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-15 10:37 - 2015-06-11 20:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-07-15 10:37 - 2015-06-11 20:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-07-15 10:37 - 2015-06-11 20:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2015-07-13 20:53 - 2015-07-13 20:53 - 00040720 _____ C:\Users\Кико\Downloads\Terminator.2.Judgment.Day.1991.WS.DVDRip.XviD.BG.and.ENG.Audio-Atany.torrent 2015-07-13 20:53 - 2015-07-13 20:53 - 00040720 _____ C:\Users\Кико\Downloads\Terminator.2.Judgment.Day.1991.WS.DVDRip.XviD.BG.and.ENG.Audio-Atany (1).torrent 2015-07-13 20:50 - 2015-07-13 20:50 - 06386866 _____ ( ) C:\Users\Кико\Downloads\MKVPlayerSetupD.exe 2015-07-13 20:48 - 2015-07-13 20:48 - 00056165 _____ C:\Users\Кико\Downloads\MKVToolNix 7.5.0 Final + Portable.torrent 2015-07-13 18:20 - 2015-07-13 18:20 - 00015302 _____ C:\Users\Кико\Downloads\Terminator.2.Judgment.Day.1991.BDRip.x265-WAR (1).torrent 2015-07-13 18:19 - 2015-07-13 18:19 - 00025828 _____ C:\Users\Кико\Downloads\Terminator.2.DirCut.1991.720p.HDDVD.DTS.x264_ESiR.(subs.sab.bz).rar 2015-07-13 18:19 - 2015-07-13 18:19 - 00015302 _____ C:\Users\Кико\Downloads\Terminator.2.Judgment.Day.1991.BDRip.x265-WAR.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-12 22:06 - 2015-01-20 00:52 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-12 22:04 - 2014-10-20 05:53 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec11141dff92.job 2015-08-12 22:03 - 2014-11-13 09:59 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff0f4ff0b4c9.job 2015-08-12 21:58 - 2014-06-18 00:41 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a74e7f78ebf.job 2015-08-12 21:28 - 2015-07-09 19:22 - 00000000 ____D C:\Users\Кико\AppData\Roaming\uTorrent 2015-08-12 21:21 - 2014-01-28 19:16 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2056131698-3958520328-2186146214-1000UA.job 2015-08-12 21:06 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-12 21:06 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-12 20:46 - 2013-09-03 00:56 - 01112495 _____ C:\Windows\WindowsUpdate.log 2015-08-12 20:45 - 2014-05-15 22:29 - 00000000 ____D C:\Users\Кико\AppData\Roaming\ViberPC 2015-08-12 20:44 - 2015-05-18 22:58 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091a4feaf1b16.job 2015-08-12 20:44 - 2013-09-03 02:05 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-12 20:43 - 2015-06-23 14:23 - 00007112 _____ C:\Windows\setupact.log 2015-08-12 20:43 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-12 13:04 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache 2015-08-12 11:00 - 2009-07-14 07:45 - 00431352 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-12 10:58 - 2014-12-11 15:14 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-12 10:58 - 2014-05-07 02:31 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-12 02:35 - 2013-09-15 02:42 - 00000000 ____D C:\Windows\system32\MRT 2015-08-12 02:32 - 2013-09-15 02:42 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-10 18:21 - 2014-01-28 19:16 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2056131698-3958520328-2186146214-1000Core.job 2015-08-10 12:24 - 2015-01-26 17:25 - 00000000 ____D C:\Users\Кико\Desktop\Funny 2015-08-10 10:41 - 2015-03-06 00:41 - 00010124 _____ C:\Windows\PFRO.log 2015-08-09 16:01 - 2013-09-03 00:58 - 00000000 ____D C:\Users\Кико 2015-08-02 21:29 - 2014-06-17 10:10 - 00000000 ____D C:\Users\Кико\AppData\Roaming\SpinTires 2015-08-02 20:18 - 2013-09-03 03:14 - 00000000 ____D C:\Users\Кико\Desktop\Games 2015-08-02 13:55 - 2013-10-13 10:12 - 00000000 ____D C:\Users\Кико\Documents\My Games 2015-08-02 12:38 - 2015-05-26 02:33 - 00037790 _____ C:\Windows\DirectX.log 2015-08-02 10:36 - 2013-09-03 01:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-02 01:48 - 2014-09-20 01:27 - 00000000 ____D C:\Users\Кико\AppData\Local\Warframe 2015-07-31 17:14 - 2013-09-03 11:19 - 00000000 ____D C:\Users\Кико\AppData\Roaming\Skype 2015-07-30 20:54 - 2013-12-15 00:27 - 00000000 ____D C:\Users\Кико\Documents\VirtualDJ 2015-07-29 01:50 - 2013-09-03 11:38 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-07-27 13:39 - 2015-05-24 21:59 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-27 13:38 - 2013-09-03 11:19 - 00000000 ____D C:\ProgramData\Skype 2015-07-27 13:31 - 2014-10-30 01:32 - 00000961 _____ C:\Users\Кико\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-07-27 13:31 - 2014-10-30 01:31 - 00000000 ____D C:\Users\Кико\AppData\Local\Viber 2015-07-24 21:40 - 2015-04-19 20:39 - 00000000 ____D C:\Users\Кико\Desktop\Dokumenti 2015-07-18 11:58 - 2015-05-18 22:58 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d091a4feaf1b16 2015-07-18 11:58 - 2014-11-13 09:59 - 00003994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfff0f4ff0b4c9 2015-07-18 11:45 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-15 11:16 - 2009-07-14 08:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2013-12-23 01:15 - 2015-04-04 04:08 - 0007603 _____ () C:\Users\Кико\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Кико\AppData\Local\Temp\855773e187c67c0dab3ae888acfa66a9.dll C:\Users\Кико\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll C:\Users\Кико\AppData\Local\Temp\sfamcc00001.dll C:\Users\Кико\AppData\Local\Temp\sfextra.dll C:\Users\Кико\AppData\Local\Temp\SkypeSetup.exe C:\Users\Кико\AppData\Local\Temp\unrar.dll C:\Users\Кико\AppData\Local\Temp\_isDD83.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-12 00:31 ==================== End of log ============================ Addition.txt
  3. Добър вечер, HJT група! Вчера си инсталирах въпросната притурка за времето - http://www.windows8downloads.com/win8-weather-gizmo-shxfncyw/ Без каквото и да е уведомление с инсталацията се добавиха и няколко допълнителни програми - YouTube ускорител, iHats и не знам си още какво, които ги деинсталирах от Контролен панел и направих почистване с CCleaner! За всеки случаи реших да направя профилактично сканиране с Malwarebyte's, който държа. Откри гадинки, които след рестартиране си заминаха. До този момент при сканиране не отчита зловред в системата, но все пак искам да направил допълнителни проверки, за да съм сигурен., че няма гадини в затишие или друга подозрителна дейност. Ползвам Windows 8.1 Professional x64 и KAV 2014. PS Прилагам и log от бързо сканиране на Локален диск (C:) от тази вечер на Malwarebyte's: PS 2 Това е log-а от снощи с въпросните зарази, които бяха премахнати: PS3 Не ми дава да постна съдържанието на FRST.txt в коментара и за това го прикачвам допълнително! Addition.txt FRST.txt
  4. Здравейте колеги моля за помощ за деинсталиране на uTorrentControl_v2Toolbar. Опитах през контрол панел - деинсталиране на програми и не става. Също опитах и през CCleaner пак не става. Потърсих с гугъл пращаме да свалям разни програми но реших първо да се попитам първо вас за помощ. Предварително благодаря. Уина е 7 ултимейт 64 сп1
  5. Здравейте, обръщам се към вас с молба за помощ за почистване на системата ми. Опитах да инсталирам Multi Skype Launcher - приложение, което съм ползвал и преди. Свалих го оттук - http://download.cnet.com/Multi-Skype-Launcher/3000-2349_4-75326711.html?part=dl-&subj=dl&tag=button. Още при инсталирането антивирусната ми даде предупреждение за блокиран файл в Temp папките. След това се появиха няколко други нежелани приложения, които почнаха да се ъпдейтват, да отварят страници в браузъра ... Деинсталирах всички и изтрих ръчно папките и файловете, които успях да намеря. Сканирах с Avast, не намери нищо. След това пуснах MBAM, опитах да премахна заразите ръчно и с други почистващи програми. Прикачвам актуалните логове, твърде големи са, за да ги публикувам в темата. Имам инсталационен диск (Windows7 Ultimate x64).
  6. Ето и резултатите след сканирането. FRST.txt Addition.txt
  7. Работи бавно както в интернет така и когато търса нещо в компютъра.Има доста процеси в таск менажера но не знам кои да махна.Компютъра е служебен и ми казаха че има мониторинг но не знаят точно какъв и да внимавам да не го изтрия. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015 Ran by Administrator (administrator) on GLBG1543PC02 on 10-06-2015 09:01:43 Running from D:\Users\Administrator\Desktop Loaded Profiles: Administrator & (Available Profiles: Librarian & Visitor & Administrator) Platform: Microsoft Windows 7 Enterprise Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (OCS Inventory NG) C:\Program Files\OCS Inventory Agent\OcsService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [startCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation) Winlogon\Notify\avldr: avldr.dll [X] Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-31] (Google Inc.) HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Librarian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-24] (Facebook Inc.) HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Yahoo! Search] => C:\Users\Librarian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe [533352 2014-10-31] (Pay By Ads LTD) HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Visitor\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-08] (Google Inc.) HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Yahoo! Search] => C:\Users\Visitor\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352 2015-04-06] (Pay By Ads LTD) HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e1cfbb30-26f5-11e1-8429-806e6f6e6963} - F:\setup.exe HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\MountPoints2: {4f5b41b8-3f6a-11e2-a03f-3cd92b637c04} - G:\Autoplay.exe -auto HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4f5b41b8-3f6a-11e2-a03f-3cd92b637c04} - G:\Autoplay.exe -auto HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.) IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-06-09] () Startup: C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-17] ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-21] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Group Policy Restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Group Policy Restriction detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141 HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://rts.dsrlte.com?affID=na HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://rts.dsrlte.com?affID=na URLSearchHook: HKLM - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871} URLSearchHook: HKLM - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKLM -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutA0C0DzytB0ByCtAyB0CtDyE0D0BtC0CtN0D0Tzu0CtAtBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1760736312 SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DDFDC732-AAD1-47A8-8776-3550658B2875} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=738 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=9C433CD92B637C04&affID=121565&tsp=5008 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=9c43db1c0000000000003cd92b637c04 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6CFCCE7A-1268-4F59-949C-754A9EE916F8&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=980 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=9C433CD92B637C04&affID=121565&tsp=5008 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=9c43db1c0000000000003cd92b637c04 SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6CFCCE7A-1268-4F59-949C-754A9EE916F8&q={searchTerms} SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=980 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.) BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM - No Name - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - No File Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: AutorunsDisabled\skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default FF NewTab: FF DefaultSearchEngine: Bing FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Keyword.URL: FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-us|hxxp://rts.dsrlte.com?affID=na FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL No File FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL No File FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-12] (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-12] (globalUpdate) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-31] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-31] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: facebook.com/fbDesktopPlugin -> C:\Users\Librarian\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Visitor\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Visitor\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.) FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.) FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\user.js [2013-09-17] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Ask.xml [2014-10-02] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\bingp.xml [2015-04-03] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\browsemngr.xml [2012-11-13] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\conduit-search.xml [2013-09-26] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\dsrlte.xml [2015-01-22] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Funmoods.xml [2012-11-16] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\mixidj.xml [2013-09-17] FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Search_Results.xml [2012-11-12] FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml [2014-10-02] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-10-02] FF Extension: Default Tab - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\addon@defaulttab.com [2013-09-17] FF Extension: Funmoods.com - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ffxtlbr@funmoods.com [2012-11-16] FF Extension: new game - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\Sq3TM@gmail.com [2015-04-02] FF Extension: Casual Games - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ZAGeTQ8H@gmail.com [2015-05-28] FF Extension: Ask New Tabs - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{9A7DF664-82DC-020F-C190-9A665AF83389} [2014-04-09] FF Extension: SimilarSites - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{E71B541F-5E72-5555-A47C-E47863195841} [2013-04-11] FF Extension: Flash Video Downloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\artur.dubovoy@gmail.com.xpi [2012-09-25] FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-26] FF Extension: Feedback - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-12-04] FF Extension: Download YouTube Videos as MP4 - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2012-09-25] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-10] FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi [not found] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01] FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01] FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01] FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12] FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08] CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08] CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-25] CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-25] CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-25] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-08] CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08] CHR Extension: (Bookmark Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-24] CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08] CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26] CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-25] CHR HKLM\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [Not Found] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21] CHR HKLM\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\Administrator\AppData\Roaming\SimilarSites\similarsites.crx [Not Found] CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Administrator\AppData\Local\I Want This\Chrome\I Want This.crx [Not Found] CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-28] OPR Extension: (lucky leap) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom [2015-04-20] OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\onbakjbemhciecaakohbeichgilnhhne [2015-04-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed] R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-21] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-21] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 bProtector; C:\ProgramData\bProtector\bProtect.exe [X] S4 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc [X] <==== ATTENTION S4 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION S2 Util lucky leap; "C:\Program Files\lucky leap\bin\utilluckyleap.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed] R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-21] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-05-21] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-21] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [271248 2015-05-21] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-21] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-21] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-21] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-21] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-21] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-21] () S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-05-14] (HID Global Corporation) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed] S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-14] (Broadcom Corporation) [File not signed] R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-10] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) R1 MpKsl436a8c4f; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81093FBA-0347-46D4-A016-D06A4B3C8376}\MpKsl436a8c4f.sys [39464 2015-06-09] (Microsoft Corporation) R1 MpKsl9f5dc433; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81093FBA-0347-46D4-A016-D06A4B3C8376}\MpKsl9f5dc433.sys [39464 2015-06-10] (Microsoft Corporation) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed] R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-21] (Avast Software) R1 {3b232d24-d5de-4194-b4d7-d53b41a09748}w; C:\Windows\System32\drivers\{3b232d24-d5de-4194-b4d7-d53b41a09748}w.sys [52416 2014-09-10] (StdLib) R1 {6ed88207-da38-4867-b856-ed5820836aa5}w; C:\Windows\System32\drivers\{6ed88207-da38-4867-b856-ed5820836aa5}w.sys [43152 2014-11-27] (StdLib) R1 {d7e589a9-c9af-419b-8b29-f43cc9595584}w; C:\Windows\System32\drivers\{d7e589a9-c9af-419b-8b29-f43cc9595584}w.sys [43152 2014-11-30] (StdLib) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S1 yoqododh; \??\C:\Windows\system32\drivers\yoqododh.