Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'решен'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
  • За kaldata.com
  • Теми
  • Photoshop майнаци Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 311 резултата

  1. Здравейте, Извинявам се предварително, ако има създатена тема за решаване на проблем с този вирус, но не успях да я открия, затова пиша. Днес не знам как и по какъв начин, се заразих с Bora Ransomware, всички файлове в системата ми се промениха във формат .bora. Нямам достъп до офис файлове, снимки и др. Може ли съдействие ?
  2. При всяко стартиране на Мозила ми се блокират началните прозорци (без значение от кой сайт са) и ми излизат 3 грешки от Kaspersky T.S. След това мога да си презаредя блокирания прозорец на ново и го отваря без проблем. Проблема се явява само при стартирането на Мозила. Дали е от заразена система или неправилна настройка на АВ-та програма ? Имам наличен диск с ОС. Addition.txt FRST.txt
  3. Здравейте, от няколко дни, когато стартирам компютъра ми се отваря автоматично Google Chrome и ме пренасочва към някакви random сайтове.. Съмнявам се да нямам някакъв злонамерен софтуер. Понеже Eset не ми работи, а уж я имам на системата инсталирана, когато я натисна не ми тръгва и не мога да направя Scan на системата.. Addition.txt FRST.txt
  4. Здравейте Сканирах с Malwarebytes и изтрих high risks detected. Останалите potential threats не ги разпознавам и затова пиша тема. Не разполагам с диск за операционна система. Прикачвам файловете от десктопа. Благодаря предварително! Addition.txt FRST.txt
  5. Здравейте. Проблем с усб флаш паметите (4бр) като ги пусна на настолния и лаптопа ми излиза шорткът към флашката(само в мойте компючтри) на други показва че флашката/те са празни. Сканирах с мбам и намери доста зарази поставих ги в карантина и след рестарт на компа не можах да вляза във флашките.Изписва ми ерор Г://-_-_. Ако може да помогнете. Благодаря предварително Addition.txt FRST.txt dd.txt hfg.txt log.txt
  6. Здравейте, имам проблем с file name extensions на уиндоус 8.1 - не мога да махна отметката. Съответно непрекъснато виждам разширението на файловете - пример: (.txt) Ползвам антивирусна програма Bitdefender Antivirus Free, но не открива вирус. Интересното е, че по някое време мога да махна отметката, но след рестарт на компютъра упорито се завръща... Четох Ето тук и нито един от методите не работи при мен, надявам се да можете да ми помогнете.
  7. Напоследък Chrome зарежда бавно имам чувството че сякаш системата е тромава , днес при опитите да изтегля Farbar страницата се зареждаше около 1:30 минути докато започне самото изтегляне и то неуспешно Addition_04-08-2019 17.09.48.txt FRST_04-08-2019 17.09.48.txt
  8. Невъзможно е да се инсталира никаква програма на компютъра FRST.exe не може да се стартира
  9. Привет колеги. Отупах пепелта от щайгата и реших да проверя дали все още има животец в нея. След като включих компютъра забелязах че процесора постоянно е на 100% а паметта не пада по-ниско от 60%, имайки в предвид че единствения процес който имам отворен в момента е хром, таск менъджер и FRST.exe . Най вероятно ще е троянец . Благодаря за помоща Addition.txt FRST.txt
  10. Заразих се от следния файл: http://flyfvdi.com/vcm_ids/VCMXLoader-01.018.06-EN-Release-Installer.zip Ето и част от MBAM лога(мисля че windows defender-a се справи с повечето, май): Addition.txt FRST.txt
  11. От известно време забелязвам в таск менаджера странен процес - InstallShield. Появява се и в отворените прозорци при alt+tab, но не може да се активира (прозореца). Също от известно време имам проблем с Windows Firewall Control, като при профил Medium filtering нета изчезва. Казвам това, с подозрението, че може да има връзка с въпросния процес. Бях пуснал и Тема за него. Принципно нямам видими проблеми със системата, с изключение на това, че понякога процесора се товари от процес на Интернет експлорър, който не ползвам (не съм сигурен дали KMplayer не го стартира) и споменатия проблем с firewall. Прикачам файловете от Farbar Recovery Scan Tool. FRST.txt Addition.txt
  12. Така стана, че лаптопът ми се зарази с вирус.. Файловете ми на Word и. Excel получиха допълнително разширение (.besub) Опитах се да го премахна чрез AVG, Avast но нищо.. Засегнатите файлове са важни, моля помогнете
  13. Здравейте.; Проблема е следния: 1. Нямах достъп до фейсбук. Този проблем го имаше през всички браузъри. След връщане на предишна точка за възстановяване на ОС проблема се оправи. След това нямах достъп до интернет през хрома. Както и през него не мога да свалям всякакви антивирусни продукти. Addition.txt FRST.txt
  14. Здравейте, вчера получих от Вас съвет за стартиране на FRST и сега прикачам файловете t of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Ran by user (administrator) on USER-PC (28-03-2019 12:08:26) Running from C:\Users\user\Desktop Loaded Profiles: user (Available Profiles: user) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Dell Inc.) [File not signed] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Lavasoft Limited -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (Lavasoft Limited -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\helper\helper.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-11] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8921600 2013-10-22] (Dell Inc.) [File not signed] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1998008 2019-03-28] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7509280 2019-03-28] (Lavasoft Limited -> Lavasoft) HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Run: [Opera Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2264152 2018-12-19] (Opera Software AS -> Opera Software) HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {00436b5d-1004-11e5-b9e8-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {23d7b5e8-fb87-11e8-af18-9c2a70d73da0} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {8a2f6e53-0fdf-11e5-ae17-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {8a2f6ea9-0fdf-11e5-ae17-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {96a6fd05-b6eb-11e5-a4c8-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {98f89a53-ca5d-11e4-9dcf-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {98f89a7d-ca5d-11e4-9dcf-9c2a70d73da0} - F:\AutoRun.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {c31eda96-9dfa-11e8-ad5e-9c2a70d73da0} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {d2ce57cd-e1ac-11e7-85fa-9c2a70d73da0} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {dbe2ec1f-b8ea-11e5-8456-9c2a70d73da0} - F:\AutoRun.exe HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] -> C:\Windows\SysWOW64\advpack.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-09-21] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2013-09-21] (Broadcom Corporation -> Broadcom Corporation.) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-21] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 195.238.84.2 195.238.84.4 Tcpip\..\Interfaces\{59D56FB3-C517-4D7D-9926-81B9DF5D37AF}: [DhcpNameServer] 192.168.88.1 195.238.84.2 195.238.84.4 Tcpip\..\Interfaces\{C3882FF1-A6F7-4A65-A3D0-B8807331FD4C}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp.myway.com/allinonedocs/ttab02/index.html?n=7857F972&p2=^CHT^xdm009^TTAB02^bg&ptb=B7E589BA-98E8-4923-8CC6-02E4B3867EE1&si=EAIaIQobChMIiKnA-J-B4QIVCjjgCh0kUQceEAEYASAAEgJ-jfD_BwE&coid=142cc257d8044233aba2cf3bc9277c9b SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10419__181230&q={searchTerms} SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.) Toolbar: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.) DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://efaktura.bg/inc/capicom.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File FireFox: ======== FF DefaultProfile: m7kv9edv.default-1550937407120 FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m7kv9edv.default-1550937407120 [2019-03-28] FF Homepage: Mozilla\Firefox\Profiles\m7kv9edv.default-1550937407120 -> hxxp://www.bing.com/?pc=COS2&ptag=D123018-N0300A6AA2274B27&form=CONMHP&conlogo=CT3335819 FF NewTab: Mozilla\Firefox\Profiles\m7kv9edv.default-1550937407120 -> hxxp://www.bing.com/?pc=COS2&ptag=D123018-N0300A6AA2274B27&form=CONMHP&conlogo=CT3335819 FF Extension: (Yahoo Homepage) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m7kv9edv.default-1550937407120\Extensions\[email protected] [2019-02-25] FF Extension: (Avast Online Security) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m7kv9edv.default-1550937407120\Extensions\[email protected] [2019-03-27] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-20] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-08] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] (Adobe Systems Incorporated -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> mysearch.avg.com CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US91105G91208&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2019-03-28] CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18] CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20] CHR Extension: (AVG Secure Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2019-01-16] CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01] CHR Extension: (Avast Passwords) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-01-17] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18] CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18] CHR Extension: (McAfee® WebAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-02-25] CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-15] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-07] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-190678317-3990350971-2298258134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (No Name) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2018-11-26] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc. -> ArcSoft, Inc.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2012-09-10] (Microsoft Windows Hardware Compatibility Publisher -> AMD) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software s.r.o. -> AVAST Software) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation) S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.) [File not signed] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-08] (McAfee, Inc. -> McAfee, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] (@ByELDI -> ) [File not signed] S3 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed] R2 TeamViewer; C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2019-03-28] (Lavasoft Limited -> ) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2013-10-22] (Dell Inc.) [File not signed] S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10679808 2012-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [459264 2012-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] (ArcSoft, Inc. -> ) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-26] (AVAST Software s.r.o. -> AVAST Software) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [23760 2013-10-22] (Broadcom Corporation -> Broadcom Corporation) R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [9082064 2013-10-22] (Broadcom Corporation -> Broadcom Corporation) R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [598808 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [184144 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [210984 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [39976 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [21544 2013-10-22] (Broadcom Corporation -> Broadcom Corporation.) R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5343584 2012-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation) S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdnsucx64; C:\Windows\System32\drivers\nmwcdnsucx64.sys [12288 2009-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdnsux64; C:\Windows\System32\drivers\nmwcdnsux64.sys [172544 2009-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated -> Synaptics Incorporated) S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8192 2009-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X] S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X] S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X] S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X] S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-28 11:56 - 2019-03-28 12:00 - 000069400 _____ C:\Users\user\Desktop\Addition.txt 2019-03-28 11:53 - 2019-03-28 12:09 - 000033111 _____ C:\Users\user\Desktop\FRST.txt 2019-03-28 11:51 - 2019-03-28 11:48 - 002434048 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe 2019-03-28 11:47 - 2019-03-28 11:48 - 002434048 _____ (Farbar) C:\Users\user\Desktop\FRST64 (1).exe 2019-03-28 06:29 - 2019-03-28 06:29 - 000000000 ____D C:\Users\user\AppData\LocalLow\uTorrent 2019-03-28 06:29 - 2019-03-28 06:29 - 000000000 ____D C:\Users\user\AppData\Local\BitTorrentHelper 2019-03-26 17:35 - 2019-03-26 17:35 - 000000000 ____D C:\Program Files (x86)\MSXML 4.0 2019-03-26 11:45 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-26 11:45 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-03-26 11:44 - 2019-03-26 11:46 - 000000000 ____D C:\Users\user\AppData\Roaming\Wise Euask 2019-03-26 10:21 - 2019-03-28 06:48 - 000004950 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for user-PC-user user-PC 2019-03-26 09:13 - 2019-03-26 09:13 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-03-25 19:37 - 2019-03-25 19:37 - 021205512 _____ (Piriform Software Ltd) C:\Users\user\Downloads\ccsetup555.exe 2019-03-25 15:30 - 2019-03-25 15:30 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-25 15:30 - 2019-03-25 15:30 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-25 15:19 - 2015-07-30 15:13 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2019-03-25 15:19 - 2015-07-30 15:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2019-03-25 14:25 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-25 14:25 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-25 14:25 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-03-25 14:25 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-03-25 14:25 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-25 14:25 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-25 14:25 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-25 14:25 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-25 14:25 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-25 14:25 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-03-25 14:25 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-03-25 14:25 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-25 14:25 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-25 14:25 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-25 14:25 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-25 14:25 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-25 14:25 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-25 14:25 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-25 14:25 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-25 14:25 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-25 14:25 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-03-25 14:25 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-03-25 14:25 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-03-25 14:25 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-03-25 14:25 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-03-25 14:25 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-03-25 14:25 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-03-25 14:25 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-25 14:25 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-25 14:25 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-03-25 14:25 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-03-25 14:25 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-03-25 14:25 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-25 14:25 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-03-25 14:25 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-25 14:25 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-03-25 14:25 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-03-25 14:25 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-03-25 14:25 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-03-25 14:25 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-03-25 14:25 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2019-03-25 14:25 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-03-25 14:25 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-03-25 14:25 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2019-03-25 14:25 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2019-03-25 14:25 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2019-03-25 14:25 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2019-03-25 14:25 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-03-25 14:25 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-03-25 14:25 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-03-25 14:25 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-03-25 14:25 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2019-03-25 14:25 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2019-03-25 14:25 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2019-03-25 14:25 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-03-25 