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-10 09:04 - 2015-06-10 09:04 - 00000000 ____D C:\Program Files\Microsoft Office 2015-06-10 08:56 - 2015-06-10 09:02 - 00000000 ____D C:\FRST 2015-06-09 09:04 - 2015-05-24 12:40 - 00593048 ____N (Sysinternals - www.sysinternals.com) C:\autorunsc.exe 2015-06-09 09:04 - 2015-05-24 12:39 - 00680600 ____N (Sysinternals - www.sysinternals.com) C:\Autoruns.exe 2015-06-09 09:04 - 2014-06-28 16:47 - 00002028 ____N C:\Eula.txt 2015-06-09 08:34 - 2015-06-09 08:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\{9B08D2F6-41FE-40B1-8E2D-67A5F54D5468} 2015-06-08 11:46 - 2015-06-08 11:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\VSRevoGroup 2015-06-08 11:43 - 2015-06-08 11:43 - 00000000 ____D C:\Program Files\VS Revo Group 2015-06-08 10:09 - 2015-06-10 08:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-08 10:09 - 2015-06-08 10:09 - 00001026 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-08 10:09 - 2015-06-08 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-08 10:08 - 2015-06-08 10:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-06-08 10:08 - 2015-06-08 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-06-08 10:08 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-08 10:08 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-08 10:08 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-08 08:46 - 2015-06-08 08:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\{55898BB4-84DB-4972-A6D3-1C422794C945} 2015-06-05 13:14 - 2015-05-22 21:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-05 13:14 - 2015-05-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-05 13:14 - 2015-05-22 21:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-05 13:14 - 2015-05-22 21:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-05 13:14 - 2015-05-22 21:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-05 13:14 - 2015-05-22 21:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-05 13:14 - 2015-05-22 20:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-05 13:14 - 2015-05-21 16:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-05 13:01 - 2015-06-05 13:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\{B049210D-E73B-4D44-970C-05480D1A0D2B} 2015-06-02 10:06 - 2015-06-04 10:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{2E0E6D98-968E-4C86-8268-82718DF5A82A} 2015-05-29 09:12 - 2015-05-29 09:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6CA558CC-73B4-4398-95F9-E50444B2C26F} 2015-05-28 13:26 - 2015-06-09 13:58 - 00000448 _____ C:\Windows\Tasks\casual_games_helper_service.job 2015-05-28 13:26 - 2015-05-28 13:26 - 00000000 ____D C:\Program Files\Casual Games 2015-05-28 10:46 - 2015-05-28 10:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\{BD0DDE8F-FFF3-4EC5-83CF-F95D466E12EF} 2015-05-27 12:16 - 2015-05-27 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{C3E4B2B2-DF21-425B-A86D-13700E573D2E} 2015-05-26 12:50 - 2015-05-26 12:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A5570127-7FF7-45DB-88E2-DD178A14086B} 2015-05-25 12:51 - 2015-06-09 13:58 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500UA.job 2015-05-25 12:51 - 2015-06-09 13:58 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500Core.job 2015-05-25 11:49 - 2015-05-25 11:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\{8B24C122-E5A7-4B6C-8C5E-8B75D03CF937} 2015-05-22 09:27 - 2015-05-22 09:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\{E68D8378-FC2E-4AE7-8193-639A705BDA72} 2015-05-21 13:02 - 2015-05-21 13:03 - 00000000 ____D C:\Windows\system32\vbox 2015-05-21 12:53 - 2015-05-21 12:52 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-05-21 12:53 - 2015-05-21 12:52 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys 2015-05-21 12:52 - 2015-05-21 12:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-05-21 12:51 - 2015-05-21 12:51 - 00271248 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys 2015-05-21 11:18 - 2015-05-21 11:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A159BB46-20C8-4923-BFD7-1B9B3B92EB9E} 2015-05-20 13:15 - 2015-05-20 13:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D1FB0108-07FA-437F-9A97-A09534B49E55} 2015-05-19 09:43 - 2015-05-19 09:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\{0F2D45D9-FF5C-46B5-B01F-4ABD68CD81C6} 2015-05-18 10:17 - 2015-05-18 10:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6B81EFE9-D98C-4433-9719-07394B3803EE} 2015-05-15 10:45 - 2015-05-15 10:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\{5E21014A-BBCB-4F87-A403-C2A4E99D190D} 2015-05-13 12:25 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 10:29 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 10:29 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 10:28 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 10:28 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-05-13 10:28 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 10:28 - 2015-04-27 22:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 10:28 - 2015-04-27 22:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 10:28 - 2015-04-27 22:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 10:28 - 2015-04-27 22:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 10:28 - 2015-04-27 22:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 10:28 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 10:28 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 10:28 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 10:28 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 10:28 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 10:28 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 10:28 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 10:28 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 10:28 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 10:28 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 10:28 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 10:28 - 2015-04-27 21:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 10:28 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 10:28 - 2015-04-20 05:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 10:28 - 2015-04-20 05:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 10:28 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 10:27 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 10:27 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 10:27 - 2015-04-21 19:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 10:27 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 10:27 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 10:27 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 10:27 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 10:27 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 10:27 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 10:27 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 10:27 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 10:27 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 10:27 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 10:27 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 10:27 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 10:27 - 2015-04-21 18:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 10:27 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 10:27 - 2015-04-21 18:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 10:27 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 10:27 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 10:27 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 10:27 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 10:27 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 10:27 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 10:27 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 10:27 - 2015-04-21 18:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 10:27 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 10:27 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 10:27 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 10:27 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 10:27 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 10:27 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 10:27 - 2015-04-13 06:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 10:24 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 10:24 - 2015-04-08 06:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 10:24 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 10:24 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 10:24 - 2015-03-04 07:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 10:24 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 09:39 - 2015-05-13 09:39 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D8D53B24-10D1-46A4-A214-E7C7BD2096B8} 2015-05-11 08:49 - 2015-05-11 08:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\{FD17A642-E643-4744-9064-EC6601204F7A} ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-10 09:05 - 2010-10-24 22:53 - 01257428 _____ C:\Windows\WindowsUpdate.log 2015-06-10 09:05 - 2010-10-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-10 08:48 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-10 08:48 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-10 08:34 - 2012-06-25 14:19 - 06455142 _____ C:\XrxUsd.log 2015-06-10 08:34 - 2010-10-25 14:50 - 00000000 ____D C:\Users\Administrator 2015-06-10 08:33 - 2014-09-12 13:21 - 00003464 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7.job 2015-06-10 08:33 - 2014-09-12 13:21 - 00003464 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-6.job 2015-06-10 08:33 - 2014-09-12 13:20 - 00004490 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11.job 2015-06-10 08:33 - 2013-07-02 08:32 - 00027062 _____ C:\Windows\setupact.log 2015-06-10 08:33 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-09 16:43 - 2010-10-31 18:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype 2015-06-09 13:58 - 2015-04-02 13:48 - 00001304 _____ C:\Windows\Tasks\new_game_notification_service.job 2015-06-09 13:58 - 2015-04-02 13:48 - 00000666 _____ C:\Windows\Tasks\new_game_updating_service.job 2015-06-09 13:58 - 2014-09-12 13:21 - 00000900 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-06-09 13:58 - 2014-09-12 13:21 - 00000896 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-06-09 13:58 - 2013-03-04 10:31 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-09 13:58 - 2013-03-04 10:31 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-09 13:58 - 2012-04-17 12:11 - 00001098 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job 2015-06-09 13:58 - 2012-04-17 12:11 - 00001076 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job 2015-06-09 13:58 - 2011-04-04 16:21 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job 2015-06-09 13:58 - 2011-04-04 16:21 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job 2015-06-09 13:58 - 2010-10-31 14:28 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006UA.job 2015-06-09 13:58 - 2010-10-31 14:28 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006Core.job 2015-06-08 16:52 - 2012-07-04 12:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\I Want This 2015-06-08 16:48 - 2015-04-02 13:48 - 00000000 ____D C:\Program Files\new game 2015-06-08 16:10 - 2015-04-03 08:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 2015-06-08 16:10 - 2011-03-25 20:30 - 00109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2015-06-08 16:09 - 2013-03-04 10:31 - 00000000 ____D C:\Program Files\Google 2015-06-08 16:09 - 2010-10-24 19:25 - 00331874 _____ C:\Windows\PFRO.log 2015-06-08 16:08 - 2010-10-31 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2015-06-08 16:05 - 2013-09-05 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-06-08 16:05 - 2013-09-05 11:49 - 00000000 ____D C:\Program Files\Canon 2015-06-08 16:03 - 2013-01-03 11:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\calibre 2015-06-08 16:03 - 2013-01-03 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2015-06-08 15:57 - 2009-07-14 07:33 - 03763560 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\BitComet 2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) 2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera 2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera 2015-06-08 15:34 - 2014-12-11 15:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape 2015-06-08 15:32 - 2013-09-17 15:03 - 00000000 ____D C:\ProgramData\SimilarSites 2015-06-08 15:32 - 2012-11-16 17:42 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SimilarSites 2015-06-08 15:30 - 2013-06-21 10:16 - 00000000 ____D C:\Program Files\TeamViewer 2015-06-08 15:30 - 2012-11-22 12:50 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer 2015-06-08 15:29 - 2012-11-12 15:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\BearShare 2015-06-08 15:27 - 2010-10-30 13:58 - 00000000 ____D C:\Program Files\Windows Live 2015-06-08 15:22 - 2013-09-13 09:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\WebPlayer 2015-06-08 15:21 - 2012-04-26 10:02 - 140266064 _____ C:\xxbgtask.log 2015-06-08 15:12 - 2015-02-02 17:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity 2015-06-08 08:46 - 2009-07-14 05:04 - 00000710 _____ C:\Windows\win.ini 2015-06-08 08:42 - 2014-12-11 13:38 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-08 08:42 - 2014-05-10 08:49 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-05-29 13:42 - 2010-10-24 19:26 - 00980294 _____ C:\Windows\system32\perfh01F.dat 2015-05-29 13:42 - 2010-10-24 19:26 - 00455792 _____ C:\Windows\system32\perfc01F.dat 2015-05-29 13:42 - 2010-10-24 18:25 - 00006444 _____ C:\Windows\system32\PerfStringBackup.INI 2015-05-29 09:16 - 2010-10-24 18:32 - 00000000 ____D C:\ProgramData\Skype 2015-05-26 12:52 - 2013-09-25 13:32 - 00000000 ___RD C:\Program Files\Skype 2015-05-21 12:52 - 2014-09-24 13:10 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-05-21 12:52 - 2014-09-24 13:10 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys 2015-05-21 12:52 - 2013-03-04 09:35 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys 2015-05-21 12:52 - 2013-03-04 09:35 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2015-05-21 12:52 - 2013-01-10 13:55 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-05-21 12:52 - 2013-01-10 13:55 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-05-21 12:52 - 2013-01-10 13:55 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-05-21 12:52 - 2013-01-10 13:55 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-05-15 16:55 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Windows Journal 2015-05-15 12:10 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache 2015-05-15 11:18 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\tr-TR 2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2015-05-15 10:34 - 2010-10-24 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-05-13 12:24 - 2010-10-24 20:22 - 00000039 _____ C:\Windows\vbaddin.ini 2015-05-13 12:23 - 2015-03-04 10:02 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Center Endpoint Protection.lnk 2015-05-13 12:23 - 2011-03-25 23:13 - 00001945 _____ C:\Windows\epplauncher.mif 2015-05-13 12:22 - 2013-09-25 13:32 - 00000000 ____D C:\Program Files\Microsoft Security Client 2015-05-13 12:04 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT 2015-05-13 12:04 - 2010-10-24 18:39 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-13 11:58 - 2010-10-24 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight ==================== Files in the root of some directories ======= 2014-09-12 13:18 - 2014-09-12 13:18 - 6010880 _____ () C:\Program Files\GUT7668.tmp 2013-01-19 10:44 - 2013-01-19 10:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll 2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX 2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3 2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\KfOwsG9x 2013-09-23 12:52 - 2015-02-17 13:54 - 0000135 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG 2010-10-29 19:41 - 2014-09-12 13:09 - 0008082 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml 2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T 2012-11-16 17:43 - 2012-11-16 17:42 - 0290500 _____ () C:\Users\Administrator\AppData\Local\funmoods-speeddial_sf.crx 2012-11-16 17:43 - 2012-11-16 17:42 - 0031465 _____ () C:\Users\Administrator\AppData\Local\funmoods.crx 2010-10-26 17:33 - 2010-10-26 17:33 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg 2014-04-15 11:35 - 2014-04-15 11:35 - 0005113 _____ () C:\ProgramData\mtbjfghn.xbe Some files in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\DeltaTB.exe C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuuimyg.dll C:\Users\Administrator\AppData\Local\Temp\SkypeSetup.exe C:\Users\Administrator\AppData\Local\Temp\WSSetup.exe C:\Users\Visitor\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe C:\Users\Visitor\AppData\Local\Temp\SkypeSetup.exe C:\Users\Visitor\AppData\Local\Temp\tmpCB3A.exe C:\Users\Visitor\AppData\Local\Temp\_D6.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-09 12:15 ==================== End of log ============================ Addition.txt
  8. Рестарирам си пц-то аз и пускам скайп и гледам спами на всички абонати "check this out" не съм отварял никакви линкове и незнам как съм го прихванал
  9. имам проблем с аваста не мога да я деинсталирам DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702Run by Todor at 22:43:14 on 2013-11-09Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.959.174 [GMT 2:00].AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: avast! Internet Security *Enabled* .============== Running Processes ================.C:WINDOWSExplorer.EXEC:Program FilesAVAST SoftwareAvastAvastSvc.exeC:Program FilesAVAST SoftwareAvastafwServ.exeC:WINDOWSsystem32spoolsv.exeC:WINDOWSRTHDCPL.EXEC:WINDOWSFixCamera.exeC:WINDOWStsnpstd3.exeC:WINDOWSvsnpstd3.exeC:Program FilesNokiaNokia PC Suite 7PCSuite.exeC:Program FilesPANDORA.TVPanServicePandoraService.exeC:WINDOWSsystem32ctfmon.exeC:WINDOWSDatecsFlex2K.exeC:Program FilesPANDORA.TVPanServicePanProcess.exeC:Program FilesPC Connectivity SolutionServiceLayer.exeC:WINDOWSSystem32alg.exeC:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exeC:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exeC:WINDOWSsystem32msiexec.exeC:Program FilesSkypePhoneSkype.exeC:Program FilesGoogleChromeApplicationchrome.exeC:Program FilesGoogleChromeApplicationchrome.exeC:Program FilesGoogleChromeApplicationchrome.exeC:Program FilesGoogleChromeApplicationchrome.exeC:Program FilesGoogleChromeApplicationchrome.exeC:WINDOWSsystem32wbemwmiprvse.exeC:WINDOWSsystem32svchost.exe -k DcomLaunchC:WINDOWSsystem32svchost.exe -k rpcssC:WINDOWSSystem32svchost.exe -k netsvcsC:WINDOWSsystem32svchost.exe -k NetworkServiceC:WINDOWSsystem32svchost.exe -k LocalServiceC:WINDOWSsystem32svchost.exe -k imgsvcC:WINDOWSSystem32svchost.exe -k HTTPFilter.============== Pseudo HJT Report ===============. BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:program filesadobeacrobat 7.0activexAcroIEHelper.dllBHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:program filesbitcomettoolsBitCometBHO_1.5.4.11.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:program filesavast softwareavastaswWebRepIE.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:program filesavast softwareavastaswWebRepIE.dlluRun: [PC Suite Tray] "c:program filesnokianokia pc suite 7PCSuite.exe" -onlytrayuRun: [skype] "c:program filesskypephoneSkype.exe" /minimized /regrunuRun: [ctfmon.exe] c:windowssystem32ctfmon.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [skyTel] SkyTel.EXEmRun: [FixCamera] c:windowsFixCamera.exemRun: [tsnpstd3] c:windowstsnpstd3.exemRun: [snpstd3] c:windowsvsnpstd3.exemRun: [NeroFilterCheck] c:windowssystem32NeroCheck.exemRun: [AvastUI.exe] "c:program filesavast softwareavastAvastUI.exe" /noguiStartupFolder: c:docume~1alluse~1startm~1programsstartupadober~1.lnk - c:program filesadobeacrobat 7.0readerreader_sl.exeStartupFolder: c:docume~1alluse~1startm~1programsstartupflexty~1.lnk - c:windowsdatecsFlex2K.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:323uPolicies-Explorer: NoDriveAutoRun = dword:67108863uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveAutoRun = dword:67108863mPolicies-Explorer: NoDriveTypeAutoRun = dword:323mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:323mPolicies-Explorer: NoDriveAutoRun = dword:67108863IE: &С&валяне &с BitComet - c:program filesbitcometBitComet.exe/AddLink.htmIE: &С&валяне на всички с BitComet - c:program filesbitcometBitComet.exe/AddAllLink.htmIE: E&xport to Microsoft Excel - c:progra~1micros~2office11EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:program filesbitcomettoolsBitCometBHO_1.5.4.11.dll/206IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exeTCP: NameServer = 192.168.7.1TCP: Interfaces{4746E979-1066-4332-A3BB-9DC856F2659D} : DHCPNameServer = 192.168.7.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dllSecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication30.0.1599.101installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 aswNdis;avast! Firewall NDIS Filter Service;c:windowssystem32driversaswNdis.sys [2013-10-19 12112]R0 aswNdis2;avast! Firewall NDIS Driver;c:windowssystem32driversaswNdis2.sys [2013-10-19 247192]R0 aswRvrt;avast! Revert;c:windowssystem32driversaswRvrt.sys [2013-8-8 49944]R0 aswVmm;avast! VM Monitor;c:windowssystem32driversaswVmm.sys [2013-8-8 178304]R0 mv61xxmm;mv61xxmm;c:windowssystem32driversmv61xxmm.sys [2012-12-18 14184]R0 mv64xxmm;mv64xxmm;c:windowssystem32driversmv64xxmm.sys [2012-12-18 5632]R0 mvxxmm;mvxxmm;c:windowssystem32driversmvxxmm.sys [2012-12-18 14184]R0 nvlegacy;nvlegacy;c:windowssystem32driversnvlegacy.sys [2012-12-18 100736]R1 aswKbd;aswKbd;c:windowssystem32driversaswKbd.sys [2013-10-19 26136]R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [2013-8-8 774392]R1 aswSP;aswSP;c:windowssystem32driversaswsp.sys [2013-8-8 403440]R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [2013-8-8 35656]R2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2013-8-8 70384]R2 avast! Antivirus;avast! Antivirus;c:program filesavast softwareavastAvastSvc.exe [2013-8-8 50344]R2 avast! Firewall;avast! Firewall;c:program filesavast softwareavastafwServ.exe [2013-10-19 179088]R2 PanService;PandoraService;c:program filespandora.tvpanservicePandoraService.exe [2013-8-8 625304]S2 gupdate;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2013-8-8 116648]S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2013-9-5 171680]S3 gupdatem;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2013-8-8 116648].=============== File Associations ===============.ShellExec: BitComet.exe: open="c:program filesbitcometBitComet.exe".=============== Created Last 30 ================.2013-10-23 06:19:55 26240 -c--a-w- c:windowssystem32dllcacheusbser.sys2013-10-23 06:19:55 26240 ----a-w- c:windowssystem32driversusbser.sys2013-10-23 06:19:21 14640 ------w- c:windowssystem32spmsgXP_2k3.dll2013-10-23 06:19:16 23856 ----a-w- c:windowssystem32spupdsvc.exe2013-10-19 07:01:37 -------- d-----w- c:documents and settingstodorapplication dataAVAST Software2013-10-19 06:52:24 247192 ----a-w- c:windowssystem32driversaswNdis2.sys2013-10-19 06:52:23 104752 ----a-w- c:windowssystem32driversaswFW.sys2013-10-19 06:52:21 26136 ----a-w- c:windowssystem32driversaswKbd.sys2013-10-19 06:52:02 12112 ----a-w- c:windowssystem32driversaswNdis.sys.==================== Find3M ====================.2013-10-19 06:58:08 774392 ----a-w- c:windowssystem32driversaswSnx.sys2013-10-19 06:58:08 70384 ----a-w- c:windowssystem32driversaswMonFlt.sys2013-10-19 06:58:08 49944 ----a-w- c:windowssystem32driversaswRvrt.sys2013-10-19 06:58:08 178304 ----a-w- c:windowssystem32driversaswVmm.sys2013-10-19 06:58:07 43152 ----a-w- c:windowsavastSS.scr2013-09-23 18:33:58 920064 ----a-w- c:windowssystem32wininet.dll2013-09-23 18:33:57 43520 ----a-w- c:windowssystem32licmgr10.dll2013-09-23 18:33:57 1469440 ----a-w- c:windowssystem32inetcpl.cpl2013-09-23 18:33:56 18944 ----a-w- c:windowssystem32corpol.dll2013-09-23 18:06:48 385024 ----a-w- c:windowssystem32html.iec2013-08-29 01:31:44 1878656 ----a-w- c:windowssystem32win32k.sys.============= FINISH: 22:43:36.60 ===============UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-09-30.01).Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 8/8/2013 5:24:26 PMSystem Uptime: 11/9/2013 10:33:08 PM (0 hours ago).Motherboard: | | AM2NF6G-VSTAProcessor: AMD Sempron Processor 3200+ | CPUSocket | 1808/200mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 10 GiB total, 1.649 GiB free.D: is FIXED (NTFS) - 44 GiB total, 38.169 GiB free.E: is FIXED (NTFS) - 44 GiB total, 32.637 GiB free.F: is FIXED (NTFS) - 51 GiB total, 42.695 GiB free.G: is CDROM (UDF).==== Disabled Device Manager Items =============.Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}Description: NVIDIA nForce Networking ControllerDevice ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}NVNET_DEV03EF4&1E6AA3F3&0&00Manufacturer: NVIDIAName: NVIDIA nForce Networking ControllerPNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}NVNET_DEV03EF4&1E6AA3F3&0&00Service: NVENETFD.==== System Restore Points ===================.RP55: 10/28/2013 11:33:55 AM - System CheckpointRP56: 10/29/2013 11:40:57 AM - System CheckpointRP57: 10/30/2013 2:34:38 PM - System CheckpointRP58: 10/31/2013 4:19:05 PM - System CheckpointRP59: 11/1/2013 7:23:14 PM - System CheckpointRP60: 11/2/2013 8:18:59 PM - System CheckpointRP61: 11/3/2013 9:43:49 PM - System CheckpointRP62: 11/5/2013 9:13:55 AM - System CheckpointRP63: 11/6/2013 10:03:32 AM - System CheckpointRP64: 11/7/2013 12:38:42 PM - System CheckpointRP65: 11/8/2013 12:55:22 PM - System CheckpointRP66: 11/9/2013 12:59:22 PM - System Checkpoint.==== Installed Programs ======================.Adobe Reader 7.0.7avast! Internet SecurityBitComet 1.36Canon Camera Access LibraryCanon Camera Support Core LibraryCanon Camera Window DC_DV 5 for ZoomBrowser EXCanon Camera Window DC_DV 6 for ZoomBrowser EXCanon Camera Window MC 6 for ZoomBrowser EXCanon G.726 WMP-DecoderCanon MovieEdit Task for ZoomBrowser EXCanon RAW Image Task for ZoomBrowser EXCanon RemoteCapture Task for ZoomBrowser EXCanon Utilities EOS UtilityCanon Utilities PhotoStitchCanon Utilities ZoomBrowser EXFlexType 2KGoogle ChromeGoogle Update HelperMalwarebytes Anti-Malware, Іµрсёя 1.75.0.1300Microsoft Kernel-Mode Driver Framework Feature Pack 1.7Microsoft Office Professional Edition 2003Microsoft Office Visio Professional 2003Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MSVC80_x86_v2MSXML 4.0 SP3 Parser (KB2758694)MyDefrag v4.3.1Nero 7 PremiumNokia Connectivity Cable DriverNokia PC SuiteNVIDIA DriversPandora ServicePC Connectivity SolutionRealtek High Definition Audio DriverSecurity Update for CAPICOM (KB931906)Security Update for Windows Internet Explorer 8 (KB2846071)Security Update for Windows Internet Explorer 8 (KB2862772)Security Update for Windows Internet Explorer 8 (KB2870699)Security Update for Windows Internet Explorer 8 (KB2879017)Security Update for Windows Media Player (KB2803821-v2)Security Update for Windows Media Player (KB2803821)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2847311)Security Update for Windows XP (KB2849470)Security Update for Windows XP (KB2850851)Security Update for Windows XP (KB2850869)Security Update for Windows XP (KB2859537)Security Update for Windows XP (KB2862330)Security Update for Windows XP (KB2862335)Security Update for Windows XP (KB2864063)Security Update for Windows XP (KB2876217)Security Update for Windows XP (KB2876315)Security Update for Windows XP (KB2883150)Security Update for Windows XP (KB2884256)Skype™ 6.10The KMPlayer (remove only)Update for Windows XP (KB2863058)WEBCAM USBWebFldrs XPWindows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)Windows Driver Package - Nokia Modem (10/05/2009 4.2)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)WinRAR archiver.==== Event Viewer Messages From Past Week ========.11/9/2013 8:54:13 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.11/5/2013 8:36:56 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the dmserver service.11/5/2013 8:30:35 PM, error: Cdrom [11] - The driver detected a controller error on DeviceCdRom0.11/3/2013 6:16:36 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service..==== End Of File ===========================
  10. Днес попаднах на един лаптоп с антивирусна eset Endpoint security. Вчера ползвателя на компютъра е отворил някакъв линк и антивирусната му постоянно открива вирус spy.zbot.yw. Изписва че го изтрива, но явно не успява понеже през 1 час антивирусната пак го открива. Постоянно спира различни програми, като: Outlook, IE, Mozilla Ето логовете от FRST FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01Ran by Kremena Georgieva (administrator) on AVANTYS-LPC on 09-05-2014 13:47:26Running from C:UsersKremena GeorgievaDesktopWindows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Enigma Software Group USA, LLC.) C:Program FilesEnigma Software GroupSpyHunterSH4Service.exe(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe(NVIDIA Corporation) C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe(IDT, Inc.) C:Program FilesIDTWDMstacsv64.exe(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe(Microsoft Corporation) C:WindowsSystem32wlanext.exe(ABBYY (BIT Software)) C:Program Files (x86)ABBYY FineReader 9.0NetworkLicenseServer.exe(Andrea Electronics Corporation) C:Program FilesIDTWDMAESTSr64.exe(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe(ESET) C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe(Intel® Corporation) C:Program FilesIntelWiFibinEvtEng.exe(COMPANYVERS_NAME) C:Program Files (x86)FromDocToPDF_65bar1.bin65barsvc.exe() C:WindowsSysWOW64FUSServices.exe(HP) C:Program Files (x86)HPHPLaserJetServiceHPLaserJetService.exe(HP) C:WindowsSystem32HPSIsvc.exe(Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe(TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion8TeamViewer_Service.exe(Intel Corporation) C:WindowsSystem32igfxtray.exe(Intel Corporation) C:WindowsSystem32igfxpers.exe(Alps Electric Co., Ltd.) C:Program FilesDellTPadApoint.exe(Alps Electric Co., Ltd.) C:Program FilesDellTPadApMsgFwd.exe(Dell Inc.) C:Program FilesDellQuickSetquickset.exe(Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe(Alps Electric Co., Ltd.) C:Program FilesDellTPadhidfind.exe(Alps Electric Co., Ltd.) C:Program FilesDellTPadApntEx.exe(IDT, Inc.) C:Program FilesIDTWDMsttray64.exe(Intel Corporation) C:WindowsSystem32hkcmd.exe(Intel® Corporation) C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe(ESET) C:Program FilesESETESET NOD32 Antivirusegui.exe() C:Program Files (x86)FromDocToPDF_65bar1.binAppIntegrator64.exe(Nero AG) C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe(Synaptics Incorporated) C:Program Files (x86)SynapticsScrybescrybe.exe(Renesas Electronics Corporation) C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe(Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe(Nero AG) C:Program Files (x86)Common FilesNeroLibNMIndexingService.exe(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe(Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE(Intel Corporation) C:Program FilesIntelBluetoothHSBTHSAmpPalService.exe(Intel® Corporation) C:Program FilesIntelBluetoothHSBTHSSecurityMgr.exe(Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe(Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe(Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe(Google) C:UsersKremena GeorgievaAppDataLocalGoogleGoogle Talk Plugingoogletalkplugin.exe(Malwarebytes Corporation) C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe(Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedDWDW20.EXE(Skype Technologies S.A.) C:Program Files (x86)SkypePhoneSkype.exe(TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion8TeamViewer.exe(TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion8tv_w32.exe(TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion8tv_x64.exe(TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion8TeamViewer_Desktop.exe(Microsoft Corporation) C:Program FilesInternet Exploreriexplore.exe ==================== Registry (Whitelisted) ================== HKLM...Run: [Apoint] => C:Program FilesDellTPadApoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)HKLM...Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:Program FilesIntelTurboBoostRunTBGadgetOnce.vbs"HKLM...Run: [QuickSet] => C:Program FilesDellQuickSetQuickSet.exe [3668336 2011-03-24] (Dell Inc.)HKLM...Run: [synTPEnh] => C:Program FilesSynapticsSynTPSynTPEnh.exe [2735400 2011-03-31] (Synaptics Incorporated)HKLM...Run: [sysTrayApp] => C:Program FilesIDTWDMsttray64.exe [525312 2011-01-25] (IDT, Inc.)HKLM...Run: [intelPROSet] => C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe [1935120 2012-01-04] (Intel® Corporation)HKLM...Run: [egui] => C:Program FilesESETESET NOD32 Antivirusegui.exe [4144944 2013-02-14] (ESET)HKLM...Run: [FromDocToPDF Home Page Guard 64 bit] => C:Program Files (x86)FromDocToPDF_65bar1.binAppIntegrator64.exe [548936 2013-10-02] ()HKLM-x32...Run: [NUSB3MON] => C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)HKLM-x32...Run: [iAStorIcon] => C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe [283160 2010-11-05] (Intel Corporation)HKLM-x32...Run: [PWRISOVM.EXE] => C:Program Files (x86)PowerISOPWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)HKLM-x32...Run: [] => [X]HKLM-x32...Run: [HPUsageTrackingLEDM] => C:Program Files (x86)HPHP UT LEDMbinhppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)HKLM-x32...Run: [FromDocToPDF Search Scope Monitor] => C:Program Files (x86)FromDocToPDF_65bar1.bin65SrchMn.exe [44784 2013-10-02] (MindSpark)WinlogonNotifyigfxcui: C:Windowssystem32igfxdev.dll (Intel Corporation)HKUS-1-5-21-1639035527-594000354-161818179-1000...Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)HKUS-1-5-21-1639035527-594000354-161818179-1000...Run: [Google Update] => C:UsersKremena GeorgievaAppDataLocalGoogleUpdateGoogleUpdate.exe [136176 2011-09-02] (Google Inc.)HKUS-1-5-21-1639035527-594000354-161818179-1000...Run: [internet Security] => C:ProgramDataildefender.exeHKUS-1-5-21-1639035527-594000354-161818179-1000...Run: [skype] => C:Program Files (x86)SkypePhoneSkype.exe [20922016 2014-02-10] (Skype Technologies S.A.)HKUS-1-5-21-1639035527-594000354-161818179-1000...Run: [dufy.exe] => C:UsersKremena GeorgievaAppDataRoamingUxmidufy.exe [0 2014-05-09] ()HKUS-1-5-21-1639035527-594000354-161818179-1000...MountPoints2: F - F:OriginInstaller.exeHKUS-1-5-21-1639035527-594000354-161818179-1000...MountPoints2: {4194b8eb-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmb_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-1000...MountPoints2: {4194b8fb-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmc_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-1000...MountPoints2: {4194b900-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmc_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)HKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Run: [Google Update] => C:UsersKremena GeorgievaAppDataLocalGoogleUpdateGoogleUpdate.exe [136176 2011-09-02] (Google Inc.)HKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Run: [internet Security] => C:ProgramDataildefender.exeHKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Run: [skype] => C:Program Files (x86)SkypePhoneSkype.exe [20922016 2014-02-10] (Skype Technologies S.A.)HKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: F - F:OriginInstaller.exeHKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: {4194b8eb-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmb_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: {4194b8fb-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmc_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: {4194b900-d5ea-11e0-a8cc-bc77373ea80e} - G:setup_vmc_lite.exe /checkApplicationPresenceHKUS-1-5-21-1639035527-594000354-161818179-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Run: [skype] => C:Program Files (x86)SkypePhoneSkype.exe [20922016 2014-02-10] (Skype Technologies S.A.)HKUS-1-5-21-1639035527-594000354-161818179-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...Policiessystem: [DisableLockWorkstation] 0HKUS-1-5-21-1639035527-594000354-161818179-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: G - G:DriverPackSolution.exeHKUS-1-5-21-1639035527-594000354-161818179-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: {6187428b-a310-11e1-b0de-bc77373ea80e} - G:SISetup.exeHKUS-1-5-21-1639035527-594000354-161818179-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0...MountPoints2: {618742ac-a310-11e1-b0de-bc77373ea80e} - G:SISetup.exeAppInit_DLLs: C:Windowssystem32nvinitx.dll => C:Windowssystem32nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)AppInit_DLLs-x32: C:WindowsSysWOW64nvinit.dll => C:WindowsSysWOW64nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupScrybe.lnkShortcutTarget: Scrybe.lnk -> C:WindowsInstaller{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe (Acresso Software Inc.) ==================== Internet (Whitelisted) ==================== HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 0x6DC78D5E1431CE01HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = bg-BGHKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.bg/URLSearchHook: HKCU - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileSearchScopes: HKLM-x32 - DefaultScope {5245D202-A352-4632-81D5-B71195D794E9} URL = BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:Program Files (x86)Hotspot ShieldHssIEHssIE_64.dll No FileBHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelper.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dll (Sun Microsystems, Inc.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:Program Files (x86)AdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll (Sun Microsystems, Inc.)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program Files (x86)AdobeAcrobat 8.0AcrobatAcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKCU - No Name - {96F454EA-9D38-474F-B504-56193E00C1A5} - No FileDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabHandler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Microsoft Corporation)Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:Program Files (x86)BelarcAdvisorSystemBAVoilaX.dll (Belarc, Inc.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)TcpipParameters: [DhcpNameServer] 192.168.0.1Tcpip..Interfaces{723903CB-F96D-4D6F-9FD9-B4E8ED979191}: [NameServer]0.0.0.0 FireFox:========FF ProfilePath: C:UsersKremena GeorgievaAppDataRoamingMozillaFirefoxProfilescucvn5gy.defaultFF DefaultSearchEngine: uTorrentControl_v6 Customized Web SearchFF SelectedSearchEngine: uTorrentControl_v6 Customized Web SearchFF Homepage: about:homeFF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=370858F4-7C20-4B75-B1EA-B1C50A43C025&n=77fd78b7&ind=2013100215&p2=^Y6^xdm007^YYA^bg&si=CKDIvOeR-LkCFcmV3godrlUA-g&searchfor=FF Plugin: @adobe.com/FlashPlayer - C:Windowssystem32MacromedFlashNPSWF64_13_0_0_206.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:Program FilesMicrosoft Silverlight5.1.30214.0npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:WindowsSysWOW64MacromedFlashNPSWF32_13_0_0_206.dll ()FF Plugin-x32: @FromDocToPDF_65.com/Plugin - C:Program Files (x86)FromDocToPDF_65bar1.binNP65Stub.dll (MindSpark)FF Plugin-x32: @java.com/JavaPlugin - C:Program Files (x86)Javajre6binplugin2npjp2.dll (Sun Microsystems, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:Program Files (x86)Microsoft Silverlight5.1.30214.0npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:UsersKremena GeorgievaAppDataRoamingMozillapluginsnpgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:UsersKremena GeorgievaAppDataRoamingMozillapluginsnpo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:UsersKremena GeorgievaAppDataLocalGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:UsersKremena GeorgievaAppDataLocalGoogleUpdate1.3.23.9npGoogleUpdate3.dll (Google Inc.)FF Plugin ProgramFiles/Appdata: C:Program Files (x86)mozilla firefoxpluginsnpBitCometAgent.dll (BitComet)FF Plugin ProgramFiles/Appdata: C:Program Files (x86)mozilla firefoxpluginsnpdeployJava1.dll (Sun Microsystems, Inc.)FF Plugin ProgramFiles/Appdata: C:Program Files (x86)mozilla firefoxpluginsnppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:UsersKremena GeorgievaAppDataRoamingmozillapluginsnpgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:UsersKremena GeorgievaAppDataRoamingmozillapluginsnpo1d.dll (Google)FF SearchPlugin: C:UsersKremena GeorgievaAppDataRoamingMozillaFirefoxProfilescucvn5gy.defaultsearchpluginsask-web-search.xmlFF SearchPlugin: C:UsersKremena GeorgievaAppDataRoamingMozillaFirefoxProfilescucvn5gy.defaultsearchpluginsutorrentcontrolv6-customized-web-search.xmlFF Extension: FromDocToPDF - C:UsersKremena GeorgievaAppDataRoamingMozillaFirefoxProfilescucvn5gy.defaultExtensions65ffxtbr@FromDocToPDF_65.com [2014-05-09]FF Extension: Skype Click to Call - C:Program Files (x86)Mozilla Firefoxbrowserextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-08]FF HKLM...ThunderbirdExtensions: [eplgTb@eset.com] - C:Program FilesESETESET NOD32 AntivirusMozilla ThunderbirdFF Extension: ESET Endpoint Security Extension - C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird [2013-06-18]FF HKLM-x32...FirefoxExtensions: [65ffxtbr@FromDocToPDF_65.com] - C:Program Files (x86)FromDocToPDF_65bar1.binFF Extension: FromDocToPDF - C:Program Files (x86)FromDocToPDF_65bar1.bin [2013-10-02]FF HKLM-x32...ThunderbirdExtensions: [eplgTb@eset.com] - C:Program FilesESETESET NOD32 AntivirusMozilla ThunderbirdFF Extension: ESET Endpoint Security Extension - C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird [2013-06-18] Chrome: =======CHR HomePage: hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN42719476852070012&UM=1CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3289075&SearchSource=48&CUI=UN42719476852070012&UM=1]},"spdy":{"servers":["googleads.g.doubleclick.net:443","toolbarqueries.google.com:443","clients2.google.com:443"]},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false},"translate_accepted_count":{"de":1,"en":0},"translate_denied_count":{"de":0,"en":8},"translate_language_blacklist":["en"CHR Extension: (No Name) - C:UsersKremena GeorgievaAppDataLocalGoogleChromeUser DataDefaultExtensionscflheckfmhopnialghigdlggahiomebp [2013-04-04]CHR HKCU...ChromeExtension: [cflheckfmhopnialghigdlggahiomebp] - C:UsersKremena GeorgievaAppDataLocalCREcflheckfmhopnialghigdlggahiomebp.crx [2013-03-27]CHR HKLM-x32...ChromeExtension: [cflheckfmhopnialghigdlggahiomebp] - C:UsersKremena GeorgievaAppDataLocalCREcflheckfmhopnialghigdlggahiomebp.crx [2013-03-27]CHR HKLM-x32...ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:Program Files (x86)SkypeToolbarsChromeExtensionskype_chrome_extension.crx [2014-03-03]CHR StartMenuInternet: Google Chrome - C:UsersKremena GeorgievaAppDataLocalGoogleChromeApplicationchrome.exe ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Professional.9.0; C:Program Files (x86)ABBYY FineReader 9.0NetworkLicenseServer.exe [566560 2007-09-24] (ABBYY (BIT Software))R2 c2cautoupdatesvc; C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)R2 c2cpnrsvc; C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)S3 EhttpSrv; C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe [40888 2013-02-14] (ESET)R2 ekrn; C:Program FilesESETESET NOD32 Antivirusx86ekrn.exe [1020304 2013-02-14] (ESET)S3 ESHASRV; C:Program FilesESETESET NOD32 AntivirusEShaSrv.exe [190208 2013-02-14] (ESET)R2 FromDocToPDF_65Service; C:Program Files (x86)FromDocToPDF_65bar1.bin65barsvc.exe [42504 2013-10-02] (COMPANYVERS_NAME)R2 FUSServices; C:WindowsSysWOW64FUSServices.exe [10752 2009-04-22] ()S3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2012-01-04] ()R3 NMIndexingService; C:Program Files (x86)Common FilesNeroLibNMIndexingService.exe [529704 2008-02-28] (Nero AG)S2 ScrybeUpdater; C:Program Files (x86)SynapticsScrybeServiceScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)R2 SpyHunter 4 Service; C:Program FilesEnigma Software GroupSpyHunterSH4Service.exe [1025408 2013-05-07] (Enigma Software Group USA, LLC.) ==================== Drivers (Whitelisted) ==================== S2 ALIWEHCD; C:WindowsSystem32Driversmfpec.sys [39552 2007-05-06] (None)S3 AliWGP; C:WindowsSystem32DRIVERSmfpcomp.sys [13184 2007-01-09] (None)R1 eamonm; C:WindowsSystem32DRIVERSeamonm.sys [217000 2013-02-04] (ESET)U5 edevmon; C:WindowsSystem32Driversedevmon.sys [183016 2013-04-09] (ESET)R1 ehdrv; C:WindowsSystem32DRIVERSehdrv.sys [153200 2013-02-04] (ESET)R2 epfwwfpr; C:WindowsSystem32DRIVERSepfwwfpr.sys [141304 2013-02-04] (ESET)S3 EsgScanner; C:WindowsSystem32DRIVERSEsgScanner.sys [22704 2012-06-22] ()S3 FaxLffv2; C:WindowsSystem32DriversFaxLffv2.sys [31232 2008-06-18] (OEM)R3 MBAMSwissArmy; C:Windowssystem32driversMBAMSwissArmy.sys [119512 2014-05-09] (Malwarebytes Corporation)S3 mvusbews; C:WindowsSystem32Driversmvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)R1 nvkflt; C:WindowsSystem32DRIVERSnvkflt.sys [284008 2012-10-08] (NVIDIA Corporation)S3 RimUsb; C:WindowsSystem32DriversRimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)S3 taphss6; C:WindowsSystem32DRIVERStaphss6.sys [42184 2013-02-22] (Anchorfree Inc.)S3 WUSBVBus; C:WindowsSystem32DRIVERSmfpvbus.sys [12416 2006-10-20] (None)S3 XMLDIUSB; C:WindowsSystem32DriversXMLDIUSB.sys [55808 2010-01-29] (OEM)S3 AthBTPort; system32DRIVERSbtath_flt.sys [X]S3 BTATH_A2DP; system32driversbtath_a2dp.sys [X]S3 BTATH_BUS; system32DRIVERSbtath_bus.sys [X]S3 BTATH_HCRP; system32DRIVERSbtath_hcrp.sys [X]S3 BTATH_LWFLT; system32DRIVERSbtath_lwflt.sys [X]S3 BTATH_RCP; system32DRIVERSbtath_rcp.sys [X]S3 btmaudio; system32driversbtmaud.sys [X]S3 btmaux; system32DRIVERSbtmaux.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-09 13:47 - 2014-05-09 13:48 - 00023407 _____ () C:UsersKremena GeorgievaDesktopFRST.txt2014-05-09 13:47 - 2014-05-09 13:47 - 00000000 ____D () C:FRST2014-05-09 13:46 - 2014-05-09 13:46 - 02064384 _____ (Farbar) C:UsersKremena GeorgievaDesktopFRST64.exe2014-05-09 10:48 - 2014-05-09 10:49 - 00119512 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys2014-05-09 10:48 - 2014-05-09 10:48 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware2014-05-09 10:48 - 2014-05-09 10:48 - 00000000 ____D () C:Program Files (x86)Malwarebytes Anti-Malware2014-05-09 10:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmbamchameleon.sys2014-05-09 10:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmwac.sys2014-05-09 10:48 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmbam.sys2014-05-08 14:36 - 2014-05-07 18:44 - 00156783 _____ () C:UsersKremena GeorgievaDesktopflipper.swf2014-05-08 14:33 - 2014-05-08 14:33 - 00000000 ____D () C:UsersKremena GeorgievaDesktopInterton_20142014-05-08 14:32 - 2014-05-08 14:34 - 13142453 _____ () C:UsersKremena GeorgievaDesktopInterton_2014.rar2014-05-08 14:30 - 2014-05-08 14:30 - 00000000 ____D () C:UsersKremena GeorgievaDesktopEuropeanColorCosmeticPackaging2014-05-08 14:28 - 2014-05-08 14:35 - 13142453 _____ () C:UsersKremena GeorgievaDesktopEuropeanColorCosmeticPackaging.rar2014-05-08 14:23 - 2014-05-09 12:41 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingIwbeis2014-05-08 14:23 - 2014-05-09 12:40 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingUxmi2014-05-08 08:54 - 2014-05-08 08:54 - 00000000 ___SD () C:Windowssystem32CompatTel2014-05-06 09:27 - 2014-04-14 05:24 - 00465408 _____ (Microsoft Corporation) C:Windowssystem32aepdu.dll2014-05-06 09:27 - 2014-04-14 05:19 - 00424448 _____ (Microsoft Corporation) C:Windowssystem32aeinv.dll2014-05-03 05:20 - 2014-04-29 17:01 - 23547904 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll2014-05-03 05:20 - 2014-04-29 15:48 - 17384448 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll2014-05-03 05:19 - 2014-04-29 16:40 - 02724864 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb2014-05-03 05:19 - 2014-04-29 15:34 - 02724864 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb2014-04-21 12:51 - 2014-04-21 12:51 - 00000000 __SHD () C:UsersKremena GeorgievaAppDataLocalEmieUserList2014-04-21 12:51 - 2014-04-21 12:51 - 00000000 __SHD () C:UsersKremena GeorgievaAppDataLocalEmieSiteList2014-04-21 11:29 - 2014-03-06 12:31 - 00004096 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollectorres.dll2014-04-21 11:29 - 2014-03-06 11:59 - 00066048 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll2014-04-21 11:29 - 2014-03-06 11:57 - 00548352 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll2014-04-21 11:29 - 2014-03-06 11:57 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32ieetwproxystub.dll2014-04-21 11:29 - 2014-03-06 11:40 - 00051200 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll2014-04-21 11:29 - 2014-03-06 11:39 - 00033792 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll2014-04-21 11:29 - 2014-03-06 11:32 - 00574976 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll2014-04-21 11:29 - 2014-03-06 11:29 - 00139264 _____ (Microsoft Corporation) C:Windowssystem32ieUnatt.exe2014-04-21 11:29 - 2014-03-06 11:29 - 00111616 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollector.exe2014-04-21 11:29 - 2014-03-06 11:28 - 00752640 _____ (Microsoft Corporation) C:Windowssystem32jscript9diag.dll2014-04-21 11:29 - 2014-03-06 11:15 - 00940032 _____ (Microsoft Corporation) C:Windowssystem32MsSpellCheckingFacility.exe2014-04-21 11:29 - 2014-03-06 11:09 - 00453120 _____ (Microsoft Corporation) C:Windowssystem32dxtmsft.dll2014-04-21 11:29 - 2014-03-06 11:03 - 00586240 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe2014-04-21 11:29 - 2014-03-06 11:02 - 00455168 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll2014-04-21 11:29 - 2014-03-06 11:02 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64iesetup.dll2014-04-21 11:29 - 2014-03-06 11:01 - 00051200 _____ (Microsoft Corporation) C:WindowsSysWOW64ieetwproxystub.dll2014-04-21 11:29 - 2014-03-06 10:56 - 00038400 _____ (Microsoft Corporation) C:Windowssystem32JavaScriptCollectionAgent.dll2014-04-21 11:29 - 2014-03-06 10:48 - 00195584 _____ (Microsoft Corporation) C:Windowssystem32msrating.dll2014-04-21 11:29 - 2014-03-06 10:46 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll2014-04-21 11:29 - 2014-03-06 10:45 - 00032768 _____ (Microsoft Corporation) C:WindowsSysWOW64iernonce.dll2014-04-21 11:29 - 2014-03-06 10:42 - 00296960 _____ (Microsoft Corporation) C:Windowssystem32dxtrans.dll2014-04-21 11:29 - 2014-03-06 10:40 - 00440832 _____ (Microsoft Corporation) C:WindowsSysWOW64ieui.dll2014-04-21 11:29 - 2014-03-06 10:38 - 00112128 _____ (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe2014-04-21 11:29 - 2014-03-06 10:36 - 00592896 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9diag.dll2014-04-21 11:29 - 2014-03-06 10:22 - 00367616 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtmsft.dll2014-04-21 11:29 - 2014-03-06 10:21 - 00628736 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll2014-04-21 11:29 - 2014-03-06 10:13 - 00032256 _____ (Microsoft Corporation) C:WindowsSysWOW64JavaScriptCollectionAgent.dll2014-04-21 11:29 - 2014-03-06 10:07 - 00164864 _____ (Microsoft Corporation) C:WindowsSysWOW64msrating.dll2014-04-21 11:29 - 2014-03-06 10:01 - 00244224 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtrans.dll2014-04-21 11:29 - 2014-03-06 09:46 - 00524288 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll2014-04-21 11:29 - 2014-03-06 08:50 - 00846336 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll2014-04-21 11:29 - 2014-03-06 08:43 - 00704512 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll2014-04-21 07:23 - 2014-03-06 11:53 - 02767360 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll2014-04-21 07:23 - 2014-03-06 10:47 - 02178048 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll2014-04-21 07:23 - 2014-03-06 08:41 - 01789440 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll2014-04-21 07:22 - 2014-03-06 11:11 - 05784064 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll2014-04-21 07:22 - 2014-03-06 10:46 - 04254720 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll2014-04-21 07:22 - 2014-03-06 10:11 - 02043904 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl2014-04-21 07:22 - 2014-03-06 09:53 - 13551104 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll2014-04-21 07:22 - 2014-03-06 09:40 - 01967104 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl2014-04-21 07:22 - 2014-03-06 09:36 - 11745792 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll2014-04-21 07:22 - 2014-03-06 09:22 - 02260480 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll2014-04-21 07:22 - 2014-03-06 08:58 - 01400832 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll2014-04-21 07:22 - 2014-03-06 08:36 - 01143808 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll2014-04-10 13:33 - 2014-03-04 12:44 - 01163264 _____ (Microsoft Corporation) C:Windowssystem32kernel32.dll2014-04-10 13:33 - 2014-03-04 12:44 - 00362496 _____ (Microsoft Corporation) C:Windowssystem32wow64win.dll2014-04-10 13:33 - 2014-03-04 12:44 - 00243712 _____ (Microsoft Corporation) C:Windowssystem32wow64.dll2014-04-10 13:33 - 2014-03-04 12:44 - 00016384 _____ (Microsoft Corporation) C:Windowssystem32ntvdm64.dll2014-04-10 13:33 - 2014-03-04 12:44 - 00013312 _____ (Microsoft Corporation) C:Windowssystem32wow64cpu.dll2014-04-10 13:33 - 2014-03-04 12:17 - 00014336 _____ (Microsoft Corporation) C:WindowsSysWOW64ntvdm64.dll2014-04-10 13:33 - 2014-03-04 12:16 - 01114112 _____ (Microsoft Corporation) C:WindowsSysWOW64kernel32.dll2014-04-10 13:33 - 2014-03-04 12:16 - 00025600 _____ (Microsoft Corporation) C:WindowsSysWOW64setup16.exe2014-04-10 13:33 - 2014-03-04 12:16 - 00005120 _____ (Microsoft Corporation) C:WindowsSysWOW64wow32.dll2014-04-10 13:33 - 2014-03-04 11:09 - 00007680 _____ (Microsoft Corporation) C:WindowsSysWOW64instnm.exe2014-04-10 13:33 - 2014-03-04 11:09 - 00002048 _____ (Microsoft Corporation) C:WindowsSysWOW64user.exe2014-04-10 13:33 - 2014-02-04 05:35 - 00274880 _____ (Microsoft Corporation) C:Windowssystem32Driversmsiscsi.sys2014-04-10 13:33 - 2014-02-04 05:35 - 00190912 _____ (Microsoft Corporation) C:Windowssystem32Driversstorport.sys2014-04-10 13:33 - 2014-02-04 05:35 - 00027584 _____ (Microsoft Corporation) C:Windowssystem32DriversDiskdump.sys2014-04-10 13:33 - 2014-02-04 05:28 - 00002048 _____ (Microsoft Corporation) C:Windowssystem32iologmsg.dll2014-04-10 13:33 - 2014-02-04 05:00 - 00002048 _____ (Microsoft Corporation) C:WindowsSysWOW64iologmsg.dll2014-04-10 13:33 - 2014-01-24 05:37 - 01684928 _____ (Microsoft Corporation) C:Windowssystem32Driversntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-09 13:48 - 2014-05-09 13:47 - 00023407 _____ () C:UsersKremena GeorgievaDesktopFRST.txt2014-05-09 13:47 - 2014-05-09 13:47 - 00000000 ____D () C:FRST2014-05-09 13:46 - 2014-05-09 13:46 - 02064384 _____ (Farbar) C:UsersKremena GeorgievaDesktopFRST64.exe2014-05-09 13:40 - 2011-09-02 16:31 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingSkype2014-05-09 13:37 - 2014-04-03 09:32 - 00001056 _____ () C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-1639035527-594000354-161818179-1000UA1cf4f06770d21cf.job2014-05-09 13:36 - 2012-07-22 22:25 - 00000830 _____ () C:WindowsTasksAdobe Flash Player Updater.job2014-05-09 13:16 - 2011-09-06 20:05 - 00000000 ____D () C:UsersKremena GeorgievaAppDataLocalCrashDumps2014-05-09 13:16 - 2011-09-03 09:04 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingTeamViewer2014-05-09 13:14 - 2013-12-20 12:00 - 00020923 _____ () C:UsersKremena GeorgievaDesktop2014.xlsx2014-05-09 12:42 - 2009-07-14 08:13 - 00006446 _____ () C:Windowssystem32PerfStringBackup.INI2014-05-09 12:41 - 2014-05-08 14:23 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingIwbeis2014-05-09 12:40 - 2014-05-08 14:23 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingUxmi2014-05-09 12:40 - 2009-07-14 06:20 - 00000000 ____D () C:Windowstracing2014-05-09 10:49 - 2014-05-09 10:48 - 00119512 _____ (Malwarebytes Corporation) C:Windowssystem32DriversMBAMSwissArmy.sys2014-05-09 10:48 - 2014-05-09 10:48 - 00000000 ____D () C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware2014-05-09 10:48 - 2014-05-09 10:48 - 00000000 ____D () C:Program Files (x86)Malwarebytes Anti-Malware2014-05-09 10:48 - 2013-06-18 12:55 - 00000000 ____D () C:ProgramDataMalwarebytes2014-05-09 10:45 - 2009-07-14 07:45 - 00022096 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-09 10:45 - 2009-07-14 07:45 - 00022096 ____H () C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-09 10:38 - 2011-09-04 07:33 - 00000000 ____D () C:WindowsMinidump2014-05-09 10:30 - 2011-09-02 15:10 - 01962955 _____ () C:WindowsWindowsUpdate.log2014-05-09 10:04 - 2011-12-07 12:08 - 00000000 ____D () C:UsersKremena GeorgievaAppDataLocalESET2014-05-09 09:49 - 2011-09-02 19:25 - 00001004 _____ () C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-1639035527-594000354-161818179-1000Core.job2014-05-08 14:35 - 2014-05-08 14:28 - 13142453 _____ () C:UsersKremena GeorgievaDesktopEuropeanColorCosmeticPackaging.rar2014-05-08 14:34 - 2014-05-08 14:32 - 13142453 _____ () C:UsersKremena GeorgievaDesktopInterton_2014.rar2014-05-08 14:33 - 2014-05-08 14:33 - 00000000 ____D () C:UsersKremena GeorgievaDesktopInterton_20142014-05-08 14:30 - 2014-05-08 14:30 - 00000000 ____D () C:UsersKremena GeorgievaDesktopEuropeanColorCosmeticPackaging2014-05-08 14:29 - 2012-08-08 11:45 - 00000000 ____D () C:ProgramDataboost_interprocess2014-05-08 10:23 - 2013-09-07 12:08 - 00000000 ____D () C:UsersKremena GeorgievaDesktopimages2014-05-08 09:23 - 2011-11-22 17:07 - 00065536 _____ () C:Windowssystem32Ikeext.etl2014-05-08 09:22 - 2011-09-02 18:08 - 00000000 ____D () C:ProgramDataNVIDIA2014-05-08 09:22 - 2009-07-14 08:08 - 00000006 ____H () C:WindowsTasksSA.DAT2014-05-08 09:22 - 2009-07-14 07:51 - 00104465 _____ () C:Windowssetupact.log2014-05-08 08:54 - 2014-05-08 08:54 - 00000000 ___SD () C:Windowssystem32CompatTel2014-05-07 18:44 - 2014-05-08 14:36 - 00156783 _____ () C:UsersKremena GeorgievaDesktopflipper.swf2014-05-01 12:48 - 2011-09-02 16:03 - 00000000 ____D () C:UsersKremena GeorgievaAppDataRoamingMozilla2014-04-30 10:56 - 2013-09-22 12:10 - 00000000 ____D () C:UsersKremena GeorgievaDesktopInvoices2014-04-29 17:01 - 2014-05-03 05:20 - 23547904 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll2014-04-29 16:40 - 2014-05-03 05:19 - 02724864 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb2014-04-29 15:48 - 2014-05-03 05:20 - 17384448 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll2014-04-29 15:34 - 2014-05-03 05:19 - 02724864 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb2014-04-29 11:37 - 2012-07-22 22:25 - 00003768 _____ () C:WindowsSystem32TasksAdobe Flash Player Updater2014-04-29 11:37 - 2012-05-21 09:37 - 00692400 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe2014-04-29 11:37 - 2011-09-02 16:05 - 00070832 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl2014-04-21 14:18 - 2009-07-14 06:20 - 00000000 ____D () C:Windowsrescache2014-04-21 12:51 - 2014-04-21 12:51 - 00000000 __SHD () C:UsersKremena GeorgievaAppDataLocalEmieUserList2014-04-21 12:51 - 2014-04-21 12:51 - 00000000 __SHD () C:UsersKremena GeorgievaAppDataLocalEmieSiteList2014-04-21 12:49 - 2009-07-14 06:20 - 00000000 ____D () C:WindowsPolicyDefinitions2014-04-18 11:21 - 2010-11-21 06:47 - 00233646 _____ () C:WindowsPFRO.log2014-04-17 15:26 - 2012-02-06 12:47 - 00031232 _____ () C:UsersKremena GeorgievaDesktopCopy of Kopas 30 50.xls2014-04-15 08:58 - 2011-09-02 17:49 - 00000000 ____D () C:ProgramDataMicrosoft Help2014-04-15 08:56 - 2013-07-16 09:24 - 00000000 ____D () C:Windowssystem32MRT2014-04-15 08:52 - 2011-09-02 16:03 - 90655440 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe2014-04-14 05:24 - 2014-05-06 09:27 - 00465408 _____ (Microsoft Corporation) C:Windowssystem32aepdu.dll2014-04-14 05:19 - 2014-05-06 09:27 - 00424448 _____ (Microsoft Corporation) C:Windowssystem32aeinv.dll2014-04-11 08:47 - 2013-03-10 21:00 - 00000000 ____D () C:Program Files (x86)Mozilla Maintenance Service2014-04-09 09:03 - 2013-01-24 16:16 - 00000000 ____D () C:UsersKremena GeorgievaDesktopMe ZeroAccess:C:$Recycle.BinS-1-5-21-1639035527-594000354-161818179-1000$b3625afb9fe626920b66025267b1f4f9 Files to move or delete:====================C:UsersKremena GeorgievaLJM1130_M1210_Full_Solution.exe Some content of TEMP:====================C:UsersAdministratorAppDataLocalTempGomEncDnInstaller.exeC:UsersAdministratorAppDataLocalTempSHSetup.exeC:UsersAdministratorAppDataLocalTempsiinst.exeC:UsersAdministratorAppDataLocalTempstrings.dllC:UsersAdministratorAppDataLocalTemptbuTor.dll ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legitC:WindowsSystem32wininit.exe => MD5 is legitC:WindowsSysWOW64wininit.exe => MD5 is legitC:Windowsexplorer.exe => MD5 is legitC:WindowsSysWOW64explorer.exe => MD5 is legitC:WindowsSystem32svchost.exe => MD5 is legitC:WindowsSysWOW64svchost.exe => MD5 is legitC:WindowsSystem32services.exe => MD5 is legitC:WindowsSystem32User32.dll => MD5 is legitC:WindowsSysWOW64User32.dll => MD5 is legitC:WindowsSystem32userinit.exe => MD5 is legitC:WindowsSysWOW64userinit.exe => MD5 is legitC:WindowsSystem32rpcss.dll => MD5 is legitC:WindowsSystem32Driversvolsnap.sys => MD5 is legit LastRegBack: 2014-04-29 09:05 ==================== End Of Log ============================ Прикачих и от Eset лог-аAddition.txt eset.txt FRST.txt