14:25 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2019-03-25 14:25 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2019-03-25 14:25 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-25 14:25 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-03-25 14:25 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2019-03-25 14:25 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2019-03-25 14:25 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2019-03-25 14:25 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-25 14:25 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-03-25 14:25 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2019-03-25 14:25 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-25 14:25 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2019-03-25 14:25 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2019-03-25 14:25 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2019-03-25 14:25 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2019-03-25 14:25 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-03-25 14:25 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-03-25 14:25 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-03-25 14:25 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-03-25 14:25 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2019-03-25 14:25 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-03-25 14:25 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-25 14:25 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-03-25 14:25 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-03-25 14:25 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-03-25 14:25 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-25 14:25 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-25 14:25 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll 2019-03-25 14:25 - 2019-02-22 04:35 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-03-25 14:25 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-03-25 14:25 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-25 14:25 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-25 14:25 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-25 14:25 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-03-25 14:25 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2019-03-25 14:25 - 2019-02-16 06:10 - 000419608 _____ C:\Windows\SysWOW64\locale.nls 2019-03-25 14:25 - 2019-02-16 06:10 - 000419608 _____ C:\Windows\system32\locale.nls 2019-03-25 14:25 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-25 14:25 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-25 14:25 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-25 14:25 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-03-25 14:25 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2019-03-25 14:25 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-25 14:25 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-25 14:25 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-25 14:25 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2019-03-25 14:25 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-03-25 14:25 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2019-03-25 14:25 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2019-03-25 14:25 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-25 14:25 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-25 14:25 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-25 14:25 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-25 14:25 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-25 14:25 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-03-25 14:25 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-03-25 14:25 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-03-25 14:25 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2019-03-25 14:25 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-25 14:25 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-25 14:25 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-25 14:25 - 2019-01-12 04:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-03-25 14:25 - 2019-01-01 18:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-03-25 14:25 - 2019-01-01 18:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2019-03-25 14:25 - 2019-01-01 18:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-03-25 14:25 - 2019-01-01 18:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2019-03-25 14:25 - 2019-01-01 17:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-03-25 14:25 - 2019-01-01 17:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2019-03-25 14:25 - 2019-01-01 17:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-03-25 14:25 - 2019-01-01 17:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-03-25 14:25 - 2019-01-01 17:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2019-03-25 14:25 - 2018-12-08 05:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2019-03-25 14:25 - 2018-12-08 04:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll 2019-03-25 14:25 - 2018-12-08 04:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll 2019-03-25 14:25 - 2018-12-08 04:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2019-03-25 14:25 - 2018-12-08 04:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2019-03-25 14:25 - 2018-12-08 04:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2019-03-25 14:25 - 2018-12-08 04:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll 2019-03-25 14:25 - 2018-12-08 04:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll 2019-03-25 14:25 - 2018-12-04 18:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2019-03-25 14:25 - 2018-12-04 18:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2019-03-25 14:25 - 2018-12-04 17:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2019-03-25 14:25 - 2018-12-04 17:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2019-03-25 14:25 - 2018-11-18 04:43 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2019-03-25 14:25 - 2018-11-18 04:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2019-03-25 14:25 - 2018-11-11 18:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-03-25 14:25 - 2018-10-27 05:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2019-03-25 14:25 - 2018-10-27 05:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2019-03-25 14:25 - 2018-10-27 05:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2019-03-25 14:25 - 2018-10-27 05:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll 2019-03-25 14:25 - 2018-10-27 05:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll 2019-03-25 14:25 - 2018-10-27 05:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2019-03-25 14:25 - 2018-10-27 05:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2019-03-25 14:25 - 2018-10-27 05:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2019-03-25 14:25 - 2018-10-27 05:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2019-03-25 14:25 - 2018-10-27 05:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2019-03-25 14:25 - 2018-10-27 05:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2019-03-25 14:25 - 2018-10-27 05:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2019-03-25 14:25 - 2018-10-27 05:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll 2019-03-25 14:25 - 2018-10-27 05:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2019-03-25 14:25 - 2018-10-12 15:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2019-03-25 14:25 - 2018-10-06 17:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2019-03-25 14:25 - 2018-10-06 17:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2019-03-25 14:25 - 2018-10-06 17:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2019-03-25 14:25 - 2018-10-06 17:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2019-03-25 14:25 - 2018-10-06 15:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2019-03-25 14:25 - 2018-09-23 04:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2019-03-25 14:25 - 2018-09-23 04:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2019-03-25 14:25 - 2018-09-23 04:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2019-03-25 14:25 - 2018-09-23 04:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2019-03-25 14:25 - 2018-09-23 04:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2019-03-25 14:25 - 2018-09-23 04:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2019-03-25 14:25 - 2018-09-23 04:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2019-03-25 14:25 - 2018-09-23 04:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2019-03-25 14:25 - 2018-09-23 04:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2019-03-25 14:25 - 2018-09-23 04:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2019-03-25 14:25 - 2018-09-09 03:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-03-25 14:25 - 2018-09-09 03:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2019-03-25 14:25 - 2018-09-09 02:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2019-03-25 14:25 - 2018-09-09 02:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2019-03-25 14:25 - 2018-09-09 02:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2019-03-25 14:25 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-03-25 14:25 - 2018-08-16 04:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2019-03-25 14:25 - 2018-08-13 23:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-03-25 14:25 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-03-25 14:25 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2019-03-25 14:25 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2019-03-25 14:25 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2019-03-25 14:25 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2019-03-25 14:25 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2019-03-25 14:25 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2019-03-25 14:25 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2019-03-25 14:25 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2019-03-25 14:25 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2019-03-25 14:25 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2019-03-25 14:25 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2019-03-25 14:25 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2019-03-25 14:25 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2019-03-25 14:25 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2019-03-25 14:25 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2019-03-25 14:25 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2019-03-25 14:25 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll 2019-03-25 14:25 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll 2019-03-25 14:25 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-03-25 14:25 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2019-03-25 14:25 - 2018-06-08 18:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2019-03-25 14:25 - 2018-06-08 18:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2019-03-25 14:25 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2019-03-25 14:25 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2019-03-25 14:25 - 2018-06-08 17:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2019-03-25 14:25 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe 2019-03-25 14:25 - 2018-05-11 23:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2019-03-25 14:25 - 2018-05-11 02:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-03-25 14:25 - 2018-05-11 02:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2019-03-25 14:25 - 2018-05-02 17:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2019-03-25 14:25 - 2018-05-02 17:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2019-03-25 14:25 - 2018-05-02 17:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2019-03-25 14:25 - 2018-05-02 17:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2019-03-25 14:25 - 2018-05-02 17:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2019-03-25 14:25 - 2018-04-25 18:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2019-03-25 14:25 - 2018-04-25 17:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2019-03-25 14:25 - 2018-04-18 18:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2019-03-25 14:25 - 2018-04-18 18:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll 2019-03-25 14:25 - 2018-04-18 17:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2019-03-25 14:25 - 2018-04-18 17:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll 2019-03-25 14:25 - 2018-04-18 17:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe 2019-03-25 14:25 - 2018-04-18 17:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe 2019-03-25 14:25 - 2018-04-10 18:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2019-03-25 14:25 - 2018-04-10 18:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2019-03-25 14:25 - 2018-04-10 18:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2019-03-25 14:25 - 2018-04-07 18:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2019-03-25 14:25 - 2018-03-14 19:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2019-03-25 14:25 - 2018-03-14 19:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-03-25 14:25 - 2018-03-14 19:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-03-25 14:25 - 2018-03-14 19:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2019-03-25 14:25 - 2018-03-14 19:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2019-03-25 14:25 - 2018-03-14 18:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2019-03-25 14:25 - 2018-03-14 18:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2019-03-25 14:25 - 2018-03-14 18:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2019-03-25 14:25 - 2018-03-14 18:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2019-03-25 14:25 - 2018-03-14 18:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2019-03-25 14:25 - 2018-03-14 18:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-03-25 14:25 - 2018-03-14 18:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-03-25 14:25 - 2018-03-14 18:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-03-25 14:25 - 2018-03-14 18:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2019-03-25 14:25 - 2018-03-14 18:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2019-03-25 14:25 - 2018-03-06 20:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2019-03-25 14:25 - 2018-03-06 20:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2019-03-25 14:25 - 2018-03-06 20:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll 2019-03-25 14:25 - 2018-03-06 20:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2019-03-25 14:25 - 2018-03-06 20:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2019-03-25 14:25 - 2018-02-22 05:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2019-03-25 14:25 - 2018-02-22 05:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2019-03-25 14:25 - 2018-02-10 20:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2019-03-25 14:25 - 2018-02-10 20:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2019-03-25 14:25 - 2018-02-10 20:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll 2019-03-25 14:25 - 2018-02-10 20:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2019-03-25 14:25 - 2018-02-10 20:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys 2019-03-25 14:25 - 2018-02-10 20:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2019-03-25 14:25 - 2018-02-10 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll 2019-03-25 14:25 - 2018-02-10 20:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2019-03-25 14:25 - 2018-02-10 20:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll 2019-03-25 14:25 - 2018-02-10 19:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe 2019-03-25 14:25 - 2018-02-10 19:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2019-03-25 14:25 - 2018-02-10 19:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys 2019-03-25 14:25 - 2018-02-10 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys 2019-03-25 14:25 - 2018-02-10 19:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2019-03-25 14:25 - 2018-01-12 18:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2019-03-25 14:25 - 2018-01-12 18:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2019-03-25 14:25 - 2018-01-12 18:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2019-03-25 14:25 - 2018-01-01 04:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2019-03-25 14:25 - 2018-01-01 04:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll 2019-03-25 14:25 - 2018-01-01 04:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll 2019-03-25 14:25 - 2018-01-01 04:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2019-03-25 14:25 - 2018-01-01 04:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2019-03-25 14:25 - 2018-01-01 04:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2019-03-25 14:25 - 2018-01-01 04:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll 2019-03-25 14:25 - 2018-01-01 03:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2019-03-25 14:25 - 2018-01-01 03:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2019-03-25 14:25 - 2018-01-01 03:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2019-03-25 14:25 - 2018-01-01 03:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll 2019-03-25 14:25 - 2018-01-01 03:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll 2019-03-25 14:25 - 2018-01-01 03:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll 2019-03-25 14:25 - 2018-01-01 03:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2019-03-25 14:25 - 2017-12-05 19:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2019-03-25 14:25 - 2017-12-05 19:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll 2019-03-25 14:25 - 2017-12-05 19:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2019-03-25 14:25 - 2017-12-05 18:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2019-03-25 14:25 - 2017-12-05 17:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll 2019-03-25 14:25 - 2017-11-02 18:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2019-03-25 14:25 - 2017-11-02 18:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll 2019-03-25 14:25 - 2017-11-02 17:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll 2019-03-25 14:25 - 2017-10-17 01:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2019-03-25 14:25 - 2017-10-17 00:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll 2019-03-25 14:25 - 2017-10-12 02:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2019-03-25 14:25 - 2017-10-12 02:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2019-03-25 14:25 - 2017-10-12 02:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-03-25 14:25 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2019-03-25 14:25 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2019-03-25 14:25 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2019-03-25 14:25 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2019-03-25 14:25 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2019-03-25 14:25 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2019-03-25 14:25 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2019-03-25 14:25 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2019-03-25 14:25 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll 2019-03-25 14:25 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll 2019-03-25 14:25 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll 2019-03-25 14:25 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2019-03-25 14:25 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2019-03-25 14:25 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2019-03-25 14:25 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2019-03-25 14:25 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2019-03-25 14:25 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll 2019-03-25 14:25 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll 2019-03-25 14:25 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll 2019-03-25 14:25 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2019-03-25 14:25 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2019-03-25 14:25 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2019-03-25 14:25 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2019-03-25 14:25 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2019-03-25 14:25 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2019-03-25 14:25 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2019-03-25 14:25 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll 2019-03-25 14:25 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll 2019-03-25 14:25 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2019-03-25 14:25 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2019-03-25 14:25 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe 2019-03-25 14:25 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-03-25 14:25 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2019-03-25 14:25 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll 2019-03-25 14:25 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll 2019-03-25 14:25 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2019-03-25 14:25 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll 2019-03-25 14:25 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll 2019-03-25 14:25 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2019-03-25 14:25 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll 2019-03-25 14:25 - 2017-06-13 00:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2019-03-25 14:25 - 2017-06-13 00:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2019-03-25 14:25 - 2017-06-13 00:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2019-03-25 14:25 - 2017-06-13 00:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll 2019-03-25 14:25 - 2017-06-13 00:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2019-03-25 14:25 - 2017-06-13 00:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2019-03-25 14:25 - 2017-06-13 00:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2019-03-25 14:25 - 2017-06-13 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll 2019-03-25 14:25 - 2017-06-13 00:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe 2019-03-25 14:25 - 2017-06-13 00:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe 2019-03-25 14:25 - 2017-06-13 00:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe 2019-03-25 14:25 - 2017-06-13 00:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe 2019-03-25 14:25 - 2017-06-02 10:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2019-03-25 14:25 - 2017-05-10 17:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe 2019-03-25 14:25 - 2017-05-10 17:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe 2019-03-25 14:25 - 2017-04-28 00:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2019-03-25 14:25 - 2017-04-04 16:53 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2019-03-25 14:25 - 2017-03-30 17:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe 2019-03-25 14:25 - 2017-03-30 16:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe 2019-03-25 14:25 - 2017-03-10 18:32 - 001389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll 2019-03-25 14:25 - 2017-03-10 18:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll 2019-03-25 14:25 - 2017-03-10 17:57 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe 2019-03-25 14:25 - 2017-03-07 18:30 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2019-03-25 14:25 - 2017-03-07 18:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2019-03-25 14:25 - 2017-03-04 03:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2019-03-25 14:25 - 2017-03-04 03:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2019-03-25 14:25 - 2017-02-09 18:32 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2019-03-25 14:25 - 2017-02-09 18:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2019-03-25 14:25 - 2016-11-10 18:32 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-03-25 14:25 - 2016-11-10 18:19 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-03-25 14:25 - 2016-10-11 17:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2019-03-25 14:25 - 2016-10-11 17:31 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2019-03-25 14:25 - 2016-10-11 17:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2019-03-25 14:25 - 2016-10-11 17:31 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2019-03-25 14:25 - 2016-10-11 17:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME 2019-03-25 14:25 - 2016-10-11 17:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2019-03-25 14:25 - 2016-10-11 17:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime 2019-03-25 14:25 - 2016-10-11 17:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2019-03-25 14:25 - 2016-10-11 16:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2019-03-25 14:25 - 2016-10-11 15:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2019-03-25 14:25 - 2016-10-11 15:06 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2019-03-25 14:25 - 2016-09-12 23:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2019-03-25 14:25 - 2016-09-12 22:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2019-03-25 14:25 - 2016-09-08 22:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2019-03-25 14:25 - 2016-09-08 22:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2019-03-25 14:25 - 2016-09-08 16:55 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2019-03-25 14:25 - 2016-08-12 18:26 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2019-03-25 14:25 - 2016-08-06 17:31 - 002023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2019-03-25 14:25 - 2016-08-06 17:31 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2019-03-25 14:25 - 2016-08-06 17:31 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2019-03-25 14:25 - 2016-08-06 17:31 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2019-03-25 14:25 - 2016-08-06 17:31 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2019-03-25 14:25 - 2016-08-06 17:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2019-03-25 14:25 - 2016-08-06 17:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2019-03-25 14:25 - 2016-08-06 17:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2019-03-25 14:25 - 2016-08-06 17:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2019-03-25 14:25 - 2016-08-06 17:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2019-03-25 14:25 - 2016-08-06 17:01 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2019-03-25 14:25 - 2016-08-06 16:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2019-03-25 14:25 - 2016-08-06 16:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe 2019-03-25 14:25 - 2016-08-06 16:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll 2019-03-25 14:24 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-25 14:24 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-25 14:24 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-25 14:24 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-25 14:24 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-25 14:24 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-25 14:24 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-03-25 14:24 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-03-25 14:24 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-03-25 14:24 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-03-25 14:24 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-03-25 14:24 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-03-25 14:24 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-03-25 14:24 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-03-25 14:24 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-25 14:24 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-25 14:24 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-25 14:24 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-25 14:24 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-25 14:24 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-25 14:24 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-25 14:24 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-25 14:24 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-25 14:24 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-25 14:24 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-03-25 14:24 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-03-25 14:24 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-03-25 14:24 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-25 14:24 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-03-25 14:24 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-03-25 14:24 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-25 14:24 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-03-25 14:24 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-03-25 14:24 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-25 14:24 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-25 14:24 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-25 14:24 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-03-25 14:24 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-25 14:24 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-25 14:24 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-03-25 14:24 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-25 14:24 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-25 14:24 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-25 14:24 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-25 14:24 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-03-25 14:24 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-03-25 14:24 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2019-03-25 14:24 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-25 14:24 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-25 14:24 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-25 14:24 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-25 14:24 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2019-03-25 14:24 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2019-03-25 14:24 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-25 14:24 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-25 14:24 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-25 14:24 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-03-25 14:24 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-25 14:24 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-25 14:24 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-25 14:24 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-03-25 14:24 - 2019-01-01 18:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-03-25 14:24 - 2019-01-01 18:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2019-03-25 14:24 - 2019-01-01 17:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2019-03-25 14:24 - 2018-12-08 05:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2019-03-25 14:24 - 2018-12-08 05:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp 2019-03-25 14:24 - 2018-12-08 05:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp 2019-03-25 14:24 - 2018-12-08 05:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll 2019-03-25 14:24 - 2018-12-08 05:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll 2019-03-25 14:24 - 2018-12-08 04:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp 2019-03-25 14:24 - 2018-12-08 04:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp 2019-03-25 14:24 - 2018-12-02 18:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-03-25 14:24 - 2018-11-18 04:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-03-25 14:24 - 2018-11-18 04:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-03-25 14:24 - 2018-11-18 04:44 - 000546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-03-25 14:24 - 2018-11-18 04:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2019-03-25 14:24 - 2018-11-11 19:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2019-03-25 14:24 - 2018-11-11 18:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-03-25 14:24 - 2018-10-06 18:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-03-25 14:24 - 2018-10-06 17:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2019-03-25 14:24 - 2018-10-06 17:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2019-03-25 14:24 - 2018-10-06 17:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-03-25 14:24 - 2018-10-06 17:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-03-25 14:24 - 2018-10-06 17:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2019-03-25 14:24 - 2018-10-06 17:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2019-03-25 14:24 - 2018-10-06 17:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2019-03-25 14:24 - 2018-10-06 15:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2019-03-25 14:24 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2019-03-25 14:24 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2019-03-25 14:24 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2019-03-25 14:24 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-03-25 14:24 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2019-03-25 14:24 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2019-03-25 14:24 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2019-03-25 14:24 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2019-03-25 14:24 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2019-03-25 14:24 - 2018-06-08 18:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2019-03-25 14:24 - 2018-05-15 05:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2019-03-25 14:24 - 2018-05-15 05:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2019-03-25 14:24 - 2018-05-11 23:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-03-25 14:24 - 2018-05-02 17:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2019-03-25 14:24 - 2018-05-02 17:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2019-03-25 14:24 - 2018-04-10 18:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2019-03-25 14:24 - 2018-03-14 18:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-03-25 14:24 - 2018-03-06 20:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2019-03-25 14:24 - 2018-02-10 20:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2019-03-25 14:24 - 2018-02-10 20:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll 2019-03-25 14:24 - 2018-02-10 19:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe 2019-03-25 14:24 - 2018-02-10 19:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2019-03-25 14:24 - 2018-02-10 19:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe 2019-03-25 14:24 - 2018-01-12 18:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2019-03-25 14:24 - 2018-01-01 04:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2019-03-25 14:24 - 2018-01-01 04:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2019-03-25 14:24 - 2018-01-01 04:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2019-03-25 14:24 - 2018-01-01 04:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2019-03-25 14:24 - 2018-01-01 04:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2019-03-25 14:24 - 2018-01-01 04:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2019-03-25 14:24 - 2018-01-01 04:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll 2019-03-25 14:24 - 2018-01-01 03:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys 2019-03-25 14:24 - 2018-01-01 03:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2019-03-25 14:24 - 2017-12-05 19:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2019-03-25 14:24 - 2017-12-05 19:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2019-03-25 14:24 - 2017-12-05 19:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2019-03-25 14:24 - 2017-11-02 18:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2019-03-25 14:24 - 2017-11-02 18:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll 2019-03-25 14:24 - 2017-11-02 17:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2019-03-25 14:24 - 2017-11-02 17:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll 2019-03-25 14:24 - 2017-11-02 16:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll 2019-03-25 14:24 - 2017-10-12 02:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2019-03-25 14:24 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2019-03-25 14:24 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2019-03-25 14:24 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2019-03-25 14:24 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2019-03-25 14:24 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2019-03-25 14:24 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2019-03-25 14:24 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2019-03-25 14:24 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2019-03-25 14:24 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2019-03-25 14:24 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2019-03-25 14:24 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2019-03-25 14:24 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys 2019-03-25 14:24 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2019-03-25 14:24 - 2017-07-06 06:56 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys 2019-03-25 14:24 - 2017-06-13 00:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2019-03-25 14:24 - 2017-06-13 00:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2019-03-25 14:24 - 2017-05-12 18:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-03-25 14:24 - 2017-05-12 17:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-03-25 14:24 - 2017-05-12 17:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2019-03-25 14:24 - 2017-04-12 15:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2019-03-25 14:24 - 2017-03-10 18:32 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2019-03-25 14:24 - 2017-03-10 18:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2019-03-25 14:24 - 2017-02-09 18:32 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2019-03-25 14:24 - 2016-10-11 17:32 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2019-03-25 14:24 - 2016-10-11 17:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2019-03-25 14:24 - 2016-10-11 17:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime 2019-03-25 14:24 - 2016-10-11 17:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2019-03-25 14:24 - 2016-09-08 22:34 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2019-03-25 14:24 - 2016-09-08 22:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2019-03-25 14:24 - 2016-08-06 17:31 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2019-03-25 14:24 - 2016-08-06 17:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2019-03-25 14:19 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll 2019-03-25 14:19 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2019-03-25 14:19 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2019-03-25 14:19 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2019-03-25 14:19 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2019-03-25 14:19 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2019-03-25 14:19 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2019-03-25 14:19 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-25 14:19 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-25 14:19 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-25 14:19 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-25 14:19 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-25 14:19 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-25 14:19 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-25 14:19 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-25 14:19 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-25 14:19 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-25 14:19 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-25 14:19 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-25 14:19 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-25 14:19 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-25 14:19 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-25 14:19 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-25 14:15 - 2015-07-15 05:19 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2019-03-25 14:14 - 2015-12-08 23:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2019-03-25 14:14 - 2015-12-08 23:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2019-03-25 14:14 - 2015-12-08 23:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2019-03-25 14:14 - 2015-12-08 23:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2019-03-25 14:14 - 2015-12-08 23:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2019-03-25 14:14 - 2015-12-08 23:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2019-03-25 14:14 - 2015-12-08 23:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2019-03-25 14:14 - 2015-12-08 23:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2019-03-25 14:14 - 2015-12-08 23:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2019-03-25 14:14 - 2015-12-08 23:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 002777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 001232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 001026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 000978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2019-03-25 14:14 - 2015-12-08 21:07 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2019-03-25 14:14 - 2015-12-08 21:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2019-03-25 14:14 - 2015-12-08 21:06 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2019-03-25 14:14 - 2015-12-08 20:54 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2019-03-25 14:14 - 2015-12-08 20:12 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2019-03-25 14:14 - 2015-12-08 20:11 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2019-03-25 14:14 - 2015-11-14 01:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2019-03-25 14:14 - 2015-11-14 01:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2019-03-25 14:14 - 2015-11-14 01:08 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2019-03-25 14:14 - 2015-11-14 00:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2019-03-25 14:14 - 2015-11-14 00:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2019-03-25 14:14 - 2015-11-14 00:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2019-03-25 14:14 - 2015-07-10 19:51 - 003722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-03-25 14:14 - 2015-07-10 19:51 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2019-03-25 14:14 - 2015-07-10 19:51 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2019-03-25 14:14 - 2015-07-10 19:34 - 003221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-03-25 14:14 - 2015-07-10 19:34 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2019-03-25 14:14 - 2015-07-10 19:33 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2019-03-25 14:14 - 2015-06-02 02:07 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2019-03-25 14:14 - 2015-06-02 01:47 - 000210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2019-03-25 14:13 - 2016-05-11 19:02 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2019-03-25 14:13 - 2016-05-11 19:02 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2019-03-25 14:13 - 2016-05-11 17:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2019-03-25 14:13 - 2016-05-11 17:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2019-03-25 14:13 - 2016-04-14 15:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2019-03-25 14:13 - 2016-04-14 15:21 - 000647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2019-03-25 14:13 - 2016-02-09 11:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2019-03-25 14:13 - 2016-02-05 03:19 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2019-03-25 14:13 - 2016-02-04 20:41 - 000296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2019-03-25 14:13 - 2016-02-03 20:07 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2019-03-25 14:13 - 2016-01-22 08:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2019-03-25 14:13 - 2016-01-22 08:18 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2019-03-25 14:13 - 2016-01-22 08:17 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2019-03-25 14:13 - 2016-01-22 08:04 - 000642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2019-03-25 14:13 - 2016-01-22 08:04 - 000535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2019-03-25 14:13 - 2016-01-22 08:02 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2019-03-25 14:13 - 2016-01-22 08:02 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2019-03-25 14:13 - 2016-01-06 21:02 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2019-03-25 14:13 - 2016-01-06 20:41 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2019-03-25 14:13 - 2015-12-08 23:53 - 000509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2019-03-25 14:13 - 2015-12-08 21:07 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2019-03-25 14:13 - 2015-11-05 21:05 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2019-03-25 14:13 - 2015-11-05 21:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2019-03-25 14:13 - 2015-11-05 11:53 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2019-03-25 14:13 - 2015-07-09 19:57 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2019-03-25 14:13 - 2015-07-09 19:57 - 000193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2019-03-25 14:13 - 2015-07-09 19:42 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2019-03-25 14:13 - 2015-04-24 20:17 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2019-03-25 14:13 - 2015-04-24 19:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2019-03-25 14:13 - 2015-04-13 05:28 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2019-03-25 14:12 - 2016-04-06 17:27 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2019-03-25 14:12 - 2015-03-04 06:41 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2019-03-25 14:12 - 2015-03-04 06:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2019-03-25 14:00 - 2016-05-12 19:15 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2019-03-25 14:00 - 2016-05-12 19:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2019-03-25 14:00 - 2016-05-12 19:14 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2019-03-25 14:00 - 2016-05-12 19:14 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2019-03-25 14:00 - 2016-05-12 19:14 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2019-03-25 14:00 - 2016-05-12 19:14 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2019-03-25 14:00 - 2016-05-12 17:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll 2019-03-25 14:00 - 2016-05-12 17:18 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2019-03-25 14:00 - 2016-05-12 17:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll 2019-03-25 14:00 - 2016-05-12 17:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll 2019-03-25 14:00 - 2015-11-03 21:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2019-03-25 14:00 - 2015-11-03 20:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2019-03-19 12:41 - 2019-03-19 12:41 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2019-03-19 12:41 - 2019-03-19 12:41 - 000002124 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2019-03-18 12:11 - 2019-03-18 12:11 - 000242155 _____ C:\Users\user\Downloads\Ustav.pdf 2019-03-14 10:50 - 2019-03-14 10:50 - 000000000 ____D C:\Users\user\AppData\Local\AllInOneDocsTooltab 2019-03-06 12:59 - 2019-03-18 11:35 - 000000000 ____D C:\Users\user\Downloads\атлетик васка 2019-03-05 15:24 - 2019-03-05 15:24 - 000556197 _____ C:\Users\user\Downloads\Get.pdf 2019-03-05 15:19 - 2019-03-05 15:19 - 000605192 _____ C:\Users\user\Downloads\Get_Еxercises.pdf 2019-03-05 13:24 - 2019-03-05 13:24 - 000752080 _____ C:\Users\user\Downloads\Get - Втора част.pdf ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-28 12:09 - 2013-11-20 03:49 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2019-03-28 12:00 - 2018-10-23 17:55 - 000000000 ____D C:\FRST 2019-03-28 11:19 - 2017-11-21 10:58 - 000000000 ____D C:\Users\user\AppData\Local\AVAST Software 2019-03-28 09:23 - 2016-12-06 12:51 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2019-03-28 06:29 - 2017-09-03 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-03-28 06:29 - 2013-11-20 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-03-28 06:13 - 2009-07-14 06:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-28 06:13 - 2009-07-14 06:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-28 06:02 - 2009-07-14 07:13 - 000785366 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-28 06:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-03-28 06:00 - 2014-03-26 15:13 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-28 06:00 - 2014-03-26 15:13 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-28 05:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-27 07:17 - 2018-01-02 19:18 - 000007986 _____ C:\Windows\BRRBCOM.INI 2019-03-26 18:29 - 2018-12-30 18:19 - 000004044 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1546186750 2019-03-26 12:28 - 2018-10-18 11:50 - 000000464 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job 2019-03-26 12:24 - 2019-02-06 22:46 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-03-26 12:24 - 2019-02-06 22:46 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2019-03-26 12:24 - 2018-10-18 11:50 - 000003332 _____ C:\Windows\System32\Tasks\Wise Registry Cleaner Schedule Task 2019-03-26 12:24 - 2015-12-04 13:03 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software 2019-03-26 12:24 - 2014-12-26 07:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2019-03-26 10:06 - 2014-05-11 05:17 - 000000000 __SHD C:\Users\user\AppData\Local\EmieUserList 2019-03-26 10:06 - 2014-05-11 05:17 - 000000000 __SHD C:\Users\user\AppData\Local\EmieSiteList 2019-03-26 09:57 - 2015-03-11 16:02 - 000000000 ____D C:\Temp 2019-03-26 09:31 - 2013-11-20 12:04 - 000000000 ____D C:\Users\user\AppData\LocalLow\Adobe 2019-03-26 09:30 - 2018-09-22 14:01 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-03-26 09:28 - 2019-02-06 22:46 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-03-26 09:28 - 2018-03-13 15:03 - 000001266 _____ C:\Users\Public\Desktop\Skype.lnk 2019-03-26 09:28 - 2018-03-13 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-03-26 09:22 - 2015-07-17 10:56 - 000000000 ___RD C:\Users\user\Dropbox 2019-03-26 09:17 - 2018-10-24 11:47 - 003806881 ____H C:\Users\user\AppData\Local\IconCache.db.backup 2019-03-26 09:14 - 2017-04-03 11:38 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2019-03-26 09:13 - 2019-02-18 11:15 - 000249152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2019-03-26 09:13 - 2018-10-23 11:46 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2019-03-26 09:13 - 2014-12-26 07:18 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2019-03-26 09:12 - 2019-01-14 16:39 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2019-03-26 09:12 - 2019-01-12 08:39 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys 2019-03-26 09:12 - 2019-01-12 08:39 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2019-03-26 09:12 - 2019-01-12 08:39 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2019-03-26 09:12 - 2019-01-12 08:39 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2019-03-26 09:12 - 2017-11-17 05:51 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2019-03-26 09:12 - 2014-12-26 07:18 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2019-03-26 04:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\AppCompat 2019-03-26 00:56 - 2015-02-13 14:37 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-25 20:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2019-03-25 15:40 - 2013-11-20 14:26 - 000117328 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2019-03-25 15:39 - 2015-05-31 20:57 - 000000000 ___RD C:\Users\user\Podcasts 2019-03-25 15:39 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD 2019-03-25 15:39 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2019-03-25 15:34 - 2009-07-14 06:45 - 000447336 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-25 15:30 - 2011-04-12 10:28 - 000000000 ____D C:\Program Files\Windows Journal 2019-03-25 15:30 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\DVD Maker 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Setup 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Setup 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\migwiz 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism 2019-03-25 15:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-03-25 14:55 - 2015-02-28 14:16 - 000000000 ____D C:\Windows\system32\MRT 2019-03-25 14:47 - 2015-02-28 14:15 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-03-24 15:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2019-03-19 12:41 - 2014-03-08 07:34 - 000000000 ____D C:\Program Files\Google 2019-03-12 12:16 - 2013-11-20 12:01 - 000000000 ____D C:\Program Files (x86)\The KMPlayer 2019-03-12 05:23 - 2018-09-22 00:49 - 000000600 _____ C:\Users\user\AppData\Roaming\winscp.rnd 2019-03-11 22:33 - 2018-09-30 11:52 - 000000000 ____D C:\Users\user\Desktop\TEODOR 2019-03-09 12:51 - 2019-02-06 22:46 - 000000000 ____D C:\Program Files\CCleaner 2019-03-05 23:04 - 2018-04-14 11:02 - 000000000 ____D C:\Users\user\Desktop\P15-01_visit templates 2019-03-02 07:54 - 2013-11-20 11:59 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-02 07:54 - 2013-11-20 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-02 07:54 - 2013-11-20 11:59 - 000000000 ____D C:\Program Files\WinRAR ==================== Files in the root of some directories ======= 2018-09-22 00:49 - 2019-03-12 05:23 - 000000600 _____ () C:\Users\user\AppData\Roaming\winscp.rnd ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-25 09:27 ==================== End of FRST.txt ============================ Addition.txt