  11. Здравейте уважаеми съфорумци и добро утро.При стартиране на компютъра и зареждане на програмите ,получавам следното съобщение...http://dox.bg/files/dw?a=9a3c2e09abВ някои форуми четох,че това е вирус.В други,че просто трябва да реша проблема.Моля някой компетентен да ми каже какво е това според него.Благодаря.Прикачвам файлове от сканирането...DDS (Ver_2011-09-30.01) - NTFS_AMD64Internet Explorer: 9.10.9200.16736Run by Daniel at 7:30:49 on 2013-12-07Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.8086.5730 [GMT 2:00].AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32svchost.exe -k RPCSSC:Windowssystem32atiesrxx.exeC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k NetworkServiceC:Program FilesAVAST SoftwareAvastAvastSvc.exeC:Windowssystem32atieclxx.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkC:Windowssystem32taskhost.exeC:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program FilesInteliCLS ClientHeciServer.exeC:Windowssystem32Dwm.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exeC:WindowsSysWOW64PnkBstrA.exeC:Windowssystem32svchost.exe -k imgsvcC:WindowsExplorer.EXEC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:WindowsSystem32svchost.exe -k secsvcsC:Windowssystem32SearchIndexer.exeC:Program FilesLucidlogix TechnologiesVIRTUVirtuControlPanel.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Program FilesRealtekAudioHDARAVCpl64.exeC:WindowsSystem32igfxpers.exeC:UsersDanielAppDataRoaminguTorrentuTorrent.exeC:WindowsSystem32svchost.exe -k LocalServicePeerNetC:Program Files (x86)XFastUSBXFastUsb.exeC:Program FilesLucidlogix TechnologiesVIRTUEKAG20NT.EXEC:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exeC:Program FilesAVAST SoftwareAvastavastui.exeC:Program Files (x86)LogitechLWSWebcam SoftwareCameraHelperShell.exeC:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exeC:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exeC:Program Files (x86)ATI TechnologiesHydraVisionHydraDM.exeC:Program Files (x86)ATI TechnologiesHydraVisionHydraDM64.exeC:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:WindowsservicingTrustedInstaller.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32svchost.exe -k SDRSVCC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Program Files (x86)GoogleChromeApplicationchrome.exeC:Windowssystem32SearchProtocolHost.exeC:Windowssystem32SearchFilterHost.exeC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:Windowssystem32DllHost.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.commStart Page = hxxp://www.google.commWinlogon: Userinit = userinit.exeBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dlluRun: [ASRockXTU] <no file>mRun: [XFastUSB] "C:Program Files (x86)XFastUSBXFastUsb.exe"mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [LWS] C:Program Files (x86)LogitechLWSWebcam SoftwareLWS.exe -hidemRun: [AvastUI.exe] "C:Program FilesAVAST SoftwareAvastAvastUI.exe" /noguimRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRunmRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:Program Files (x86)AMD AVTbinkdbsync.exe" amlmRun: [20131121] C:Program FilesAVAST SoftwareAvastsetupemupdate958adf70-e171-410d-95ee-755566de5ac6.exe /checkmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0TCP: NameServer = 192.168.0.1TCP: Interfaces{BD70F641-C4CA-4A19-9768-5E3659BE6FCB} : DHCPNameServer = 192.168.0.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dllx64-Run: [VIRTU] C:Program FilesLucidlogix TechnologiesVIRTUVirtuControlPanel.Exe /hidex64-Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -sx64-Run: [igfxTray] C:WindowsSystem32igfxtray.exex64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exex64-Run: [Persistence] C:WindowsSystem32igfxpers.exex64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;avast! Revert;C:WindowsSystem32driversaswRvrt.sys [2013-8-13 65776]R0 aswVmm;avast! VM Monitor;C:WindowsSystem32driversaswVmm.sys [2013-8-13 205320]R1 AsrAppCharger;AsrAppCharger;C:WindowsSystem32driversAsrAppCharger.sys [2013-8-13 15368]R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2013-8-13 1032416]R1 aswSP;aswSP;C:WindowsSystem32driversaswsp.sys [2013-8-13 409832]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2013-8-22 283064]R1 FNETURPX;FNETURPX;C:WindowsSystem32driversFNETURPX.SYS [2013-8-13 15936]R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2013-5-11 65640]R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2013-4-30 238080]R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2013-8-13 38984]R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2013-8-13 84328]R2 avast! Antivirus;avast! Antivirus;C:Program FilesAVAST SoftwareAvastAvastSvc.exe [2013-10-21 50344]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-2 628448]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2013-8-13 161560]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2013-8-13 363800]R3 amdkmdag;amdkmdag;C:WindowsSystem32driversatikmdag.sys [2013-4-30 11922944]R3 amdkmdap;amdkmdap;C:WindowsSystem32driversatikmpag.sys [2013-4-30 359936]R3 asmthub3;ASMedia USB3 Hub Service;C:WindowsSystem32driversasmthub3.sys [2011-3-4 126952]R3 asmtxhci;ASMEDIA XHCI Service;C:WindowsSystem32driversasmtxhci.sys [2011-3-4 390632]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:WindowsSystem32driversAtihdW76.sys [2012-5-14 96896]R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2013-8-13 317440]R3 LgBttPort;LGE Bluetooth TransPort;C:WindowsSystem32driverslgbtpt64.sys [2009-9-29 16384]R3 lgbusenum;LG Bluetooth Bus Enumerator;C:WindowsSystem32driverslgbtbs64.sys [2009-9-29 14848]R3 LGVMODEM;LGE Virtual Modem;C:WindowsSystem32driverslgvmdm64.sys [2009-9-29 17408]R3 LVRS64;Logitech RightSound Filter Driver;C:WindowsSystem32driverslvrs64.sys [2012-9-21 351520]R3 LVUVC64;Logitech Webcam C160(UVC);C:WindowsSystem32driverslvuvc64.sys [2012-9-21 4763680]R3 MBfilt;MBfilt;C:WindowsSystem32driversMBfilt64.sys [2013-8-13 32344]R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2013-8-13 60184]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-8-13 565352]R3 VirtuWDDM;VirtuWDDM;C:WindowsSystem32driversVirtuWDDM.sys [2013-8-13 66336]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-9-2 116648]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-9-5 171680]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-8-13 257416]S3 Andbus;LGE Android Platform Composite USB Device;C:WindowsSystem32driverslgandbus64.sys [2010-3-30 19456]S3 AndDiag;LGE Android Platform USB Serial Port;C:WindowsSystem32driverslganddiag64.sys [2010-3-30 27648]S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:WindowsSystem32driverslgandgps64.sys [2010-3-30 27136]S3 ANDModem;LGE Android Platform USB Modem;C:WindowsSystem32driverslgandmodem64.sys [2010-3-30 33792]S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168]S3 FNETTBOH_305;FNETTBOH_305;C:WindowsSystem32driversFNETTBOH_305.SYS [2013-8-13 32320]S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-9-2 116648]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2010-11-21 20992]S3 Synth3dVsc;Synth3dVsc;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960]S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2011-4-12 34816]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2010-11-21 31232]S3 tsusbhub;tsusbhub;C:WindowsSystem32driverstsusbhub.sys [2011-4-12 117248]S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:WindowsSystem32WatWatAdminSvc.exe [2013-8-13 1255736].=============== Created Last 30 ================.2013-12-07 05:23:55 10285968 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{E62DCE3A-4205-4515-B2D3-1FA91F15B9AE}mpengine.dll2013-12-02 01:50:46 123904 ----a-w- C:UsersDanielAppDataRoamingRAVCpl32i.exe2013-12-02 01:50:40 1089024 ----a-w- C:UsersDanielAppDataRoamingRAVCpl64i.exe2013-12-02 01:43:32 257 ----a-w- C:UsersDanielAppDataRoamingRAVCpl.bat2013-11-26 15:17:24 99840 ----a-w- C:WindowsSystem32driversusbccgp.sys2013-11-26 15:17:24 7808 ----a-w- C:WindowsSystem32driversusbd.sys2013-11-26 15:17:24 52736 ----a-w- C:WindowsSystem32driversusbehci.sys2013-11-26 15:17:24 343040 ----a-w- C:WindowsSystem32driversusbhub.sys2013-11-26 15:17:24 325120 ----a-w- C:WindowsSystem32driversusbport.sys2013-11-26 15:17:24 30720 ----a-w- C:WindowsSystem32driversusbuhci.sys2013-11-26 15:17:24 25600 ----a-w- C:WindowsSystem32driversusbohci.sys2013-11-14 04:13:45 1474048 ----a-w- C:WindowsSystem32crypt32.dll.==================== Find3M ====================.2013-11-26 15:20:59 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-11-26 15:20:59 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-11-11 03:50:16 267936 ------w- C:WindowsSystem32MpSigStub.exe2013-10-31 06:29:17 281872 ----a-w- C:WindowsSysWow64PnkBstrB.exe2013-10-31 06:29:06 281872 ----a-w- C:WindowsSysWow64PnkBstrB.ex02013-10-31 06:29:04 76888 ----a-w- C:WindowsSysWow64PnkBstrA.exe2013-10-31 05:18:17 0 ----a-w- C:Windowsativpsrm.bin2013-10-21 16:07:54 92544 ----a-w- C:WindowsSystem32driversaswRdr2.sys2013-10-21 16:07:54 84328 ----a-w- C:WindowsSystem32driversaswMonFlt.sys2013-10-21 16:07:54 65776 ----a-w- C:WindowsSystem32driversaswRvrt.sys2013-10-21 16:07:54 205320 ----a-w- C:WindowsSystem32driversaswVmm.sys2013-10-21 16:07:54 1032416 ----a-w- C:WindowsSystem32driversaswSnx.sys2013-10-21 16:07:53 43152 ----a-w- C:WindowsavastSS.scr2013-10-12 08:45:20 2241536 ----a-w- C:WindowsSystem32wininet.dll2013-10-12 08:43:37 3959808 ----a-w- C:WindowsSystem32jscript9.dll2013-10-12 08:43:32 67072 ----a-w- C:WindowsSystem32iesetup.dll2013-10-12 08:43:32 136704 ----a-w- C:WindowsSystem32iesysprep.dll2013-10-12 07:03:50 1767936 ----a-w- C:WindowsSysWow64wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:WindowsSysWow64jscript9.dll2013-10-12 07:02:29 61440 ----a-w- C:WindowsSysWow64iesetup.dll2013-10-12 07:02:29 109056 ----a-w- C:WindowsSysWow64iesysprep.dll2013-10-12 06:35:26 2706432 ----a-w- C:WindowsSystem32mshtml.tlb2013-10-12 06:08:58 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb2013-10-12 05:44:38 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe2013-10-12 05:15:39 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe2013-10-12 02:25:45 832000 ----a-w- C:WindowsSystem32nshwfp.dll2013-10-12 02:24:37 861184 ----a-w- C:WindowsSystem32IKEEXT.DLL2013-10-12 02:24:22 324096 ----a-w- C:WindowsSystem32FWPUCLNT.DLL2013-10-12 02:23:22 706560 ----a-w- C:WindowsSystem32BFE.DLL2013-10-12 01:57:21 657920 ----a-w- C:WindowsSysWow64nshwfp.dll2013-10-12 01:56:33 216576 ----a-w- C:WindowsSysWow64FWPUCLNT.DLL2013-10-11 11:59:34 3894632 ----a-r- C:WindowsSysWow64pbsvc.exe2013-10-05 19:57:25 1168384 ----a-w- C:WindowsSysWow64crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:WindowsSystem32SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:WindowsSystem32credui.dll2013-10-04 02:24:44 1931264 ----a-w- C:WindowsSystem32authui.dll2013-10-04 02:02:25 1796608 ----a-w- C:WindowsSysWow64authui.dll2013-10-04 01:58:50 152576 ----a-w- C:WindowsSysWow64SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:WindowsSysWow64credui.dll2013-10-03 02:23:48 404480 ----a-w- C:WindowsSystem32gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:WindowsSysWow64gdi32.dll2013-09-28 01:14:56 496128 ----a-w- C:WindowsSystem32driversafd.sys2013-09-25 02:30:47 95680 ----a-w- C:WindowsSystem32driversksecdd.sys2013-09-25 02:30:47 154560 ----a-w- C:WindowsSystem32driversksecpkg.sys2013-09-25 02:27:35 28672 ----a-w- C:WindowsSystem32sspisrv.dll2013-09-25 02:27:34 135680 ----a-w- C:WindowsSystem32sspicli.dll2013-09-25 02:27:03 28160 ----a-w- C:WindowsSystem32secur32.dll2013-09-25 02:27:01 340992 ----a-w- C:WindowsSystem32schannel.dll2013-09-25 02:26:13 307200 ----a-w- C:WindowsSystem32ncrypt.dll2013-09-25 02:25:38 1446400 ----a-w- C:WindowsSystem32lsasrv.dll2013-09-25 02:01:59 96768 ----a-w- C:WindowsSysWow64sspicli.dll2013-09-25 02:00:58 22016 ----a-w- C:WindowsSysWow64secur32.dll2013-09-25 02:00:56 247808 ----a-w- C:WindowsSysWow64schannel.dll2013-09-25 01:59:53 220160 ----a-w- C:WindowsSysWow64ncrypt.dll2013-09-25 01:08:17 30720 ----a-w- C:WindowsSystem32lsass.exe2013-09-15 06:32:21 32320 ----a-w- C:WindowsSystem32driversFNETTBOH_305.SYS2013-09-14 02:20:55 376768 ----a-w- C:WindowsSystem32driversnetio.sys.============= FINISH: 7:31:03,55 ===============Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKPunkBuster ServicesRealtek Ethernet Controller DriverRealtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Skype™ 6.10SpeccyStar Wars: The Old RepublicUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)VIRTU 1.2.112XFastUSB.==== End Of File ===========================
  12. Здравейте, От вчера лаптопът ми прихвана този вирус Istartsurf, не съм наясно защо антивирусната ми програма не го засича- Microsoft Security Essentials. При тест с Pareto Logic се индикира за около 750 проблема, но не желае да ги прочисти. Лаптопът работи изключително бавно за възможностите си, като това е още преди да има тези проблеми. Периодично правя дефрагментиране, прочистване на папка TEMP, както и прочистване в Manage search engines. Ще се радвам на помощта Ви. Благодаря предварително!
  13. Здравейте, колеги! Значи проблема е следния, Windows XP Home, не стартира, бие сини екрани, няма влизане в Safe Mode BSOD-a е 0х000000D0, което сочи проблем с паметта: [*]паметите претествани и поставена друга памет, проблемът остава... [*]Премахнах вскякакви PCI, PCI-e и други периферни платки и устройства... [*]буутнах от HBCD и в момента, в който зададох mini WinXP, настъпи поредния BSOD. [*]Откачих харда и отново буутнах, хоп, зареди си мини WinXP-то като пушка. закачих харда (hot plug) и му изтрих MBR. Направих му Surface test, който не показа проблеми с устройството... Въпросът ми е, възможно ли е да е MBR вирус, има ли начин да се изчисти, не ми се занимава да преинсталирам системата! Благодаря
  14. Здравейте, от няколко дена имам проблеми когато използвам мозила и хром,изкачат ми някакви прозорци с реклами за игри зелени карти и такива. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by nick (administrator) on NICKCOMP on 11-04-2015 08:17:45 Running from E:\Documents and Settings\nick\Desktop Loaded Profiles: nick (Available profiles: nick) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 7 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe (Skype Technologies S.A.) E:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe () E:\Documents and Settings\nick\Desktop\JoyToKey_en\JoyToKey.exe (BitTorrent Inc.) E:\Documents and Settings\nick\Application Data\uTorrent\uTorrent.exe (Comfort Software Group) D:\VIRTUAL KRYBOARD.exe (Mozilla Corporation) E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) E:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\AtiExtEvent: E:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-329068152-1336601894-682003330-1003\...\Run: [uTorrent] => E:\Documents and Settings\nick\Application Data\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.) HKU\S-1-5-21-329068152-1336601894-682003330-1003\...\Run: [skype] => E:\Program Files\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.) HKU\S-1-5-21-329068152-1336601894-682003330-1003\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-329068152-1336601894-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-329068152-1336601894-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-329068152-1336601894-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKU\S-1-5-21-329068152-1336601894-682003330-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-329068152-1336601894-682003330-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-329068152-1336601894-682003330-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-329068152-1336601894-682003330-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-329068152-1336601894-682003330-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.) Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - E:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default FF Homepage: hxxp://google.bg/ FF Plugin: @adobe.com/FlashPlayer -> E:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] () FF Plugin: @Google.com/GoogleEarthPlugin -> E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> E:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> E:\WINDOWS\system32\npDeployJava1.dll [2013-09-18] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin: Adobe Reader -> E:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> E:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-08] (Google Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> E:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-08] (Google Inc.) FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml [2014-07-29] FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml [2014-07-29] FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml [2014-07-29] FF SearchPlugin: E:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml [2014-07-29] FF Extension: Advanced SystemCare Surfing Protection - E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default\Extensions\iobitascsurfingprotection@iobit.com [2015-04-03] FF Extension: ABV Notifier - E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default\Extensions\abvnotifier@netinfo.bg.xpi [2014-08-22] FF Extension: Video DownloadHelper - E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14] FF Extension: Adblock Plus - E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-12] FF Extension: DownThemAll! - E:\Documents and Settings\nick\Application Data\Mozilla\Firefox\Profiles\ivvk8y4w.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-06-12] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-03-21] Chrome: ======= CHR HomePage: Default -> hxxp://google.bg/ CHR StartupUrls: Default -> "hxxp://google.bg/" CHR DefaultSearchKeyword: Default -> bing.com_ CHR DefaultSearchURL: Default -> http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms} CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=UP97DF&PC=UP97 CHR Profile: E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default CHR Extension: (Google Docs) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-24] CHR Extension: (Google Drive) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-24] CHR Extension: (YouTube) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-24] CHR Extension: (Google Search) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-24] CHR Extension: (dpplabbmogkhghncfbfdeeokoefdjegm) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2015-04-02] CHR Extension: (jlpkojjdgbllmedoapgfodplfhcbnbpn) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2015-04-06] CHR Extension: (Google Wallet) - E:\Documents and Settings\nick\Local Settings\Application Data\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-24] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AdvancedSystemCareService8; E:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit) S2 LiveUpdateSvc; E:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [0 2014-03-26] () <==== ATTENTION (zero size file/folder) R2 Skype C2C Service; E:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) S2 TeamViewer; D:\programs\TeamViewer3\TeamViewer_Host.exe [94208 2008-01-28] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; E:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R3 anvsnddrv; E:\WINDOWS\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed] R3 AtiHDAudioService; E:\WINDOWS\System32\drivers\AtihdXP3.sys [96256 2013-07-09] (Advanced Micro Devices) S3 BT; E:\WINDOWS\System32\DRIVERS\btnetdrv.sys [14088 2008-12-07] (IVT Corporation.) S3 Btcsrusb; E:\WINDOWS\System32\Drivers\btcusb.sys [39304 2009-01-03] (IVT Corporation.) R0 BtHidBus; E:\WINDOWS\System32\Drivers\BtHidBus.sys [20744 2009-01-07] (IVT Corporation.) S3 btnetBUs; E:\WINDOWS\System32\Drivers\btnetBus.sys [30088 2008-12-07] () R1 dtsoftbus01; E:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-25] (DT Soft Ltd) S3 HdAudAddService; E:\WINDOWS\System32\drivers\HdAudio.sys [113664 2004-08-12] (Windows ® Server 2003 DDK provider) S3 IvtBtBUs; E:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-07-02] (IVT Corporation.) S3 Monfilt; E:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MTsensor; E:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 PPJoyBus; E:\WINDOWS\System32\drivers\PPJoyBus.sys [13952 2004-10-24] (Deon van der Westhuysen) [File not signed] S3 RTHDMIAzAudService; E:\WINDOWS\System32\drivers\RtKHDMI.sys [4125352 2011-12-02] (Realtek Semiconductor Corp.) S3 RTLTEAMING; E:\WINDOWS\System32\DRIVERS\RTLTEAMING.SYS [36384 2011-06-15] (Realtek Semiconductor Corporation) S3 RTLVLAN; E:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [17664 2011-06-15] (Realtek Semiconductor Corporation ) S3 RTLVLANMP; E:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [17664 2011-06-15] (Realtek Semiconductor Corporation ) R2 RtNdPt5x; E:\WINDOWS\System32\DRIVERS\RtNdPt5x.sys [22016 2011-06-15] (Realtek Semiconductor Corporation ) R0 SmartDefragDriver; E:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit) R3 teamviewervpn; E:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2008-01-25] (TeamViewer GmbH) S3 VComm; E:\WINDOWS\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT Corporation.) S3 VcommMgr; E:\WINDOWS\System32\Drivers\VcommMgr.sys [31880 2009-01-08] (IVT Corporation.) S3 yukonwxp; E:\WINDOWS\System32\DRIVERS\yk51x86.sys [223104 2004-10-27] (Marvell) S3 AtiDCM; \??\E:\Documents and Settings\nick\Local Settings\Temp\atidcmxx.sys [X] S3 catchme; \??\E:\DOCUME~1\nick\LOCALS~1\Temp\catchme.sys [X] S3 MBAMSwissArmy; \??\E:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 08:17 - 2015-04-11 08:17 - 00013759 _____ () E:\Documents and Settings\nick\Desktop\FRST.txt 2015-04-11 06:40 - 2015-04-11 08:17 - 00000000 ____D () E:\FRST 2015-04-11 06:38 - 2015-04-11 06:38 - 01135104 _____ (Farbar) E:\Documents and Settings\nick\Desktop\FRST.exe 2015-04-11 06:23 - 2015-04-11 06:23 - 00000853 _____ () E:\DelFix.txt 2015-04-10 23:12 - 2015-04-10 23:12 - 21540440 _____ (Malwarebytes Corporation ) E:\Documents and Settings\nick\Desktop\mbam-setup-2.1.4.1018.exe 2015-04-10 23:10 - 2015-04-11 08:17 - 00000000 ____D () E:\Documents and Settings\nick\Local Settings\temp 2015-04-10 23:10 - 2015-04-10 23:10 - 00000000 ____D () E:\Documents and Settings\NetworkService\Local Settings\temp 2015-04-10 23:10 - 2015-04-10 23:10 - 00000000 ____D () E:\Documents and Settings\LocalService\Local Settings\temp 2015-04-10 23:10 - 2015-04-10 23:10 - 00000000 ____D () E:\Documents and Settings\Default User\Local Settings\temp 2015-04-10 22:47 - 2015-04-10 23:24 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\ProductData 2015-04-10 22:47 - 2015-04-10 22:47 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\ProductData 2015-04-10 22:40 - 2015-04-10 22:40 - 00000000 ____D () E:\Documents and Settings\Administrator\Local Settings\Temp 2015-04-10 22:40 - 2015-04-10 22:40 - 00000000 ____D () E:\Documents and Settings\Administrator.NICKCOMP\Local Settings\Temp 2015-04-10 22:40 - 2015-04-10 22:28 - 00024064 _____ () E:\WINDOWS\zoek-delete.exe 2015-04-10 21:56 - 2015-04-10 21:56 - 00008192 ____H () E:\WINDOWS\system32\config\SECURITY.tmp.LOG 2015-04-10 21:56 - 2015-04-10 21:56 - 00000000 ____H () E:\WINDOWS\system32\config\system.tmp.LOG 2015-04-10 21:56 - 2015-04-10 21:56 - 00000000 ____H () E:\WINDOWS\system32\config\software.tmp.LOG 2015-04-10 21:56 - 2015-04-10 21:56 - 00000000 ____H () E:\WINDOWS\system32\config\SAM.tmp.LOG 2015-04-10 21:56 - 2015-04-10 21:56 - 00000000 ____H () E:\WINDOWS\system32\config\default.tmp.LOG 2015-04-10 21:50 - 2015-04-11 06:20 - 00000000 ____D () E:\WINDOWS\erdnt 2015-04-10 21:42 - 2015-04-10 21:42 - 00000000 ____D () E:\RegBackup 2015-04-09 12:33 - 2015-04-09 12:33 - 00000000 ____D () E:\Program Files\Mozilla Firefox 2015-04-05 12:25 - 2015-04-05 12:25 - 00000861 _____ () E:\Documents and Settings\nick\Desktop\Пряк път до mbam.exe.lnk 2015-04-05 11:43 - 2015-04-05 11:45 - 00003322 _____ () E:\WINDOWS\setupapi.log 2015-04-05 11:42 - 2015-04-05 11:42 - 00000568 _____ () E:\Documents and Settings\All Users\Desktop\Cat-A-Cat Games.lnk 2015-04-05 11:42 - 2015-04-05 11:42 - 00000000 ____D () E:\Documents and Settings\All Users\Start Menu\Programs\BeamNG 2015-04-03 21:03 - 2015-04-11 06:41 - 00032634 _____ () E:\WINDOWS\SchedLgU.Txt 2015-04-03 10:05 - 2015-04-05 17:26 - 00001858 _____ () E:\Documents and Settings\All Users\Desktop\Advanced SystemCare 8.lnk 2015-04-03 10:05 - 2015-04-03 10:05 - 00000917 _____ () E:\Documents and Settings\All Users\Desktop\IObit Uninstaller.lnk 2015-04-03 10:05 - 2015-04-03 10:05 - 00000000 ____D () E:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 8 2015-04-02 19:17 - 2015-04-03 10:17 - 00000004 _____ () E:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7 2015-03-28 20:30 - 2015-03-28 20:30 - 00000062 _____ () E:\Documents and Settings\nick\Desktop\Zamunda.NET.URL 2015-03-23 14:18 - 2015-03-23 14:18 - 00000000 ____D () E:\Program Files\ConvertHelper3 2015-03-23 14:13 - 2015-03-23 14:19 - 00000000 ____D () E:\Documents and Settings\nick\dwhelper 2015-03-17 17:56 - 2015-03-31 11:51 - 00000033 _____ () E:\Documents and Settings\nick\Desktop\Нов Текстов документ (4).txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-11 08:17 - 2013-02-25 10:42 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\uTorrent 2015-04-11 07:48 - 2014-12-12 14:09 - 00000830 _____ () E:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-04-11 07:46 - 2013-06-29 19:14 - 00000886 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-11 07:41 - 2014-02-08 09:36 - 00000998 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job 2015-04-11 06:47 - 2013-02-25 11:15 - 00588124 _____ () E:\WINDOWS\system32\PerfStringBackup.INI 2015-04-11 06:44 - 2013-02-25 10:40 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\Skype 2015-04-11 06:44 - 2013-02-25 09:23 - 02026004 _____ () E:\WINDOWS\WindowsUpdate.log 2015-04-11 06:43 - 2014-02-14 08:31 - 00000276 _____ () E:\WINDOWS\Tasks\SmartDefrag3_Update.job 2015-04-11 06:43 - 2013-06-29 19:14 - 00000882 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-11 06:43 - 2013-02-25 09:31 - 00000006 ____H () E:\WINDOWS\Tasks\SA.DAT 2015-04-11 06:43 - 2013-02-25 09:22 - 00000000 ____D () E:\WINDOWS\system32\Restore 2015-04-11 06:43 - 2001-08-23 15:00 - 00002206 _____ () E:\WINDOWS\system32\wpa.dbl 2015-04-11 06:41 - 2013-02-25 09:32 - 00000178 ___SH () E:\Documents and Settings\nick\ntuser.ini 2015-04-10 23:09 - 2001-08-23 15:00 - 00000227 _____ () E:\WINDOWS\system.ini 2015-04-10 22:38 - 2013-02-25 14:51 - 00000000 ____D () E:\WINDOWS\system32\GroupPolicy 2015-04-10 22:38 - 2013-02-25 09:32 - 00000000 ____D () E:\Documents and Settings\nick 2015-04-10 21:59 - 2013-02-25 09:31 - 00000000 __SHD () E:\Documents and Settings\LocalService 2015-04-10 21:59 - 2013-02-25 09:30 - 00000000 __SHD () E:\Documents and Settings\NetworkService 2015-04-10 21:56 - 2013-02-25 11:12 - 00262144 _____ () E:\WINDOWS\system32\config\SECURITY.bak 2015-04-10 21:56 - 2013-02-25 11:12 - 00028672 _____ () E:\WINDOWS\system32\config\SAM.bak 2015-04-10 21:56 - 2013-02-25 11:11 - 28049408 _____ () E:\WINDOWS\system32\config\software.bak 2015-04-10 21:56 - 2013-02-25 11:11 - 07340032 _____ () E:\WINDOWS\system32\config\system.bak 2015-04-10 21:56 - 2013-02-25 11:11 - 00348160 _____ () E:\WINDOWS\system32\config\default.bak 2015-04-10 19:35 - 2013-02-25 14:42 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB959426$ 2015-04-10 13:06 - 2013-02-25 14:57 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB971029$ 2015-04-10 08:15 - 2013-02-25 11:11 - 00000444 ____H () E:\WINDOWS\Tasks\User_Feed_Synchronization-{ECDD555E-AB15-4D31-A086-089AD52039AA}.job 2015-04-09 15:08 - 2014-03-24 21:54 - 00000000 ____D () E:\Program Files\Mozilla Maintenance Service 2015-04-09 14:54 - 2013-02-25 10:40 - 00002265 _____ () E:\Documents and Settings\All Users\Desktop\Skype.lnk 2015-04-08 08:41 - 2014-02-08 09:36 - 00000946 _____ () E:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job 2015-04-05 23:00 - 2014-01-16 20:56 - 00000000 ___RD () E:\Documents and Settings\nick\Desktop\IGRI 2015-04-05 17:25 - 2013-02-25 14:41 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB923561$ 2015-04-05 11:45 - 2013-02-25 09:23 - 00000000 ____D () E:\WINDOWS\system32\DirectX 2015-04-03 17:42 - 2014-03-24 11:17 - 00001847 _____ () E:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-04-03 10:12 - 2013-02-25 13:31 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\DAEMON Tools Lite 2015-04-03 10:11 - 2013-09-16 08:03 - 27881472 _____ () E:\WINDOWS\system32\config\software.iobit 2015-04-03 10:11 - 2013-09-16 08:03 - 00348160 _____ () E:\WINDOWS\system32\config\default.iobit 2015-04-03 10:11 - 2013-09-16 08:03 - 00057344 _____ () E:\WINDOWS\system32\config\SECURITY.iobit 2015-04-03 10:11 - 2013-09-16 08:03 - 00028672 _____ () E:\WINDOWS\system32\config\SAM.iobit 2015-04-03 10:05 - 2013-02-25 12:30 - 00000000 ____D () E:\Program Files\IObit 2015-04-03 10:05 - 2013-02-25 12:16 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\IObit 2015-04-03 09:56 - 2013-02-25 14:54 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB982132$ 2015-03-30 20:58 - 2013-07-10 11:40 - 00000000 ____D () E:\Documents and Settings\nick\Local Settings\Application Data\Mirillis 2015-03-28 15:21 - 2013-11-15 23:29 - 00000000 ____D () E:\Documents and Settings\nick\Application Data\AnvSoft 2015-03-12 18:47 - 2013-09-15 21:27 - 00000000 ____D () E:\Documents and Settings\nick\Local Settings\Application Data\SKIDROW ==================== Files in the root of some directories ======= 2013-07-14 23:02 - 2015-01-21 07:37 - 0117248 _____ () E:\Documents and Settings\nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) E:\WINDOWS\explorer.exe => File is digitally signed E:\WINDOWS\system32\winlogon.exe => File is digitally signed E:\WINDOWS\system32\svchost.exe => File is digitally signed E:\WINDOWS\system32\services.exe => File is digitally signed E:\WINDOWS\system32\User32.dll => File is digitally signed E:\WINDOWS\system32\userinit.exe => File is digitally signed E:\WINDOWS\system32\rpcss.dll => File is digitally signed E:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ Addition.txt
  15. Здравейте!Лаптопа ми е нов на 2-3месеца ,но работи изключително бавно,имам предвид в Chrome като пиша и текста се появява след 1-2секунди примерно,като цяло не използвам почти никакви програми,ето логовете Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015 Ran by Dell (administrator) on DELL-PC on 14-07-2015 10:44:17 Running from C:\Users\Dell\Desktop Loaded Profiles: Dell (Available Profiles: Dell) Platform: Windows 8.1 Connected (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Users\Dell\AppData\Local\Viber\Viber.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5776712 2013-11-26] (Dell Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2014-05-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [562264 2014-04-10] (Waves Audio Ltd.) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.) HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] () HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\Run: [uTorrent] => C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-12] (BitTorrent Inc.) HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\Run: [Viber] => C:\Users\Dell\AppData\Local\Viber\Viber.exe [80035536 2015-06-10] () HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.) HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\MountPoints2: {698d1252-ebdc-11e4-8270-f470c499c1b5} - "E:\autorun.exe" HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\MountPoints2: {a68dd632-dd41-11e4-825b-d54ccb47a18c} - "E:\AutoRun.exe" HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\MountPoints2: {a68dd6a5-dd41-11e4-825b-d54ccb47a18c} - "E:\AutoRun.exe" HKU\S-1-5-21-1353754189-2006675028-370256372-1001\...\MountPoints2: {a68dd84d-dd41-11e4-825b-d54ccb47a18c} - "G:\AutoRun.exe" HKU\S-1-5-21-1353754189-2006675028-370256372-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS) ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS) ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1353754189-2006675028-370256372-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-1353754189-2006675028-370256372-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1353754189-2006675028-370256372-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-1353754189-2006675028-370256372-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6472DF88-8DA3-4641-AA53-F9BE056B1A8A}: [NameServer] 212.39.90.42 212.39.90.43 Tcpip\..\Interfaces\{9520A722-C3EB-424C-86F1-A74A2F638176}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oh4ckppu.default FF DefaultSearchEngine: Google Default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-09] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-09] (Google Inc.) FF Plugin HKU\S-1-5-21-1353754189-2006675028-370256372-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-02] (Ubisoft) FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oh4ckppu.default\searchplugins\google-default.xml [2015-04-07] FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oh4ckppu.default\searchplugins\youtube.xml [2015-04-07] FF Extension: Thumbnail Zoom Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oh4ckppu.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2015-04-07] FF Extension: Adblock Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oh4ckppu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-07] Chrome: ======= CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07] CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07] CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07] CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07] CHR Extension: (Google Search) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07] CHR Extension: (Photo Zoom for Facebook) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-07-09] CHR Extension: (Google Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07] CHR Extension: (Stylish) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-04-07] CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-07] CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-07] CHR Extension: (Hover Zoom) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-07-09] CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell) R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [92528 2015-05-05] (Dell) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.) R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-18] (Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-18] (Intel Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-22] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887232 2013-12-24] (Intel® Corporation) R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-11] (Dell Inc.) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS) S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.) S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [651856 2013-10-26] () R2 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-07] (Waves Audio Ltd.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 HiPatchService; D:\Games\HiPatchService.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-11] (Qualcomm Atheros Communications, Inc.) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-18] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-18] (Intel Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-04-26] (DT Soft Ltd) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] () [File not signed] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2012-12-21] () [File not signed] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] () [File not signed] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2012-12-21] () [File not signed] S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-11] (Intel Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-20] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-14 10:44 - 2015-07-14 10:45 - 00018282 _____ C:\Users\Dell\Desktop\FRST.txt 2015-07-14 10:44 - 2015-07-14 10:44 - 00000000 ____D C:\FRST 2015-07-14 10:43 - 2015-07-14 10:43 - 02133504 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe 2015-07-14 10:42 - 2015-07-14 10:42 - 01636864 _____ (Farbar) C:\Users\Dell\Desktop\a.exe 2015-07-11 17:59 - 2015-07-11 17:59 - 00001062 _____ C:\Users\Dell\Desktop\GuitarPro - Shortcut.lnk 2015-07-09 09:57 - 2015-07-09 09:57 - 00002285 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-07-09 09:57 - 2015-07-09 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-07-09 09:54 - 2015-07-14 09:59 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-09 09:54 - 2015-07-14 09:59 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-09 09:54 - 2015-07-09 09:54 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-09 09:54 - 2015-07-09 09:54 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-09 09:52 - 2015-07-09 09:52 - 00931408 _____ (Google Inc.) C:\Users\Dell\Downloads\ChromeSetup.exe 2015-07-07 20:58 - 2015-07-09 21:16 - 00000000 ____D C:\Users\Dell\AppData\Roaming\TS3Client 2015-07-07 20:58 - 2015-07-07 20:58 - 00001184 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-07-07 20:58 - 2015-07-07 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-07-07 20:57 - 2015-07-07 20:58 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-07-07 20:55 - 2015-07-07 20:57 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Dell\Downloads\TeamSpeak3-Client-win32-3.0.16.exe 2015-07-06 11:19 - 2015-07-06 11:19 - 00001775 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-07-06 11:19 - 2015-07-06 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-06 11:16 - 2015-07-06 11:19 - 00000000 ____D C:\Program Files\iTunes 2015-07-06 11:16 - 2015-07-06 11:16 - 00000000 ____D C:\Program Files\iPod 2015-07-06 11:16 - 2015-07-06 11:16 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-06-25 17:37 - 2015-07-07 16:26 - 00000000 ____D C:\Users\Dell\Desktop\uroci 2015-06-23 15:51 - 2015-06-23 15:51 - 00004024 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-06-23 15:51 - 2015-06-23 15:51 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-06-23 15:51 - 2015-06-23 15:51 - 00003214 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-06-23 15:51 - 2015-06-23 15:51 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows 2015-06-23 15:51 - 2015-06-23 15:51 - 00000000 ____D C:\Program Files\Dell Support Center 2015-06-14 08:54 - 2015-06-14 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-14 10:38 - 2015-04-08 13:45 - 00000000 ____D C:\Users\Dell\AppData\Roaming\AIMP3 2015-07-14 10:27 - 2015-04-07 19:14 - 02066256 _____ C:\Windows\WindowsUpdate.log 2015-07-14 10:09 - 2014-11-29 09:36 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2015-07-14 10:08 - 2015-06-03 16:46 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Skype 2015-07-14 10:07 - 2015-04-07 17:46 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1353754189-2006675028-370256372-1001 2015-07-14 10:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness 2015-07-14 10:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru 2015-07-14 09:59 - 2015-04-08 16:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-14 09:21 - 2015-04-07 17:46 - 00000000 ____D C:\ProgramData\softthinks 2015-07-14 09:08 - 2015-04-07 17:45 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767366E0-BF56-478F-865B-741B5A69AB60} 2015-07-14 09:06 - 2015-04-30 12:34 - 00000400 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job 2015-07-14 09:06 - 2015-04-26 18:07 - 00000000 ____D