  15. Здравейте, днес си бях инсталирал Avast Cleaner, и след неговото използване компютъра ми започна много да се претоварва и да забива ужасно, дори и при минимален брой работещи процеси. Само в "Безопасен режим" няма никакви проблеми. Пробвах да си възстановя системата, но се оказа че Avast Cleaner ми е изтрил всички точки за възстановяване на системата... Някакви идеи как да се справя с този проблем? В момента даже пиша темата в "Безопасен режим", защото в нормален режим браузърът забива страшно много... По-долу прилагам логовете от FRST (64 bit): Addition.txt FRST.txt
  16. Здравейте! Засякох Троянец който изтрих.Ако може една проверка за вируси? Win8.1/32bit Нямам оплаквания от работата на компютъра(лаптоп). Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-03-2019 Ran by Vanka (administrator) on IVAN (27-03-2019 19:24:51) Running from C:\Users\Vanka\Desktop Loaded Profiles: Vanka (Available Profiles: Vanka) Platform: Microsoft Windows 8.1 Enterprise (Update) (X86) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () [File not signed] C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe (CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnat.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\pg_ctl.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\ATRis_Technik\pgsql\bin\postgres.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\system32\vmnc.dll [360528 2013-02-26] (VMware, Inc. -> VMware, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.) GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{77F6F871-16E3-4748-90A7-7C5866B35451}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3136552650-2365130857-356673686-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-3136552650-2365130857-356673686-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) IE Session Restore: HKU\S-1-5-21-3136552650-2365130857-356673686-1001 -> is enabled. DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0r0ddk0y.default-1538076306800 FF ProfilePath: C:\Users\Vanka\AppData\Roaming\Mozilla\Firefox\Profiles\0r0ddk0y.default-1538076306800 [2019-03-04] FF Extension: (Telemetry coverage) - C:\Users\Vanka\AppData\Roaming\Mozilla\Firefox\Profiles\0r0ddk0y.default-1538076306800\features\{0276cc46-1c6e-4fb5-90cb-58f820b6e0bd}\[email protected] [2018-09-27] [Legacy] FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-24] (Google Inc -> Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-24] (Google Inc -> Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/?hl=bg CHR DefaultSearchURL: Default -> hxxps://www.google.bg/search?source=hp&ei=puTaW6nkGcuVkwWo3pvwCA&btnG=%D0%A2%D1%8A%D1%80%D1%81%D0%B5%D0%BD%D0%B5&q={searchTerms}&oq=BiGas+&gs_l=psy-ab.1.1.0l10.228878.235855.0.240374.6.6.0.0.0.0.119.511.5j1.6.0....0...1c.1.64.psy-ab..0.6.509...0i10k1.0.M9MP0hQ3K4s CHR Profile: C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default [2019-03-27] CHR Extension: (Презентации) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-24] CHR Extension: (Документи) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-24] CHR Extension: (Google Диск) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-24] CHR Extension: (MEGA) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-03-24] CHR Extension: (YouTube) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-24] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-13] CHR Extension: (I don't care about cookies) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-03-13] CHR Extension: (Google Документи офлайн) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-24] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-24] CHR Extension: (Gmail) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-24] CHR Extension: (Chrome Media Router) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [209408 2014-07-22] (Microsoft Windows Hardware Compatibility Publisher -> AMD) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed] R2 BTDevManager; C:\Program Files\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-10-09] () [File not signed] R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed] R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.) R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [37416 2015-06-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4295208 2017-07-07] (SafeNet Canada, Inc. -> SafeNet, Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [254680 2015-05-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208040 2015-05-07] (Synaptics Incorporated -> Synaptics Incorporated) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH) R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc. -> VMware, Inc.) R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357456 2013-02-26] (VMware, Inc. -> VMware, Inc.) R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-10-11] (VMware, Inc. -> VMware, Inc.) R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [436304 2013-02-26] (VMware, Inc. -> VMware, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103696 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WorkshopDbService; "C:\Program Files\ATRis_Technik\pgsql\bin\pg_ctl.exe" runservice -N WorkshopDbService -D "C:\ProgramData\WorkshopData\data2" -w ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [450904 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [15080 2013-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.) R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [11529216 2014-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [501248 2014-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [16088 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [26168 2016-01-28] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [40504 2016-01-28] (Disc Soft Ltd -> Disc Soft Ltd) R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51752 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41512 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15912 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189992 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] R2 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems LTD -> Aladdin Knowledge Systems Ltd.) S3 FTDIBUS; C:\Windows\system32\drivers\autrbus.sys [47249 2006-05-18] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.) S3 FTSER2K; C:\Windows\system32\drivers\autrser2k.sys [61067 2006-05-18] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [606760 2017-07-07] (SafeNet Canada, Inc. -> SafeNet, Inc.) R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-10-11] (VMware, Inc. -> VMware, Inc.) S3 iaioi2c; C:\Windows\System32\drivers\iaioi2c.sys [61936 2013-07-23] (MCG Windows Development and Validation -> Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [524784 2013-08-10] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [31224 2019-01-25] (Bada Technology Co.,Ltd -> ) R1 NetworkX; C:\Windows\System32\ckldrv.sys [23360 2010-03-19] (CrypKey (Canada) Inc. -> ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [525568 2015-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [5357056 2016-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl.sys [211648 2018-11-28] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.) S3 Ser2plx86; C:\Windows\system32\DRIVERS\ser2pl.sys [211648 2018-11-28] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [25768 2015-05-07] (Synaptics Incorporated -> Synaptics Incorporated) S3 SNTNLUSB; C:\Windows\System32\drivers\SNTNLUSB.SYS [38376 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2018-05-30] (Duplex Secure Ltd -> Duplex Secure Ltd.) R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [26064 2013-02-26] (VMware, Inc. -> VMware, Inc.) S3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [16664 2013-02-26] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [37016 2013-02-26] (VMware, Inc. -> VMware, Inc.) R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-02-26] (VMware, Inc. -> VMware, Inc.) S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc. -> VMware, Inc.) R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [62416 2013-02-26] (VMware, Inc. -> VMware, Inc.) S1 vtzkusmf; C:\Windows\system32\drivers\vtzkusmf.sys [63448 2019-03-26] (Microsoft Corporation -> Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [231256 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29792 2016-03-23] (Hewlett-Packard Company -> HP) R3 WirelessButtonDriver86; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29792 2016-03-23] (Hewlett-Packard Company -> HP) S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Windows -> Microsoft Corporation) S3 audas0; \SystemRoot\System32\drivers\audas0.sys [X] S3 BlueletAudio; \SystemRoot\system32\DRIVERS\blueletaudio.sys [X] S3 BlueletSCOAudio; \SystemRoot\system32\DRIVERS\BlueletSCOAudio.sys [X] S3 BT; \SystemRoot\system32\DRIVERS\btnetdrv.sys [X] S3 btaudio; \SystemRoot\system32\drivers\btaudio.sys [X] S3 BTDriver; \SystemRoot\system32\DRIVERS\btport.sys [X] S0 BTHidEnum; System32\Drivers\vbtenum.sys [X] S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X] S3 BTKRNL; \SystemRoot\system32\DRIVERS\btkrnl.sys [X] S3 BTWDNDIS; \SystemRoot\system32\DRIVERS\btwdndis.sys [X] S3 BTWUSB; \SystemRoot\System32\Drivers\btwusb.sys [X] S3 VComm; \SystemRoot\system32\DRIVERS\VComm.sys [X] S3 VcommMgr; \SystemRoot\System32\Drivers\VcommMgr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-27 19:24 - 2019-03-27 19:26 - 000019663 _____ C:\Users\Vanka\Desktop\FRST.txt 2019-03-27 19:24 - 2019-03-27 19:24 - 000000000 ____D C:\FRST 2019-03-27 19:22 - 2019-03-27 19:22 - 001793024 _____ (Farbar) C:\Users\Vanka\Desktop\FRST.exe 2019-03-26 10:10 - 2019-03-26 10:10 - 000063448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vtzkusmf.sys 2019-03-25 23:18 - 2019-03-25 23:18 - 000009680 _____ C:\Users\Vanka\AppData\Local\Tempastraheobd_dba_ellemeet.svgz 2019-03-25 21:49 - 2019-03-25 21:49 - 000002045 _____ C:\Users\Vanka\Desktop\HynesPro.lnk 2019-03-25 21:41 - 2019-03-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATRis_Technik 2019-03-25 21:32 - 2019-03-25 21:46 - 000000000 ____D C:\Program Files\ATRis_Technik 2019-03-25 21:32 - 2011-04-18 20:54 - 000941568 _____ (Igor Pavlov) C:\ProgramData\7z.dll 2019-03-25 21:32 - 2011-04-18 20:34 - 000168448 _____ (Igor Pavlov) C:\ProgramData\7z.exe 2019-03-25 21:29 - 2019-03-25 21:29 - 000000295 _____ C:\Windows\Atris_STG.INI 2019-03-25 21:29 - 2019-03-25 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATRis STAHLGRUBER DVD 2019-03-25 21:16 - 2019-03-25 21:16 - 000000000 ____D C:\ATRIS_ST 2019-03-25 20:40 - 2019-03-26 14:30 - 000144625 _____ C:\Users\Vanka\wirdia.svg 2019-03-23 20:12 - 2019-03-23 20:12 - 000643330 _____ C:\Users\Vanka\Desktop\nastroiki_W-router_DK.pdf 2019-03-22 20:39 - 2019-03-06 08:41 - 005679864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-22 20:39 - 2019-03-06 08:40 - 001407120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-22 20:39 - 2019-03-06 08:40 - 001297088 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-03-22 20:39 - 2019-03-06 08:40 - 001281072 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-22 20:39 - 2019-03-06 08:40 - 001181944 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-03-22 20:39 - 2019-03-06 07:51 - 003450368 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-22 20:39 - 2019-03-06 07:37 - 003617280 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-03-22 20:39 - 2019-03-06 06:39 - 002464256 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-03-22 20:39 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-22 20:39 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-22 20:39 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-22 20:39 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-22 20:39 - 2019-02-26 08:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-03-22 20:39 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-22 20:39 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-22 20:39 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-22 20:39 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-22 20:39 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-22 20:39 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-22 20:39 - 2019-02-20 22:17 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2019-03-22 20:39 - 2019-02-15 21:51 - 000449744 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-22 20:39 - 2019-02-15 21:51 - 000413576 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-22 20:39 - 2019-02-09 20:26 - 000333560 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-22 20:39 - 2019-02-09 20:21 - 001683400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-22 20:39 - 2019-02-09 18:45 - 000367104 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2019-03-22 20:39 - 2019-02-09 18:14 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-22 20:39 - 2019-02-09 02:33 - 001901888 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-22 20:39 - 2019-02-09 01:07 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-22 20:39 - 2019-02-09 01:07 - 000614040 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-22 20:39 - 2019-02-08 23:29 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2019-03-22 20:39 - 2019-02-08 19:50 - 001493504 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-03-22 20:39 - 2019-02-08 19:45 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-22 20:39 - 2019-02-07 02:34 - 001070456 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-22 20:39 - 2019-02-07 02:34 - 000849216 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-22 20:39 - 2019-02-06 20:29 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-22 20:39 - 2019-02-01 06:25 - 001839344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-03-22 20:39 - 2019-01-08 07:12 - 001489704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-22 20:39 - 2019-01-04 16:14 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-22 20:38 - 2019-03-06 07:52 - 000027392 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-22 20:38 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-22 20:38 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-22 20:38 - 2019-02-26 08:39 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2019-03-22 20:38 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-22 20:38 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-22 20:38 - 2019-02-26 08:31 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-22 20:38 - 2019-02-26 08:20 - 001049600 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2019-03-22 20:38 - 2019-02-15 21:51 - 000033504 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-22 20:38 - 2019-02-15 21:50 - 000372328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-22 20:38 - 2019-02-09 20:29 - 000178632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-22 20:38 - 2019-02-09 19:21 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-22 20:38 - 2019-02-09 19:21 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-22 20:38 - 2019-02-09 19:21 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-22 20:38 - 2019-02-09 19:19 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-22 20:38 - 2019-02-09 18:43 - 000730624 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2019-03-22 20:38 - 2019-02-09 18:16 - 000399360 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-22 20:38 - 2019-02-08 20:32 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-22 20:38 - 2019-02-07 20:35 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-22 20:38 - 2019-02-06 20:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-22 20:38 - 2019-02-06 20:30 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-22 20:38 - 2019-02-06 20:29 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-22 20:38 - 2019-02-06 20:28 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-22 20:38 - 2019-01-09 05:52 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\hcproviders.dll 2019-03-22 20:38 - 2019-01-09 05:45 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll 2019-03-22 20:38 - 2019-01-09 05:40 - 000839680 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll 2019-03-22 20:38 - 2019-01-05 09:31 - 000131344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-22 19:56 - 2019-03-22 19:56 - 024718688 _____ ( ) C:\Users\Vanka\Downloads\AdbeRdr812_ru_RU.exe 2019-03-22 19:56 - 2019-03-22 19:56 - 015382749 _____ C:\Users\Vanka\Downloads\CAD-KAS PDFEditor 5.5 Pro.rar 2019-03-21 18:05 - 2019-03-21 18:06 - 000000000 ____D C:\Users\Vanka\AppData\Local\Viber 2019-03-21 13:06 - 2019-03-21 13:06 - 000002511 _____ C:\Users\Public\Desktop\EmmeGas MULTI IC.lnk 2019-03-21 13:06 - 2019-03-21 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EmmeGas 2019-03-21 10:13 - 2019-03-21 10:16 - 000001139 _____ C:\Users\Public\Desktop\LPGTECH Gas Setting 2.0.lnk 2019-03-21 10:13 - 2019-03-21 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPGTECH Gas Setting 2.0 2019-03-21 10:13 - 2019-03-21 10:16 - 000000000 ____D C:\Program Files\LPGTECH Gas Setting 2.0 2019-03-20 12:08 - 2019-03-20 12:08 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Livecare 2019-03-20 12:08 - 2019-03-20 12:08 - 000000000 ____D C:\Users\Vanka\AppData\LocalLow\livecare 2019-03-20 12:08 - 2019-03-20 12:08 - 000000000 ____D C:\ProgramData\Livecare 2019-03-20 12:03 - 2019-03-20 12:03 - 000000000 ____D C:\Users\Vanka\AppData\Local\Zavoli 2019-03-20 12:02 - 2019-03-20 12:06 - 000001567 _____ C:\Users\Public\Desktop\Zavoli.lnk 2019-03-20 12:02 - 2019-03-20 12:02 - 000000000 ____D C:\Zavoli 2019-03-19 21:09 - 2019-03-19 21:09 - 000013424 _____ C:\Users\Vanka\Downloads\FI202049G34.rar 2019-03-19 21:06 - 2019-03-19 21:06 - 000059444 _____ C:\Users\Vanka\Desktop\LR202043G34.rar 2019-03-19 20:37 - 2019-03-19 20:37 - 000000000 _____ C:\Windows\TCULR.INI 2019-03-17 21:02 - 2019-03-17 21:02 - 000179937 _____ C:\Users\Vanka\Downloads\А10.pdf 2019-03-17 20:31 - 2019-03-17 20:32 - 009824545 _____ C:\Users\Vanka\Downloads\Opel pin.rar 2019-03-17 20:30 - 2019-03-17 20:30 - 016930062 _____ C:\Users\Vanka\Downloads\VIN to PIN Opel.rar 2019-03-13 18:35 - 2019-03-13 18:41 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueEnergy 2019-03-13 18:35 - 2019-03-13 18:35 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\BlueEnergy 2019-03-13 18:35 - 2019-03-13 18:35 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Blue Energy 2019-03-13 18:35 - 2019-03-13 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueEnergy 2019-03-13 18:26 - 2019-03-13 18:34 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BluePower 2019-03-13 18:26 - 2019-03-13 18:26 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\BluePower 2019-03-13 18:26 - 2019-03-13 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BluePower 2019-03-07 14:35 - 2019-03-07 14:41 - 000000000 ____D C:\Program Files\Simgas2 2019-03-07 14:35 - 2019-03-07 14:35 - 000000911 _____ C:\Users\Vanka\Desktop\Simgas2.lnk 2019-03-07 14:35 - 2019-03-07 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simgas2 2019-03-07 14:34 - 2019-03-07 14:34 - 000001001 _____ C:\Users\Vanka\Desktop\Simgas+.lnk 2019-03-07 14:34 - 2019-03-07 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimgasPlus 2019-03-07 14:34 - 2019-03-07 14:34 - 000000000 ____D C:\Program Files\SimgasPlus 2019-03-05 18:23 - 2019-03-05 18:23 - 000001799 _____ C:\Users\Public\Desktop\AIS.lnk 2019-03-05 18:23 - 2019-03-05 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Romano s.r.l 2019-03-05 18:23 - 2019-03-05 18:23 - 000000000 ____D C:\Program Files\AIS 2019-03-04 12:42 - 2019-03-04 12:42 - 000002505 _____ C:\Users\Public\Desktop\Alex Sequential Injection System CAD.lnk 2019-03-04 12:42 - 2019-03-04 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alex 2019-03-03 15:30 - 2019-03-03 15:30 - 058773809 _____ C:\Users\Vanka\Downloads\T-NT14LDEUC_1042.0.exe 2019-03-03 14:36 - 2019-03-03 14:36 - 000000024 _____ C:\Users\Vanka\Desktop\nasko12233.txt 2019-02-28 18:21 - 2019-02-28 18:21 - 000001545 _____ C:\Users\Vanka\Desktop\VAUXCOM.exe - Shortcut.lnk 2019-02-28 18:19 - 2019-02-28 18:20 - 000000000 ____D C:\Program Files\WaxCom 2019-02-28 13:02 - 2019-02-28 13:03 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\AcGasSynchro II 2019-02-28 12:54 - 2019-02-28 12:54 - 000001046 _____ C:\Users\Vanka\Desktop\ACGasSynchro 11.2.1.1.lnk 2019-02-28 12:54 - 2019-02-28 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcGasSynchro II 2019-02-28 12:54 - 2019-02-28 12:54 - 000000000 ____D C:\Program Files\AcGasSynchro II 2019-02-28 12:42 - 2019-02-28 12:42 - 002938908 _____ C:\Users\Vanka\Downloads\ver2_8_9_RU_PREMIUM_manual.pdf 2019-02-27 20:21 - 2019-02-27 20:22 - 000000353 _____ C:\Users\Vanka\Desktop\STOP-updates.txt ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-27 19:24 - 2018-04-25 19:40 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\ViberPC 2019-03-27 18:36 - 2018-05-30 22:31 - 000000000 ____D C:\ADCDA2 2019-03-26 21:42 - 2015-12-25 14:45 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\uTorrent 2019-03-26 13:48 - 2018-12-24 14:34 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-26 13:48 - 2018-12-24 14:34 - 000002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-03-25 23:13 - 2013-08-22 08:13 - 000000187 _____ C:\Windows\win.ini 2019-03-25 23:12 - 2019-01-29 19:09 - 000000000 ____D C:\Program Files\TeamViewer 2019-03-25 23:12 - 2018-07-13 16:20 - 000000000 ____D C:\ProgramData\VMware 2019-03-25 23:12 - 2013-08-22 09:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-25 22:51 - 2015-12-14 02:55 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\vlc 2019-03-25 22:26 - 2015-12-12 05:09 - 000000000 ____D C:\Users\Vanka\AppData\Local\Packages 2019-03-25 21:32 - 2016-10-30 16:20 - 000000000 ____D C:\ProgramData\WorkshopData 2019-03-25 21:29 - 2016-10-30 16:19 - 000000626 _____ C:\Windows\ODBC.INI 2019-03-25 21:29 - 2016-10-30 16:19 - 000000295 _____ C:\Windows\Atris_St.INI 2019-03-25 20:49 - 2013-08-22 08:21 - 000000000 ____D C:\Windows\inf 2019-03-25 20:40 - 2018-11-26 15:12 - 000000000 ____D C:\Users\Vanka 2019-03-24 14:34 - 2013-08-22 10:17 - 000000000 ____D C:\Windows\rescache 2019-03-23 10:39 - 2018-01-25 19:32 - 000000000 ____D C:\ProgramData\MCShield 2019-03-22 21:06 - 2013-08-22 09:22 - 000481584 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-22 21:04 - 2013-08-22 08:13 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-03-22 21:01 - 2015-04-14 23:41 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-22 21:01 - 2014-11-21 07:42 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-22 21:01 - 2013-08-22 10:17 - 000000000 ___RD C:\Windows\ToastData 2019-03-22 20:53 - 2013-08-22 10:05 - 000000000 ____D C:\Windows\CbsTemp 2019-03-22 20:33 - 2018-12-12 09:01 - 000513376 _____ C:\Windows\system32\locale.nls 2019-03-21 18:05 - 2018-04-25 19:48 - 000000000 ____D C:\Users\Vanka\Documents\ViberDownloads 2019-03-21 13:06 - 2018-06-30 10:30 - 000000000 ____D C:\Program Files\MultipointInj 2019-03-20 12:47 - 2017-08-21 11:56 - 000000000 ____D C:\Users\Vanka\AppData\Local\SequentPD 2019-03-20 12:47 - 2017-05-12 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BRC Gas Equipment 2019-03-20 12:06 - 2018-06-30 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zavoli 2019-03-19 21:30 - 2015-12-13 04:41 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2019-03-19 20:27 - 2016-10-30 16:19 - 000000588 _____ C:\Windows\ODBCINST.INI 2019-03-19 19:55 - 2018-06-10 09:55 - 000000000 ____D C:\Program Files\KME 2019-03-13 11:33 - 2014-11-21 05:17 - 000869216 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-12 19:02 - 2019-01-22 21:20 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Skype 2019-03-12 17:55 - 2013-08-22 10:17 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-05 18:23 - 2019-02-18 21:16 - 000000000 ____D C:\ProgramData\AntonioInjectionSystem 2019-03-05 18:23 - 2018-11-18 13:30 - 000000000 ____D C:\Users\Vanka\AppData\Local\Downloaded Installations 2019-03-04 21:52 - 2018-07-15 16:10 - 000000000 ____D C:\Users\Vanka\AppData\LocalLow\Mozilla 2019-03-04 12:42 - 2018-12-18 21:40 - 000000000 ____D C:\Program Files\Chiave Hardware Eutron 2019-03-03 09:04 - 2015-12-25 18:58 - 000000000 ____D C:\Users\Vanka\AppData\Local\ElevatedDiagnostics 2019-03-02 12:26 - 2018-06-30 10:30 - 000000000 ____D C:\Users\Vanka\Documents\MultipointInj 2019-02-25 21:28 - 2018-07-13 16:23 - 000000000 ____D C:\Users\Vanka\AppData\Local\VMware 2019-02-25 21:25 - 2013-08-22 10:17 - 000000000 ____D C:\Windows\system32\FxsTmp 2019-02-25 21:23 - 2018-07-13 16:23 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\VMware ==================== Files in the root of some directories ======= 2019-03-25 21:32 - 2011-04-18 20:54 - 000941568 _____ (Igor Pavlov) C:\ProgramData\7z.dll 2019-03-25 21:32 - 2011-04-18 20:34 - 000168448 _____ (Igor Pavlov) C:\ProgramData\7z.exe 2018-07-02 11:56 - 2005-06-29 14:39 - 000617472 _____ () C:\Program Files\AUTRONIT.EX_ 2018-07-02 11:56 - 2002-03-21 10:29 - 000289056 _____ () C:\Program Files\HDSETUP.EX_ 2018-07-02 11:56 - 2002-03-21 10:29 - 000006656 _____ () C:\Program Files\SETUP.EXE 2018-07-02 11:56 - 2005-06-29 13:00 - 000000633 _____ () C:\Program Files\SETUP.INF 2018-07-02 11:56 - 2005-06-29 08:32 - 000000407 _____ () C:\Program Files\UNINSTAL.INF 2018-07-02 11:56 - 2005-06-29 11:00 - 000000004 _____ () C:\Program Files\XMON.CF_ 2018-07-02 11:56 - 2005-04-27 08:59 - 000000195 _____ () C:\Program Files\XMON.DE_ 2018-07-02 11:56 - 2005-06-30 14:16 - 000009832 _____ () C:\Program Files\Xmon.di_ 2018-06-20 17:13 - 2018-12-09 15:27 - 000000071 _____ () C:\Users\Vanka\AppData\Local\DiegoG3-3.0.8.2.INI 2019-03-25 23:18 - 2019-03-25 23:18 - 000009680 _____ () C:\Users\Vanka\AppData\Local\Tempastraheobd_dba_ellemeet.svgz 2016-10-30 19:29 - 2016-10-30 19:29 - 000009612 _____ () C:\Users\Vanka\AppData\Local\Temppicasso eobd_dba_ellemeet.svgz Some files in TEMP: ==================== 2019-03-25 20:34 - 2019-03-26 14:16 - 000003584 _____ () C:\Users\Vanka\AppData\Local\Temp\dateinj01.dll 2019-01-27 14:31 - 2013-07-29 13:40 - 000086392 _____ () C:\Users\Vanka\AppData\Local\Temp\dp-chooser.exe 2019-01-27 14:31 - 2013-07-29 13:41 - 000676288 _____ (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\dpinst-amd64.exe 2019-01-27 14:31 - 2013-07-29 13:41 - 000550848 _____ (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\dpinst-x86.exe 2009-07-13 21:12 - 2009-07-13 21:12 - 001047632 _____ (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\DPInstx64.exe 2009-07-13 20:47 - 2009-07-13 20:47 - 000922176 _____ (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\DPInstx86.exe 2010-10-08 10:07 - 2010-10-08 10:07 - 000075672 _____ () C:\Users\Vanka\AppData\Local\Temp\DPInst_Monx64.exe 2010-10-08 10:07 - 2010-10-08 10:07 - 000075160 _____ () C:\Users\Vanka\AppData\Local\Temp\DPInst_Monx86.exe 2019-03-25 23:18 - 2019-03-25 23:18 - 000155729 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.dll 2019-03-25 23:18 - 2019-03-25 23:18 - 000008273 _____ (TeamDev Ltd) C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.exe 2019-03-25 23:18 - 2019-03-25 23:18 - 000228864 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer64.2.7.1.dll 2010-10-08 10:06 - 2010-10-08 10:06 - 000075152 _____ () C:\Users\Vanka\AppData\Local\Temp\OS_Detect.exe 2019-01-22 21:20 - 2015-12-31 23:00 - 000000000 __RSH () C:\Users\Vanka\AppData\Local\Temp\SkypeSetup.exe 2019-01-27 14:27 - 2019-01-23 13:38 - 000205960 _____ () C:\Users\Vanka\AppData\Local\Temp\Uninstall.exe 2019-01-21 21:05 - 2019-01-21 21:05 - 014456872 _____ (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\vc_redist.x86.exe 2018-09-07 13:03 - 2018-09-07 13:03 - 000865280 _____ () C:\Users\Vanka\AppData\Local\Temp\x.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-19 12:44 ==================== End of FRST.txt ============================ Addition.txt
  17. Здравейте,изникна ми проблем с браузърите-основно ползвам комодо и по-рядко опера.От няколко дни обаче комодо-то се затваря самостоятелно докато съм в нета.Спря да отваря адрес ,който ползвам за работа(vpn тунел с CISCO софтуер).Реших да направя ъпдейт,свързва се,но излиза надпис че ъпдета не може да се направи.Деинсталирах старата версия и инсталирах чисто ново комодо от страницата им.Сега пък е адски бавен и отново не ми отваря тунела.Опера-та ми работи с адреса,но също се крашва изведнъж.Друг проблем е с офис пакета-опциите на падащите менюта спряха да се поддават на команди.Незнам дали е хардуерен проблем или наличие на гадинка,затова реших да пиша първо в този форум.Изпращам логовете след сканинг: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01 Ran by m (administrator) on M-PC (15-03-2019 12:53:55) Running from C:\Users\m\Downloads Loaded Profiles: m & UpdatusUser (Available Profiles: m & user & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe [4749784 2018-10-11] (Adaware Software -> ) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\MountPoints2: {53615ed9-b5c5-11e8-9221-001966873225} - F:\SETUP.EXE Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-09-13] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-09-15] ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () [File not signed] ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{EF05353F-1AB4-4F63-852E-FDF507B7D414}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp SearchScopes: HKU\S-1-5-21-3677490310-1812953499-2719145278-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10419__180911&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-09-13] [Legacy] [not signed] FF HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe [587832 2018-10-11] (Adaware Software -> ) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2307768 2016-05-05] (Comodo Security Solutions -> Comodo) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed] S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 atc; C:\Windows\System32\DRIVERS\atc.sys [1283464 2018-06-08] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R1 bdfwfpf; C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [127312 2016-06-16] (Bitdefender SRL -> BitDefender LLC) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> ) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2018-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [187688 2018-05-02] (Bitdefender SRL -> BitDefender LLC) R0 Ignis; C:\Windows\System32\drivers\ignis.sys [304448 2017-08-29] (Bitdefender SRL -> Bitdefender) R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-15 12:53 - 2019-03-15 12:55 - 000012581 _____ C:\Users\m\Downloads\FRST.txt 2019-03-15 12:53 - 2019-03-15 12:53 - 002433536 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe 2019-03-15 12:53 - 2019-03-15 12:53 - 000000000 ____D C:\FRST 2019-03-13 10:33 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-13 10:33 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-03-13 10:33 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2019-03-13 10:33 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll 2019-03-13 10:33 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2019-03-13 10:33 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2019-03-13 10:33 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2019-03-13 10:33 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2019-03-13 10:33 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-13 10:33 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-13 10:33 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-13 10:33 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-13 10:33 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-13 10:33 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-13 10:33 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-13 10:33 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-13 10:33 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-13 10:33 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-13 10:33 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-13 10:33 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-13 10:33 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-13 10:33 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-13 10:32 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-13 10:32 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-13 10:32 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-13 10:32 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-13 10:32 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-03-13 10:32 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-03-13 10:32 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-03-13 10:32 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-03-13 10:32 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-03-13 10:32 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-13 10:32 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-13 10:32 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-13 10:32 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-13 10:32 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-13 10:32 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-03-13 10:32 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-13 10:32 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-03-13 10:32 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-03-13 