C:\Users\Dell\AppData\Roaming\ViberPC 2015-07-14 09:05 - 2015-04-07 21:06 - 00000000 ___DO C:\Users\Dell\OneDrive 2015-07-14 09:03 - 2014-03-18 12:44 - 01085486 _____ C:\Windows\PFRO.log 2015-07-14 09:03 - 2013-08-22 17:46 - 00039309 _____ C:\Windows\setupact.log 2015-07-14 09:03 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-12 22:28 - 2015-04-08 16:47 - 00000000 ____D C:\Users\Dell\AppData\Local\Battle.net 2015-07-11 21:01 - 2015-04-09 21:36 - 00115200 ___SH C:\Users\Dell\Desktop\Thumbs.db 2015-07-09 12:00 - 2015-04-08 16:41 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-09 10:22 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp 2015-07-09 09:57 - 2015-04-07 19:31 - 00000000 ____D C:\Program Files (x86)\Google 2015-07-07 00:24 - 2015-04-19 21:21 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-07 00:24 - 2015-04-19 21:21 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-06 17:44 - 2015-04-07 17:48 - 00000000 ____D C:\Users\Dell\AppData\Roaming\uTorrent 2015-07-06 17:00 - 2015-04-14 12:57 - 00000000 ____D C:\Users\Dell\AppData\Roaming\Apple Computer 2015-07-06 11:16 - 2015-04-14 12:54 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-07-06 11:15 - 2015-04-14 12:56 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-07-05 13:08 - 2015-04-12 22:24 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-07-05 08:52 - 2015-04-07 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-03 15:19 - 2015-04-07 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-27 08:47 - 2015-04-07 19:30 - 00000000 ____D C:\Users\Dell\AppData\Local\Deployment 2015-06-25 17:38 - 2015-04-08 16:25 - 00000000 ____D C:\Users\Dell\AppData\Local\Adobe 2015-06-23 15:51 - 2014-11-29 09:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-06-23 15:50 - 2014-11-29 09:34 - 00000000 ____D C:\ProgramData\PCDr 2015-06-22 09:15 - 2015-04-11 11:13 - 00000000 ____D C:\ProgramData\SupportAssistAgent 2015-06-20 08:51 - 2015-04-10 00:19 - 00000000 ____D C:\Windows\system32\MRT 2015-06-20 08:44 - 2015-04-10 00:19 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-17 17:52 - 2014-11-29 09:31 - 00000000 ____D C:\Program Files\Dell 2015-06-16 08:38 - 2015-05-31 10:35 - 00001044 _____ C:\Users\Dell\Desktop\Viber.lnk 2015-06-16 08:38 - 2015-04-26 18:07 - 00001052 _____ C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk 2015-06-16 08:38 - 2015-04-26 18:07 - 00000000 ____D C:\Users\Dell\AppData\Local\Viber 2015-06-14 08:54 - 2015-04-08 11:48 - 00000000 ____D C:\Program Files (x86)\AIMP3 ==================== Files in the root of some directories ======= 2015-06-03 10:36 - 2015-06-03 10:36 - 0007602 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg 2014-11-29 09:22 - 2014-11-29 09:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Dell\AppData\Local\Temp\ExPromo.exe C:\Users\Dell\AppData\Local\Temp\Gw2.exe C:\Users\Dell\AppData\Local\Temp\SRLDetectionLibrary2044722593050632910.dll C:\Users\Dell\AppData\Local\Temp\SRLDetectionLibrary6629298945584287019.dll C:\Users\Dell\AppData\Local\Temp\ubiF2DC.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-08 09:46 ==================== End of log ============================ж Addition.txt
  16. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-03-2015 Ran by dss (administrator) on EER-E4C3292B17D on 11-03-2015 00:44:39 Running from C:\Documents and Settings\dss\My Documents\Downloads Loaded Profiles: dss (Available profiles: dss) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (VIA Technologies, Inc.) C:\WINDOWS\system32\KaraokeSer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer3\TeamViewer_Host.exe (APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) C:\Program Files\Logitech\Video\LogiTray.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (blekko) C:\Documents and Settings\All Users\Application Data\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) D:\install\wcescomm.exe (Microsoft Corporation) D:\install\rapimgr.exe (Logitech Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Softonic) C:\Documents and Settings\dss\Local Settings\Application Data\Softonic\Softonic.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-20] (Logitech Inc.) HKLM\...\Run: [LogitechVideoRepair] => C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-09] (Logitech Inc.) HKLM\...\Run: [LogitechVideoTray] => C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-09] (Logitech Inc.) HKLM\...\Run: [File Bulldog Anti-phishing Domain Advisor] => C:\Documents and Settings\All Users\Application Data\File Bulldog Anti-phishing Domain Advisor\filebulldog_antiphishing.exe [223808 2013-02-11] (blekko) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GB_UPDATE] => D:\install\Razer Game Booster\AutoUpdate.exe/AUTORUN HKLM\...\Run: [userFaultCheck] => %systemroot%\system32\dumprep 0 -u HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1934744 2015-01-28] (APN) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-26] (AVAST Software) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [LogitechSoftwareUpdate] => C:\Program Files\Logitech\Video\ManifestEngine.exe [196608 2005-06-09] (Logitech Inc.) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [GameCenter] => C:\Documents and Settings\dss\Application Data\GameCenter\gamecenter.exe [100352 2012-11-17] (http://joyvy.com/) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [H/PC Connection Agent] => D:\install\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [DAEMON Tools Lite] => D:\install\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [softonicAssistant] => C:\Documents and Settings\dss\Local Settings\Application Data\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] () HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [softonic for Windows] => C:\Documents and Settings\dss\Local Settings\Application Data\Softonic\Softonic.exe [4170224 2014-05-26] (Softonic) HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\...\Run: [GoogleChromeAutoLaunch_2D074F53D60AF6DE46C89F49EA3F6A62] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-02-28] (Google Inc.) HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.) HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll HKLM\...\AppCertDlls: [x86] -> c:\program files\browser tab search by ask\safetynut\safetycrt.dll ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) BootExecute: autocheck autochk * sdnclean.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [s-1-5-21-2000478354-1326574676-1417001333-1003] => localhost:8080 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2000478354-1326574676-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/ URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKLM - (No Name) - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - No File SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a13277-343&apn_uid=1845170684324049&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms} SearchScopes: HKU\S-1-5-21-2000478354-1326574676-1417001333-1003 -> {58980B25-A37C-4A16-AD10-F1D8785D5DDF} URL = http://www.buenosearch.com/?babsrc=SP_kms&tt=na&mntrId=0b4e5db6cdc947031b5e6d7088b3d35e&affID=128493&tsp=5302&q={searchTerms}&r=680 BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-26] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\dss\Application Data\Mozilla\Firefox\Profiles\wc0xrvbw.default-1425967882656 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-27] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2010-02-23] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2010-02-23] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-11] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\dss\Application Data\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-12] FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta461.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta461\ff FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-23] Chrome: ======= CHR Profile: C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-29] CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-05] CHR Extension: (Hangouts) - C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-03-10] CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10] CHR Extension: (Google Wallet) - C:\Documents and Settings\dss\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08] CHR HKLM\...\Chrome\Extension: [dpibobdfligkefmphegochbolpmnlnge] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha495\ch\WebexpEnhancedV1alpha495.crx [Not Found] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-02-23] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-23] CHR HKLM\...\Chrome\Extension: [kondcmgjibmegpklggnhnojajjgflfgg] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta461\ch\VideoPlayerV3beta461.crx [Not Found] CHR HKLM\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-28] (APN LLC.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-26] (AVAST Software) R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88688 2011-02-17] (VIA Technologies, Inc.) R2 TeamViewer; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [181544 2008-03-12] (TeamViewer GmbH) S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [X] <==== ATTENTION ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-02-26] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73480 2015-02-26] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-02-26] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-02-26] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-02-26] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-02-26] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-02-26] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-02-26] () R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-06-02] (AVG Technologies) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-03-20] (DT Soft Ltd) R3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.) S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.) R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [13616 2012-06-13] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2012-06-13] (Marvell Semiconductor Inc.) [File not signed] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [13616 2012-06-13] (Marvell Semiconductor Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2012-12-16] (Duplex Secure Ltd.) R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2795376 2011-02-17] (VIA Technologies, Inc.) U3 a13uhq3o; C:\WINDOWS\system32\Drivers\a13uhq3o.sys [0 ] (Marvell Semiconductor Inc.) <==== ATTENTION (zero size file/folder) S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S4 IntelIde; No ImagePath S3 RTHDMIAzAudService; system32\drivers\RtKHDMI.sys [X] S3 WinRing0_1_2_0; \??\D:\install\Razer Game Booster\Driver\WinRing0.sys [X] ========================== Drivers MD5 ======================= C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17 C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5 C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\WINDOWS\System32\drivers\afd.sys F6B7B1ECD7B41736BDB6FF4B092BCB79 C:\WINDOWS\System32\drivers\AMBFilt.sys 57221EF8A056B5FB47CDDA3BA28DD377 C:\WINDOWS\system32\drivers\aswHwid.sys 9D23DE88C3B18BA87CD4587177CA6CEA C:\WINDOWS\system32\drivers\aswMonFlt.sys 98F4C60F5C3E77B4A2CD1F06F7198D49 C:\WINDOWS\system32\drivers\aswRdr.sys 0926775B8C3B32EE99921CCB0F85378E C:\WINDOWS\system32\Drivers\aswRvrt.sys 6544697080421E62E97AAFBD0A8AA391 C:\WINDOWS\system32\drivers\aswSnx.sys E73CBE3420ECFA8FF7D0467E170E335D C:\WINDOWS\system32\drivers\aswSP.sys 1624D5AD126B8AFE2B2E85E5B8364EB6 C:\WINDOWS\system32\drivers\aswTdi.sys 4C0ECF1AFA6992904814C74B99DD36F9 C:\WINDOWS\system32\Drivers\aswVmm.sys 0EFBC2962B156E8AC267F96D4D93EF06 C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\WINDOWS\System32\DRIVERS\ati2mtag.sys C2B6F2161ABD498D2B453050FFC81812 C:\WINDOWS\System32\drivers\AtihdXP3.sys 924971A182E07463765EF9FA8876F24F C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\WINDOWS\system32\drivers\avgtpx86.sys 9D9B2624C7E8365FC699561111A46A99 C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\WINDOWS\System32\DRIVERS\cdrom.sys 4B0A100EAF5C49EF3CCA8C641431EACC C:\WINDOWS\System32\DRIVERS\disk.sys 47B6AAEC570F2C11D8BAD80A064D8ED1 C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41 C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys 687AF6BB383885FF6A64071B189A7F3E C:\WINDOWS\system32\Drivers\exFat.sys 4D893323DAE445E34A4C9038B0551BC9 C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3 C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\WINDOWS\system32\Drivers\Fs_Rec.sys 30D42943A54704EF13E2562911DBFCEA C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\WINDOWS\System32\Drivers\HTTP.sys 937031C085718C1C04A9C0864625EC6B C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30 C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128 C:\WINDOWS\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99 C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\WINDOWS\system32\Drivers\KSecDD.sys C6EBF1D6AD71DF30DB49B8D3287E1368 C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys 79D1DBFEC599EC47244AF7B06AE2A04E C:\WINDOWS\System32\drivers\lvusbsta.sys C5EFBD05A5195402121711A6EBBB271F C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1 C:\WINDOWS\System32\drivers\MonFilt.sys 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04 C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685 C:\WINDOWS\system32\Drivers\MountMgr.sys 1A1FAA5102466F418494E94FF9B0B091 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 4FEFD389D71126EE581B9F9CB2918BE4 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys FB2FCCC70F7174C7BF64F48E96D3ADF4 C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D C:\WINDOWS\system32\Drivers\Mup.sys F7B1AD991491F02AF6DA70B00B8BF114 C:\WINDOWS\system32\Drivers\mv61xxmm.sys D74224C4D52AC609A89C83791E5A709C C:\WINDOWS\system32\Drivers\mv64xxmm.sys 6090786DAA545A3EC7D34A46A8CD1661 C:\WINDOWS\system32\Drivers\mvxxmm.sys 93A609C515C87F604C09F78E80E03F1D C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 091735A5F20ACB1DC147383A905AE002 C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0 C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\WINDOWS\system32\Drivers\Ntfs.sys 4C51D5275AE8A16999EDFE7E647D00DE C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1 C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1 C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0 C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1 C:\WINDOWS\System32\DRIVERS\LV561AV.SYS 5BD2C6D982481D548107C602E7CCFBBC C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\WINDOWS\System32\DRIVERS\psched.sys D8E11D311785F89F1D70A28B0E879127 C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\WINDOWS\System32\Drivers\PxHelp20.sys E42E3433DBB4CFFE8FDD91EAB29AEA8E C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\WINDOWS\System32\DRIVERS\rdbss.sys 77050C6615F6EB5402F832B27FD695E0 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\WINDOWS\System32\DRIVERS\rdpdr.sys 47EA20320E3D6FDC7B7BB22B2B881CA6 C:\WINDOWS\system32\Drivers\RDPWD.sys C7D9BC54354B8C706ABF172D48313F1B C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5 C:\WINDOWS\System32\DRIVERS\rspndr.sys 743D7D59767073A617B1DCC6C546F234 C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys 1323BA3CA4E8D863EB00CD81C0AAF356 C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7 C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14 C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\WINDOWS\System32\Drivers\sptd.sys 68103A2B441BBF3908EBB587F0704D6C C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D C:\WINDOWS\System32\DRIVERS\srv.sys 9B390283569EA58D43D2586032B892F5 C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2 C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\WINDOWS\System32\DRIVERS\tcpip.sys 51E41F16ACD80B8B39C0AE703A213F09 C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\WINDOWS\system32\Drivers\TDTCP.sys C0578456F29E5F26285F81B7B71FE57D C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC C:\WINDOWS\System32\DRIVERS\usbehci.sys 52674B5DBEE499342A599C7771ABECAA C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6 C:\WINDOWS\System32\Drivers\usbvideo.sys 813236B1183CFCF289E367BD5DE6E29E C:\WINDOWS\System32\DRIVERS\usb8023x.sys B4D7B7AD8A9F7C063C5CC3E2C1A0724E C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\WINDOWS\System32\drivers\viahduaa.sys A11C98A43D7239B1D83DB79707483B1B C:\WINDOWS\System32\DRIVERS\vmmouse.sys 2E11190F37F0499CCA53CC1F92C5A3F7 C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025 C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\WINDOWS\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104 C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8 C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78 C:\WINDOWS\System32\DRIVERS\WudfPf.sys 6FF66513D372D479EF1810223C8D20CE C:\WINDOWS\System32\DRIVERS\wudfrd.sys AC13CB789D93412106B0FB6C7EB2BCB6 C:\WINDOWS\system32\Drivers\a13uhq3o.sys ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== Three Months Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-11 00:42 - 2015-03-11 00:42 - 00026829 _____ () C:\Documents and Settings\dss\Desktop\Addition.txt 2015-03-11 00:41 - 2015-03-11 00:41 - 00043288 _____ () C:\Documents and Settings\dss\Desktop\Shortcut.txt 2015-03-10 23:37 - 2015-03-10 23:37 - 00000000 __SHD () C:\found.000 2015-03-10 23:23 - 2015-03-10 23:23 - 00000336 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038913%20Stable.torrent.txt 2015-03-10 23:22 - 2015-03-10 23:22 - 00002164 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038758%20Stable.torrent 2015-03-10 23:19 - 2015-03-10 23:21 - 00002606 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038913%20Stable.torrent 2015-03-10 11:42 - 2015-03-10 11:42 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\Google Chrome 2015-03-10 11:42 - 2015-03-10 11:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avnex 2015-03-10 11:39 - 2015-03-10 11:43 - 00000000 ____D () C:\Program Files\ AV WebCam Morpher 2015-03-10 08:37 - 2015-03-10 11:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2015-03-10 08:37 - 2015-03-10 08:37 - 00001811 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-03-10 08:11 - 2015-03-10 08:11 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\Old Firefox Data 2015-03-09 16:09 - 2015-03-11 00:09 - 00000262 _____ () C:\WINDOWS\Tasks\PC-Mechanic Maintenance.job 2015-03-09 16:09 - 2015-03-11 00:07 - 00000262 _____ () C:\WINDOWS\Tasks\PC-Mechanic Subscription.job 2015-03-09 16:08 - 2015-03-11 00:08 - 00000256 _____ () C:\WINDOWS\Tasks\PC-Mechanic Startup.job 2015-03-09 16:08 - 2015-03-09 16:08 - 00000818 _____ () C:\Documents and Settings\All Users\Desktop\PC Mechanic.lnk 2015-03-09 16:08 - 2015-03-09 16:08 - 00000000 ____D () C:\Program Files\Uniblue 2015-03-09 16:08 - 2015-03-09 16:08 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Uniblue 2015-03-09 16:08 - 2015-03-09 16:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue 2015-03-09 16:00 - 2015-03-09 16:00 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\Sawbuck 2015-03-09 08:48 - 2015-03-10 13:46 - 00055240 _____ () C:\Documents and Settings\dss\Desktop\пустошта.odt 2015-03-09 08:48 - 2015-03-10 13:46 - 00000129 ____H () C:\Documents and Settings\dss\Desktop\.~lock.пустошта.odt# 2015-03-09 08:35 - 2015-03-08 08:35 - 00008439 _____ () C:\Documents and Settings\dss\My Documents\untitled_0odt 2015-03-08 20:20 - 2015-03-08 20:21 - 00000403 _____ () C:\WINDOWS\wmsetup.log 2015-03-06 09:21 - 2015-03-10 07:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-04 12:34 - 2015-03-07 09:40 - 00065172 _____ () C:\Documents and Settings\dss\Desktop\готови ли сте.odt 2015-03-01 18:32 - 2015-03-01 18:32 - 00001216 _____ () C:\Documents and Settings\dss\Desktop\Graboid Video.lnk 2015-03-01 18:31 - 2015-03-01 18:32 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\Graboid Video 2015-03-01 18:31 - 2015-03-01 18:31 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Graboid Inc 2015-03-01 08:33 - 2015-03-01 08:33 - 00000182 _____ () C:\drwtsn32.log 2015-02-27 17:24 - 2015-02-27 17:24 - 00012098 _____ () C:\Program Files\WinAVI All-In-One Converter 1.7.0.4734 (2012).torrent 2015-02-27 17:24 - 2015-02-27 17:24 - 00000979 _____ () C:\Documents and Settings\dss\Desktop\WinAVI All-in-One Converter.lnk 2015-02-27 17:24 - 2015-02-27 17:24 - 00000000 ____D () C:\Program Files\WinAVI 2015-02-27 17:24 - 2015-02-27 17:24 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\WinAVI All-in-One Converter 2015-02-27 17:24 - 2015-02-27 17:24 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\WinAVI 2015-02-27 17:24 - 2015-02-27 17:24 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\WinAVI 2015-02-27 17:21 - 2015-02-27 17:21 - 00001668 _____ () C:\Program Files\iMedia.Converterv2.0.1 Mac OSX.zip.torrent 2015-02-27 17:20 - 2012-09-08 21:38 - 37532835 _____ () C:\video-converter-ultimate7.exe 2015-02-27 17:19 - 2015-02-27 17:19 - 00011996 _____ () C:\Program Files\ImTOO Video Converter Ultimate.torrent 2015-02-27 17:13 - 2015-02-27 17:13 - 00001734 _____ () C:\Documents and Settings\dss\Desktop\ImTOO HD Video Converter.lnk 2015-02-27 17:13 - 2015-02-27 17:13 - 00000000 ____D () C:\Program Files\ImTOO 2015-02-27 17:13 - 2015-02-27 17:13 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\ImTOO 2015-02-27 17:13 - 2015-02-27 17:13 - 00000000 ____D () C:\Documents and Settings\dss\My Documents\ImTOO Software Studio 2015-02-27 17:13 - 2015-02-27 17:13 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\ImTOO Software Studio 2015-02-27 17:12 - 2015-02-27 17:12 - 00001630 _____ () C:\Program Files\ImTOO HD Video Converter v5.1.26.0904.torrent 2015-02-27 16:58 - 2015-02-27 17:19 - 00000000 ____D () C:\Program Files\FreeTime 2015-02-27 16:57 - 2015-02-27 16:57 - 00016958 _____ () C:\Program Files\FFSetup3.3.3.0.exe.torrent 2015-02-27 16:48 - 2015-02-27 16:48 - 00000000 ____D () C:\Documents and Settings\dss\My Documents\Bigasoft Total Video Converter 2015-02-27 16:44 - 2015-02-27 16:44 - 00000926 _____ () C:\Documents and Settings\All Users\Desktop\Bigasoft Total Video Converter.lnk 2015-02-27 16:44 - 2015-02-27 16:44 - 00000000 ____D () C:\Program Files\Bigasoft 2015-02-27 16:44 - 2015-02-27 16:44 - 00000000 ____D () C:\Documents and Settings\dss\Start Menu\Programs\Bigasoft 2015-02-27 16:44 - 2015-02-27 16:44 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Bigasoft Total Video Converter 4 2015-02-27 16:42 - 2015-02-27 16:42 - 00011120 _____ () C:\Program Files\Bigasoft Total Video Converter v4.5.2.5491.torrent 2015-02-27 16:37 - 2015-02-27 16:38 - 00000067 _____ () C:\WINDOWS\Power Video Converter.INI 2015-02-27 16:35 - 2015-02-27 16:35 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\RHEng 2015-02-27 14:40 - 2015-03-11 00:10 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-27 14:40 - 2015-02-27 14:40 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-27 14:40 - 2015-02-27 14:40 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-27 11:30 - 2015-02-27 11:30 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk 2015-02-27 11:30 - 2015-02-27 11:30 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk 2015-02-27 11:30 - 2015-02-27 11:30 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk 2015-02-27 11:30 - 2015-02-27 11:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive 2015-02-26 22:42 - 2015-02-26 22:42 - 00001731 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk 2015-02-26 22:42 - 2015-02-26 22:42 - 00000000 ____D () C:\WINDOWS\jumpshot.com 2015-02-26 22:42 - 2015-02-26 22:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software 2015-02-26 22:41 - 2015-02-26 22:42 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2015-02-26 22:41 - 2015-02-26 22:42 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2015-02-26 22:41 - 2015-02-26 22:42 - 00073480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2015-02-26 22:41 - 2015-02-26 22:41 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-02-26 22:41 - 2015-02-26 22:41 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-02-26 22:41 - 2015-02-26 22:41 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2015-02-26 22:41 - 2015-02-26 22:41 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2015-02-26 22:41 - 2015-02-26 22:41 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-02-26 22:41 - 2015-02-26 22:41 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-02-26 22:41 - 2015-02-26 22:41 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-02-26 21:55 - 2015-02-26 22:28 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\sw4b4[1] 2015-02-26 21:51 - 2015-02-26 22:28 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\sw4b4 2015-02-26 21:36 - 2015-02-26 22:28 - 00000000 ____D () C:\Program Files\VirtualDub MPEG2 1.6(2).11 2015-02-26 11:34 - 2015-03-04 12:18 - 00068471 _____ () C:\Documents and Settings\dss\Desktop\новото разбиране за любовта.odt 2015-02-25 07:40 - 2015-02-25 07:40 - 00177657 _____ () C:\Documents and Settings\dss\Desktop\тунела на реалността.txt 2015-02-25 00:35 - 2015-02-25 00:35 - 00246409 _____ () C:\Documents and Settings\dss\Desktop\Т1.ass 2015-02-23 10:02 - 2015-02-23 10:06 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Dropbox 2015-02-23 10:01 - 2015-02-23 10:01 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\AVAST Software 2015-02-23 10:00 - 2015-03-11 00:07 - 00000358 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-02-23 09:58 - 2015-02-23 09:58 - 00000000 ____D () C:\Program Files\AVAST Software 2015-02-23 09:58 - 2015-02-23 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software 2015-02-23 09:50 - 2015-02-23 09:50 - 00000000 ____D () C:\OETemp 2015-02-16 15:46 - 2015-02-16 15:46 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\fontconfig 2015-02-16 15:41 - 2015-02-16 15:41 - 00000775 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\ASSDraw3.lnk 2015-02-16 15:41 - 2015-02-16 15:41 - 00000746 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Aegisub.lnk 2015-02-16 15:36 - 2015-02-16 15:36 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\SubtitleCreator 2015-02-16 15:35 - 2015-02-26 22:29 - 00000000 ____D () C:\Program Files\SubtitleCreator 2015-02-16 15:35 - 2015-02-16 15:35 - 00000832 _____ () C:\Documents and Settings\dss\Desktop\SubtitleCreator.lnk 2015-02-16 15:20 - 2015-02-26 22:29 - 00000000 ____D () C:\Program Files\URUSoft 2015-02-16 15:20 - 2015-02-16 15:20 - 00001813 _____ () C:\Documents and Settings\dss\Desktop\Subtitle Workshop.lnk 2015-02-15 07:49 - 2015-02-15 07:50 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Softonic 2015-02-15 07:49 - 2015-02-15 07:49 - 00001047 _____ () C:\Documents and Settings\dss\Desktop\Softonic.lnk 2015-02-15 07:49 - 2015-02-15 07:49 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\fontconfig 2015-02-15 07:48 - 2015-03-11 00:09 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\SoftonicAssistant 2015-02-15 07:48 - 2015-02-25 13:56 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Aegisub 2015-02-15 07:48 - 2015-02-16 15:42 - 00000000 ____D () C:\Program Files\Aegisub 2015-02-15 07:48 - 2015-02-15 08:04 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Aegisub 2015-02-15 07:47 - 2015-02-15 07:48 - 21680922 _____ (Aegisub Team ) C:\Documents and Settings\dss\Desktop\Aegisub-3.0.2-32.exe 2015-01-22 09:42 - 2015-01-22 09:42 - 00000000 ____D () C:\Program Files\AskPartnerNetwork 2015-01-22 09:40 - 2015-01-22 09:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\APN 2015-01-13 10:42 - 2015-01-13 13:56 - 00062971 _____ () C:\Documents and Settings\dss\Desktop\Untitled 2.odt 2015-01-11 23:32 - 2015-01-12 17:47 - 00000129 ____H () C:\Documents and Settings\dss\Desktop\.~lock.крион.odt# 2015-01-02 09:56 - 2015-01-03 16:25 - 00000129 ____H () C:\Documents and Settings\dss\Desktop\.~lock.14.odt# 2015-01-02 09:55 - 2015-01-02 09:55 - 00061609 _____ () C:\Documents and Settings\dss\My Documents\Untitled 1.odt 2014-12-28 07:43 - 2015-01-01 15:59 - 00000129 ____H () C:\Documents and Settings\dss\Desktop\.~lock.3.4.odt# 2014-12-24 20:53 - 2015-02-28 08:41 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\от флашката ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-11 00:45 - 2010-02-23 15:43 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Temp 2015-03-11 00:44 - 2014-02-11 11:34 - 00000000 ____D () C:\FRST 2015-03-11 00:10 - 2010-02-23 15:50 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Skype 2015-03-11 00:09 - 2010-02-23 15:51 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-11 00:09 - 2010-02-23 15:51 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-11 00:09 - 2010-02-23 15:35 - 01343322 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-11 00:07 - 2014-03-27 22:33 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2015-03-11 00:07 - 2010-02-23 15:41 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-11 00:07 - 2010-02-23 07:30 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2015-03-11 00:07 - 2010-02-23 07:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2015-03-11 00:06 - 2010-02-23 15:43 - 00000000 ____D () C:\Documents and Settings\dss 2015-03-11 00:06 - 2010-02-23 15:41 - 00000000 __SHD () C:\Documents and Settings\LocalService 2015-03-11 00:06 - 2010-02-23 15:40 - 00000000 __SHD () C:\Documents and Settings\NetworkService 2015-03-11 00:06 - 2010-02-23 15:33 - 00000000 ____D () C:\WINDOWS\Registration 2015-03-11 00:05 - 2010-02-23 15:41 - 00032526 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-10 23:58 - 2008-04-14 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-10 23:44 - 2013-01-02 22:11 - 00000000 ____D () C:\WINDOWS\system32\NtmsData 2015-03-10 23:43 - 2012-11-12 06:15 - 00000000 ____D () C:\Documents and Settings\dss\My Documents\sibtitri 2015-03-10 23:31 - 2010-02-23 15:34 - 00000000 ____D () C:\WINDOWS\system32\Restore 2015-03-10 23:30 - 2010-02-23 15:43 - 00000178 ___SH () C:\Documents and Settings\dss\ntuser.ini 2015-03-10 23:16 - 2010-02-23 15:51 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\uTorrent 2015-03-10 21:31 - 2012-11-12 07:37 - 00077824 _____ () C:\Documents and Settings\dss\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-10 15:57 - 2012-11-12 06:17 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\subtitri 2015-03-10 15:39 - 2013-01-14 08:49 - 00001811 _____ () C:\Documents and Settings\dss\Desktop\Google Chrome.lnk 2015-03-10 11:11 - 2010-02-23 15:56 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Google 2015-03-10 09:03 - 2014-02-01 22:56 - 00002501 _____ () C:\Documents and Settings\dss\Desktop\Microsoft Word 2010 (2).lnk 2015-03-10 08:36 - 2010-02-23 15:50 - 00000000 ____D () C:\Program Files\Google 2015-03-10 07:49 - 2010-02-23 16:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-10 00:38 - 2010-02-23 16:01 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-10 00:38 - 2010-02-23 16:01 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk 2015-03-09 16:29 - 2012-11-12 07:08 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt 2015-03-08 21:37 - 2010-02-23 15:35 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM 2015-03-08 15:00 - 2014-03-27 22:33 - 00000212 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2015-03-05 13:33 - 2014-10-14 12:47 - 00077020 _____ () C:\WINDOWS\setupapi.log 2015-02-27 17:06 - 2012-11-12 06:53 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\vlc 2015-02-27 14:41 - 2012-11-12 19:44 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Adobe 2015-02-27 10:27 - 2012-11-19 09:22 - 00000000 ____D () C:\Documents and Settings\dss\My Documents\Outlook Files 2015-02-27 08:29 - 2014-11-17 10:45 - 00000000 ____D () C:\Documents and Settings\dss\Desktop\Стари данни Firefox 2015-02-23 10:02 - 2010-02-23 15:56 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Temp 2015-02-23 09:53 - 2014-01-31 17:12 - 00000000 ____D () C:\Program Files\Avira 2015-02-23 09:52 - 2012-11-13 21:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira 2015-02-16 15:43 - 2014-08-12 23:35 - 00338022 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2015-02-16 15:28 - 2012-11-15 07:11 - 00000000 ____D () C:\Documents and Settings\dss\Application Data\Media Player Classic 2015-02-12 23:51 - 2010-02-23 16:00 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-02-11 14:40 - 2013-07-30 09:22 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-02-11 14:34 - 2012-06-13 17:36 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe 2015-02-11 14:33 - 2012-11-12 06:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help 2015-02-11 14:33 - 2008-04-14 14:00 - 00000603 _____ () C:\WINDOWS\win.ini 2015-02-11 00:26 - 2014-08-23 07:00 - 01062838 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2000478354-1326574676-1417001333-1003-0.dat 2015-02-09 15:50 - 2012-11-12 19:25 - 00000000 ____D () C:\Documents and Settings\dss\Local Settings\Application Data\Paint.NET ==================== Files in the root of some directories ======= 2014-03-10 20:30 - 2014-03-10 20:32 - 0000952 _____ () C:\Program Files\%B5Torrent%203.2.0.27708.torrent 2015-03-10 23:22 - 2015-03-10 23:22 - 0002164 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038758%20Stable.torrent 2015-03-10 23:19 - 2015-03-10 23:21 - 0002606 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038913%20Stable.torrent 2015-03-10 23:23 - 2015-03-10 23:23 - 0000336 _____ () C:\Program Files\%B5Torrent%20Pro%203.4.2%20Build%2038913%20Stable.torrent.txt 2014-08-05 07:04 - 2014-08-05 07:04 - 0001362 _____ () C:\Program Files\Atlantis Word Processor 1.6.5.10 RC4.torrent 2014-06-11 08:37 - 2014-06-11 08:37 - 0002276 _____ () C:\Program Files\Atlantis Word Processor 1.6.6.1 Final.torrent 2014-08-05 07:03 - 2014-08-05 07:03 - 0002274 _____ () C:\Program Files\Atlantis Word Processor 1.6.6.1.Final.torrent 2015-02-27 16:42 - 2015-02-27 16:42 - 0011120 _____ () C:\Program Files\Bigasoft Total Video Converter v4.5.2.5491.torrent 2014-08-06 06:33 - 2014-08-06 06:33 - 0009873 _____ () C:\Program Files\Corel WordPerfect Office X3.torrent 2014-08-06 06:35 - 2014-08-06 06:35 - 0014466 _____ () C:\Program Files\Corel.WordPerfect.Office.X5.v15.0.0.357.incl.keymaker-CORE.torrent 2012-11-12 06:51 - 2012-11-12 06:51 - 0004758 _____ () C:\Program Files\DTLite4461-0327.exe.torrent 2012-11-12 06:15 - 2012-11-12 06:30 - 1276411904 _____ () C:\Program Files\en_office_professional_plus_2010_with_sp1_vl_x86_dvd.iso 2015-02-27 16:57 - 2015-02-27 16:57 - 0016958 _____ () C:\Program Files\FFSetup3.3.3.0.exe.torrent 2014-07-08 05:34 - 2014-07-08 05:34 - 0002620 _____ () C:\Program Files\FlexType XP + kg.torrent 2015-02-27 17:21 - 2015-02-27 17:21 - 0001668 _____ () C:\Program Files\iMedia.Converterv2.0.1 Mac OSX.zip.torrent 2015-02-27 17:12 - 2015-02-27 17:12 - 0001630 _____ () C:\Program Files\ImTOO HD Video Converter v5.1.26.0904.torrent 2015-02-27 17:19 - 2015-02-27 17:19 - 0011996 _____ () C:\Program Files\ImTOO Video Converter Ultimate.torrent 2012-11-12 06:25 - 2012-11-12 06:25 - 0001458 _____ () C:\Program Files\Kantaris_0.6.4_setup.exe.torrent 2014-03-05 19:31 - 2014-06-02 17:26 - 0003752 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml 2014-03-10 09:38 - 2014-03-10 09:38 - 1141328 _____ (BitTorrent Inc.) C:\Program Files\utorrent.exe 2015-02-27 17:24 - 2015-02-27 17:24 - 0012098 _____ () C:\Program Files\WinAVI All-In-One Converter 1.7.0.4734 (2012).torrent 2012-11-12 06:42 - 2012-11-12 06:42 - 0004866 _____ () C:\Program Files\WinZip 12.torrent 2013-01-23 18:46 - 2013-01-23 18:46 - 0001292 _____ () C:\Program Files\WinZip_Pro_Portable_14.0.9029_En.paf.exe.torrent 2014-08-05 07:09 - 2014-08-05 07:09 - 0016475 _____ () C:\Program Files\WordPerfect_16.0.0.388.torrent 2014-06-11 08:33 - 2014-06-11 08:33 - 0002456 _____ () C:\Program Files\WordPress 2.6 Beta 2.torrent 2012-12-09 08:27 - 2012-12-09 08:27 - 0002528 ____N () C:\Documents and Settings\dss\Application Data\$_hpcst$.hpc 2012-11-12 07:37 - 2015-03-10 21:31 - 0077824 _____ () C:\Documents and Settings\dss\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-01-13 23:57 - 2013-01-13 23:57 - 0004096 ____H () C:\Documents and Settings\dss\Local Settings\Application Data\keyfile3.drm Some content of TEMP: ==================== C:\Documents and Settings\dss\Local Settings\Temp\1424980754671_subtitle-workshop.exe C:\Documents and Settings\dss\Local Settings\Temp\avgnt.exe C:\Documents and Settings\dss\Local Settings\Temp\bandoffer.exe C:\Documents and Settings\dss\Local Settings\Temp\CloudBackup3990.exe C:\Documents and Settings\dss\Local Settings\Temp\DicterSetup.exe C:\Documents and Settings\dss\Local Settings\Temp\DicterSetup2.exe C:\Documents and Settings\dss\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbm1fco.dll C:\Documents and Settings\dss\Local Settings\Temp\GLF1F8.tmp.dll C:\Documents and Settings\dss\Local Settings\Temp\KMP_3.2.0.0.exe C:\Documents and Settings\dss\Local Settings\Temp\ochelper.exe C:\Documents and Settings\dss\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\dss\Local Settings\Temp\SoftonicAssistant_v0-1-6.exe C:\Documents and Settings\dss\Local Settings\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe C:\Documents and Settings\dss\Local Settings\Temp\subtitle-workshop.exe C:\Documents and Settings\dss\Local Settings\Temp\utt10.tmp.exe C:\Documents and Settings\dss\Local Settings\Temp\utt12.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ Addition.txt
  17. Здравейте! От известно време забелязвам, че компютъра от подписа стана много бавен и понякога дори не мога да отворя task manager-а.... Ето какво е причинявало забавянето Според мен е вирус... Спирам го ръчно и след определено време се стартира отново... Интересното е, че имам легален KIS2014..., и не е "изпищял", сега правя фул скан на компа... P.S. В заглавието съм направил грешка..., имах предвид Coin-miner.exe...
  18. Много ми се товари лаптопа като ползвам гугъл хром и ме съмнява , че ми се е лепнало нещо разполагам със юсб инсталация на уиндоус .Искам да кажа още , че съм с две операционни системи уиндоус товари доста ,но при рестарт като заредя убунту си върви добре .Не мога тук да прикачвам файлове за това го качвам тук http://gangosan.grn.cc/upload/public.php?service=files&t=ff6f85ad7e340c6d5c54a05d7cc0368c
  19. Здравйте, имам проблем с фейсбук страницата,пробвах различни браузъри но не мога да вляза в профила си ,отваря ми го но не виждам нито новини нито съобщенията нито приятели, нищо.Не знам какво да направя,моля за съдействие,благодаря предварително!
  20. Привет. След дълги перипетии,описани в предишните ми теми компютърът ми проработи след ъпдейт на БИОС.Проблемите бяха започнали след неуспешен опит за инсталация на програма свалена от торент, което ме кара да се съмнявам и за наличен вирус.Също имам и подозрения за autorun (или както там се казва) вирус прихванат от флашка.Ето логовете: Addition.txt
  21. Здравейте! Ето ме и мен тук. Става дума за компютър, който ми подариха преди близо две години, така че не знам много за него, но го е ползвало дете, и мисля, че е ок. Система Windows 7 Starter (нетбук Samsung N130), инсталация на... мисля пет години. Използвам го сравнително рядко, когато не съм си вкъщи, за това ме мързи да го преинсталирам, и се надявам, че благодарение на раздела, поне засега няма да ми се наложи. Става дума за невъзможност да деинсталирам ESET Smart Security v.7. Смених ЕСЕТ с Аваст, когато забелязах прекомерно използване на РАМ. Когато погледнах в Speccy, ми показа две антивирусни - Аваст и ESET. Използвах инструмента на ESET за деинсталиране, но не става и не става. Пробвах също така и повторна инсталация на ESET v.7 и деинсталация. Пак не стана. Освен този проблем, може и да има нещо друго, за което не знам, макар и да съм го проверявал с популярни инструменти, и нищо да не откривам. Не разполагам с инсталационен диск на този Уиндоус, който е инсталиран. Не съм използвал външен инструмент за деинсталация. FRST.txt Addition.txt
×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.