10:32 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-13 10:32 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-03-13 10:32 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-13 10:32 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-03-13 10:32 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-03-13 10:32 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-03-13 10:32 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-03-13 10:32 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-03-13 10:32 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-03-13 10:32 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-13 10:32 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-03-13 10:32 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-03-13 10:32 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-13 10:32 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-03-13 10:32 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-03-13 10:32 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2019-03-13 10:32 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-03-13 10:32 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-03-13 10:32 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-03-13 10:32 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2019-03-13 10:32 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2019-03-13 10:32 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2019-03-13 10:32 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2019-03-13 10:32 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-03-13 10:32 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-03-13 10:32 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-03-13 10:32 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-03-13 10:32 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2019-03-13 10:32 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2019-03-13 10:32 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-03-13 10:32 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2019-03-13 10:32 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-13 10:32 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-03-13 10:32 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2019-03-13 10:32 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2019-03-13 10:32 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-13 10:32 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-03-13 10:32 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2019-03-13 10:32 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-13 10:32 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2019-03-13 10:32 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2019-03-13 10:32 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-13 10:32 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-13 10:32 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-03-13 10:32 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2019-03-13 10:32 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-13 10:32 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-03-13 10:32 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2019-03-13 10:32 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2019-03-13 10:32 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2019-03-13 10:32 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2019-03-13 10:32 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-03-13 10:32 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-03-13 10:32 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-03-13 10:32 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-03-13 10:32 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2019-03-13 10:32 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-03-13 10:32 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-13 10:32 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-13 10:32 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-03-13 10:32 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-03-13 10:32 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-03-13 10:32 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-13 10:32 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-03-13 10:32 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-13 10:32 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-13 10:32 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-13 10:32 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-03-13 10:32 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-03-13 10:32 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-13 10:32 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-13 10:32 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-03-13 10:32 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2019-03-13 10:32 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-13 10:32 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-13 10:32 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2019-03-13 10:32 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2019-03-13 10:32 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-13 10:32 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-13 10:32 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-13 10:32 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-13 10:32 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-13 10:32 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-03-13 10:32 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-03-13 10:32 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-13 10:32 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-13 10:32 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-13 10:32 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-03-13 10:32 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-13 10:32 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-13 10:31 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-13 10:31 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-13 10:31 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-13 10:31 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-13 10:31 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-13 10:31 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-03-13 10:31 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-13 10:31 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-13 10:31 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-13 10:31 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-13 10:31 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-13 10:31 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-13 10:31 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-13 10:31 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-03-13 10:31 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-03-13 10:31 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-13 10:31 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-13 10:31 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-13 10:31 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-13 10:31 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-13 10:31 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-13 10:31 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-13 10:31 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-13 10:31 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-03-13 10:31 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-03-13 10:31 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-03-13 10:31 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-03-13 10:31 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-03-13 10:31 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-03-13 10:31 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-03-13 10:31 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-13 10:31 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-13 10:31 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-13 10:31 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-13 10:31 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-13 10:31 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll 2019-03-13 10:31 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-03-13 10:31 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-13 10:31 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-13 10:31 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-13 10:31 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-13 10:31 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-03-13 10:31 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2019-03-13 10:31 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2019-03-13 10:31 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-13 10:31 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-13 10:31 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-03-13 10:31 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2019-03-13 10:31 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-13 10:31 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-13 10:31 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-03-13 10:31 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2019-03-13 10:31 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-13 10:31 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-13 10:31 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-13 10:31 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-13 10:31 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-03-08 12:37 - 2019-03-08 12:37 - 000000000 ____H C:\Users\user\Documents\Default.rdp 2019-03-08 12:29 - 2019-03-08 12:29 - 000001230 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk 2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\Program Files (x86)\Comodo 2019-03-08 12:25 - 2019-03-08 12:25 - 054376048 _____ (Comodo) C:\Users\m\Downloads\dragonsetup.exe 2019-03-01 08:33 - 2019-03-02 13:15 - 000043520 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xls 2019-02-28 12:42 - 2019-03-02 13:14 - 000023796 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xlsx 2019-02-26 12:42 - 2019-02-26 12:42 - 352749717 _____ C:\Windows\MEMORY.DMP 2019-02-26 12:42 - 2019-02-26 12:42 - 001097368 _____ C:\Windows\Minidump\022619-15984-01.dmp 2019-02-26 12:42 - 2019-02-26 12:42 - 000000000 ____D C:\Windows\Minidump 2019-02-25 14:15 - 2019-02-25 14:15 - 000065024 _____ C:\Users\user\Desktop\кИРО.xls 2019-02-25 14:11 - 2019-02-25 14:11 - 000025088 _____ C:\Users\user\Desktop\ГОШО КИРОВ.xls 2019-02-14 08:54 - 2019-01-12 04:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-02-14 08:54 - 2019-01-12 04:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-02-14 08:54 - 2019-01-01 18:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-02-14 08:54 - 2019-01-01 18:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-02-14 08:54 - 2019-01-01 18:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2019-02-14 08:54 - 2019-01-01 18:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2019-02-14 08:54 - 2019-01-01 18:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-02-14 08:54 - 2019-01-01 18:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2019-02-14 08:54 - 2019-01-01 17:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-02-14 08:54 - 2019-01-01 17:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2019-02-14 08:54 - 2019-01-01 17:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2019-02-14 08:54 - 2019-01-01 17:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-02-14 08:54 - 2019-01-01 17:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-02-14 08:54 - 2019-01-01 17:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2019-02-14 08:54 - 2018-12-04 18:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2019-02-14 08:54 - 2018-12-04 18:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2019-02-14 08:54 - 2018-12-04 17:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2019-02-14 08:54 - 2018-12-04 17:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2019-02-14 08:54 - 2018-12-02 18:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2019-02-14 08:54 - 2018-10-12 15:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-15 12:31 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-15 12:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-03-15 12:26 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp 2019-03-14 09:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-14 08:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-14 08:06 - 2009-07-14 06:45 - 000433672 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism 2019-03-13 15:08 - 2018-09-17 10:26 - 000000000 ____D C:\Windows\system32\MRT 2019-03-13 15:03 - 2018-09-11 14:54 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-03-13 13:08 - 2018-12-20 13:23 - 000034304 _____ C:\Users\user\Desktop\ГОВЕДА КРУШАРЕ СЕЛЯНИ.xls 2019-03-13 12:00 - 2018-11-28 11:25 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-03-13 12:00 - 2018-09-13 07:33 - 000004464 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-03-13 12:00 - 2018-09-13 07:32 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-03-13 12:00 - 2018-09-13 07:32 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-13 11:00 - 2018-09-13 14:16 - 000004452 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-03-12 12:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2019-03-08 12:29 - 2018-09-11 15:25 - 000000000 ____D C:\Users\m\AppData\Local\Comodo 2019-03-08 12:20 - 2018-09-14 14:25 - 000003998 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1536927954 2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-58d5-1 2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-3521-0 2019-02-22 11:23 - 2018-09-13 13:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-02-15 08:29 - 2018-09-13 13:44 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2019-02-14 12:57 - 2018-09-11 15:57 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2018-09-13 07:27 - 2018-09-13 07:27 - 000007613 _____ () C:\Users\m\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2010-09-27 10:56 - 2010-09-27 10:56 - 000016505 _____ () C:\Users\m\AppData\Local\Temp\DelayInst.exe 2019-03-08 12:31 - 2016-02-05 11:34 - 002043440 _____ (Comodo Security Solutions, Inc.) C:\Users\m\AppData\Local\Temp\dragon_restart_helper.exe 2009-07-17 19:12 - 2009-07-17 19:12 - 001957206 _____ (Adobe Systems Incorporated) C:\Users\m\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe 2010-09-27 10:56 - 2010-09-27 10:56 - 000221315 _____ () C:\Users\m\AppData\Local\Temp\installservice.exe 1999-12-20 14:04 - 1999-12-20 14:04 - 000056832 ____R () C:\Users\m\AppData\Local\Temp\mpegc.dll 2012-10-02 02:44 - 2012-10-02 02:44 - 000178824 ____R (Microsoft Corporation) C:\Users\m\AppData\Local\Temp\ose00000.exe 2011-03-04 11:52 - 2011-03-04 11:52 - 000056832 _____ () C:\Users\m\AppData\Local\Temp\vpnclient_setup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-14 08:58 ==================== End of FRST.txt ============================ Addition.txt
  18. Здравейте на всички! Ще гледам да съм максимално кратък и ще карам направо. Както виждате от заглавието на темата имам проблем с Хромиум. Като цяло проблемът ми е доста сходен с този : https://www.kaldata.com/forums/topic/270658-след-зареждане-на-windows-се-стартира-chromium/ . Същата работа е при мен. Преди около седмица си изтеглих BS Player, и от тогава се появи и този Chromium. BS Player-ът го изтеглих баш от сайта им, не от някакво измислено място, но явно и от там няма гаранция. Както и да е. Всеки път като се включи компютъра, било то след рестарт, или обикновено включване (това е само след пълно изключване на компютъра, когато го включа след "режим на готовност", този проблем го няма) веднага ми отваря Chromium и по-точно раздела history. На пръв поглед е все едно гледам Chrome, но не е. Отначало когато за пръв път се появи имаше историята от Chrome + каквито видео файлове съм пускал. Примерно влизал съм в еди си кой сайт, гледал съм еди си кой филм. Помъчих се да го деинсталирам обаче не става (ще приложа снимки какво точно ми излиза). След като щракна върху Промени/премахни, пък ми излиза това: И така до безкрайност. Писах "Chromium" в търсачката на компютъра (едно кученце). То търси, търси, чете някакви книжки, гледа с една лупа и накрая ми показа къде стоят файловете на този ми ти Chromium. Изтрих ги, нямаше никакъв ефект. После с Ctrl+alt+del влязох в "Процеси" и от там изтрих редовете на които пишеше chromium.exe. Тук беше и най-големият ми напредък, щото историята от Chrome + видео файловете отваряни откакто този компютър е станал компютър ги нямаше. Обаче остана това, че всеки път като включа компютъра и ми изкача нов прозорец в Chromium, ами освен това усещам как ми бави и самият Chrome - той е браузърът ми по подразбиране. Само да вметна, деинсталирах BS Player, Google Chrome, Mozilla Firefox, Avast също махнах за малко, барем се оправи, но не постигнах желаният от мен ефект. В темата която постнах по-горе от човека със същия проблем, пробвах да изтегля препоръчаният му fixlist, обаче ми дава грешка в страницата. Аз даже първо мислех, да си постна проблема там като коментар, ама викам айде да не спамя на човека темата, по-добре сякаш да отворя нова. Пък ако модераторите решат, че темата ми нещо е извън правилата, моля да бъда извинен за невежеството си. Та общо взето това е, бих се радвал на всякаква помощ. Лека вечер от мен!
  19. Здр-те на всички от форома,можели да ми кажете заразен ли съм със някакъв вирус,защото преди няколко седмици ми излезе грешка на декстапа ми изтрих я и сега неми се явява вече общо казано,принципно не ползвам антивирусни програми,не влизам кой знае каде,за да хвана вирус,ама все пак да ми отговорите,как съм със ОС,като цяло мерси предварително. FRST.txt Addition.txt
  20. Здравейте и за много години,моят проблем хром бавно отваря забива и се срива- отварят се по няколко страници . В момента съм safe mode иначе забива Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2019 Ran by ВЕС (administrator) on WIN-SKFJ6HLGST2 (03-01-2019 20:43:32) Running from C:\Users\ВЕС\Downloads Loaded Profiles: ВЕС (Available Profiles: ВЕС) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [DHY0GM3ATCSFE7M] => "C:\Program Files\x0h1djdcnoe\3OQCH.exe" HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\MountPoints2: {41be252d-0f82-11e9-a624-002713343a56} - F:\Lenovo_Suite.exe HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-03] (Google Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{840DEA2A-8553-4D25-A5FB-7DB86C5BFBE5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{EE11610E-0BCC-42A7-A0AC-89B4A3B92BF1}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3512987231-521144983-709920193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp SearchScopes: HKU\S-1-5-21-3512987231-521144983-709920193-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_754_190103&q={searchTerms} BHO: YoutubeAdBlock -> {984AFA40-4BEC-457F-AEDE-FE3404A646FA} -> C:\Program Files\VKkhWVSisIE\kwTiXoR.dll => No File FireFox: ======== FF ProfilePath: C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default [2019-01-03] FF user.js: detected! => C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06] FF Extension: (NewsFox) - C:\Users\ВЕС\Downloads\k-meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-01-04] [Legacy] [not signed] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File] FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File] Chrome: ======= CHR HomePage: Default -> hxxp://google.bg/ CHR Profile: C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default [2019-01-03] CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-01-03] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-03] CHR Extension: (Chrome Media Router) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "qamplvkj" => service was unlocked. <==== ATTENTION S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [375776 2018-12-12] (Google Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes) S2 qamplvkj; C:\Windows\system32\qamplvkj\dfaricjc.exe [0 ] () <==== ATTENTION (zero byte File/Folder) S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-03] (Malwarebytes) S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2019-01-03] (Malwarebytes) S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2019-01-03] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-03] (Malwarebytes) S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2019-01-03] (Malwarebytes) U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-04 03:15 - 2019-01-04 03:15 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2019-01-04 03:15 - 2019-01-04 03:15 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2019-01-04 03:14 - 2019-01-04 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2019-01-04 03:10 - 2019-01-03 18:31 - 000000000 ____D C:\Windows\Panther 2019-01-04 03:03 - 2019-01-04 03:03 - 000000000 ____D C:\Windows.old 2019-01-03 20:43 - 2019-01-03 20:43 - 001783808 _____ (Farbar) C:\Users\ВЕС\Downloads\FRST.exe 2019-01-03 20:43 - 2019-01-03 20:43 - 000007564 _____ C:\Users\ВЕС\Downloads\FRST.txt 2019-01-03 20:43 - 2019-01-03 20:43 - 000000000 ____D C:\FRST 2019-01-03 20:18 - 2019-01-03 20:18 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-01-03 20:18 - 2019-01-03 20:18 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-01-03 20:18 - 2019-01-03 20:18 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-01-03 20:03 - 2019-01-03 20:03 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbam 2019-01-03 20:02 - 2019-01-03 20:42 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-01-03 20:02 - 2019-01-03 20:02 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-01-03 20:02 - 2019-01-03 20:02 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbamtray 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Program Files\Malwarebytes 2019-01-03 20:02 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-01-03 20:00 - 2019-01-03 20:01 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe 2019-01-03 19:40 - 2019-01-03 20:03 - 000000000 ____D C:\ProgramData\RogueKiller 2019-01-03 19:40 - 2019-01-03 19:40 - 029162424 _____ (Adlice Software ) C:\Users\ВЕС\Downloads\RogueKiller_setup.exe 2019-01-03 19:40 - 2019-01-03 19:40 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\Program Files\RogueKiller 2019-01-03 19:34 - 2019-01-03 20:42 - 000265284 _____ C:\Windows\ntbtlog.txt 2019-01-03 19:30 - 2019-01-03 19:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\teiqv2gvtfm 2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\imgn0qmwmwh 2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\acysy1vaoki 2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ C:\Users\ВЕС\AppData\Local\dump007.dat 2019-01-03 19:09 - 2019-01-03 19:09 - 000000009 _____ C:\Users\ВЕС\rstr1.ini 2019-01-03 19:08 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\3zxuksmazmq 2019-01-03 19:07 - 2019-01-03 19:07 - 000000258 __RSH C:\Users\ВЕС\ntuser.pol 2019-01-03 19:04 - 2019-01-03 19:04 - 000000000 ____D C:\Windows\system32\qamplvkj 2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\vi5lm2mflim 2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\sq0zlve2tqj 2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\qc1oa2vrskn 2019-01-03 19:02 - 2019-01-03 19:02 - 000000000 ____D C:\Users\ВЕС\AppData\LocalLow\yHNPHHIzKpsCK 2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\423viiu5lfu 2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Michael 2019-01-03 19:01 - 2019-01-03 19:19 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ShopMore 2019-01-03 19:01 - 2019-01-03 19:07 - 000002964 __RSH C:\ProgramData\ntuser.pol 2019-01-03 19:01 - 2019-01-03 19:01 - 000493800 _____ (VideoDriver) C:\Windows\D04DE5140B2D.sys 2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ C:\Users\ВЕС\AppData\Local\installer.dat 2019-01-03 19:01 - 2019-01-03 19:01 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Python 2019-01-03 19:00 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ezc3lfxnx4j 2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ C:\Users\ВЕС\AppData\Local\wbem.ini 2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{AC10FE2E-1A46-0496-3E07-15883EE04CD9} 2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{59403C6F-D807-F1C6-7FC5-457D7F221C2C} 2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\Users\NYBMYXMIG-DECRYPT.txt 2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\NYBMYXMIG-DECRYPT.txt 2019-01-03 18:57 - 2019-01-03 18:57 - 000000000 ____H C:\d85105b2d85102533b.lock 2019-01-03 18:56 - 2019-01-03 18:56 - 000000000 ____D C:\ProgramData\HCRGWPOIZH4OHCKX91M2 2019-01-03 18:56 - 2015-08-03 08:53 - 000384000 _____ (SafeIP) C:\Windows\system32\SafeIPs.dll 2019-01-03 18:55 - 2019-01-03 20:05 - 000000000 ____D C:\Program Files\KMSPico 10.2.1 Final 2019-01-03 18:53 - 2018-12-10 23:04 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-01-03 18:48 - 2019-01-03 18:48 - 001259736 _____ (Plarium) C:\Users\ВЕС\Downloads\PlariumPlaySetup (1).exe 2019-01-03 18:46 - 2019-01-03 18:46 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Package Cache 2019-01-03 18:45 - 2019-01-03 19:03 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Mozilla 2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\K-Meleon 2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Local\K-Meleon 2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Plarium 2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\CEF 2019-01-03 18:39 - 2019-01-03 18:39 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Google 2019-01-03 18:38 - 2019-01-03 19:53 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-01-03 18:38 - 2019-01-03 19:53 - 000002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-01-03 18:37 - 2019-01-03 19:02 - 000000000 ____D C:\Program Files\Google 2019-01-03 18:37 - 2019-01-03 19:00 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Google 2019-01-03 18:37 - 2019-01-03 18:37 - 000057560 _____ C:\Users\ВЕС\AppData\Local\GDIPFONTCACHEV1.DAT 2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Deployment 2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Apps\2.0 2019-01-03 18:36 - 2014-05-14 17:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-01-03 18:36 - 2014-05-14 17:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-01-03 18:36 - 2014-05-14 17:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-01-03 18:36 - 2014-05-14 17:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-01-03 18:36 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-01-03 18:36 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-01-03 18:33 - 2019-01-03 19:53 - 000001335 _____ C:\Users\ВЕС\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2019-01-03 18:33 - 2019-01-03 19:09 - 000000000 ____D C:\Users\ВЕС 2019-01-03 18:33 - 2019-01-03 18:33 - 000000020 ___SH C:\Users\ВЕС\ntuser.ini 2019-01-03 18:33 - 2019-01-03 18:33 - 000000000 ____D C:\Users\ВЕС\AppData\Local\VirtualStore 2019-01-03 18:33 - 2010-11-21 01:46 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Media Center Programs 2019-01-03 16:27 - 2019-01-03 16:27 - 000000000 ____D C:\My Drivers 2018-12-30 08:50 - 2018-12-30 08:50 - 005183296 _____ (Marcin Szeniak ) C:\Users\ВЕС\Downloads\BCUninstaller_4.12.1_setup.exe 2018-12-29 13:35 - 2018-12-29 13:35 - 000000000 ____D C:\SWSetup ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-04 03:15 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2019-01-04 03:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep 2019-01-04 03:12 - 2010-11-21 01:46 - 000000000 ____D C:\Windows\CSC 2019-01-04 03:10 - 2009-07-14 05:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2019-01-03 20:30 - 2010-11-20 22:01 - 000713888 _____ C:\Windows\system32\PerfStringBackup.INI 2019-01-03 20:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-01-03 20:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-01-03 19:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\GroupPolicy 2019-01-03 18:57 - 2018-08-11 19:54 - 000000000 ____D C:\Intel 2019-01-03 18:57 - 2017-10-21 13:53 - 000000000 ____D C:\LFS 2019-01-03 18:57 - 2017-09-25 20:50 - 000000000 ___RD C:\BECKO-PC 2019-01-03 18:57 - 2017-04-14 15:10 - 000036892 ____H C:\iCS Source.suo.nybmyxmig 2019-01-03 18:33 - 2009-07-14 05:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT 2019-01-03 18:31 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries 2019-01-03 17:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache 2019-01-03 15:34 - 2018-08-11 14:17 - 000000000 ____D C:\Users\ВЕС\Downloads\k-meleon 2019-01-01 13:09 - 2018-09-02 13:32 - 000000000 ____D C:\Users\ВЕС\Documents\TalkHelper ==================== Files in the root of some directories ======= 1601-01-03 21:26 - 1601-01-03 21:26 - 000186368 ____N (Microsoft Corporation) C:\Users\ВЕС\AppData\Local\aIQEonJ.exe 2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ () C:\Users\ВЕС\AppData\Local\dump007.dat 2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ () C:\Users\ВЕС\AppData\Local\installer.dat 2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ () C:\Users\ВЕС\AppData\Local\wbem.ini Some files in TEMP: ==================== 2019-01-03 18:56 - 2019-01-03 18:56 - 000710464 _____ () C:\Users\ВЕС\AppData\Local\Temp\3.exe 2019-01-03 19:00 - 2019-01-03 19:00 - 001312696 _____ ( ) C:\Users\ВЕС\AppData\Local\Temp\fastdatax.exe 2019-01-03 19:09 - 2019-01-03 20:19 - 000000000 ____D () C:\Users\ВЕС\AppData\Local\Temp\IEShims.dll 2019-01-03 19:00 - 2019-01-03 19:00 - 003520512 _____ () C:\Users\ВЕС\AppData\Local\Temp\installer_mi.exe 2019-01-03 18:56 - 2019-01-03 18:56 - 002715792 _____ (SafeIP, LLC. ) C:\Users\ВЕС\AppData\Local\Temp\update.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-01-04 03:11 ==================== End of FRST.txt =========================== Addition.txt
  21. Та пуснах вече една тема - хората ме пратиха тук.Ситуацията е следната - При всяко включване на компютъра Google Chrome автоматично се е пуснал и е отворил някакъв сайт с глупости на руски език."Получи предсказание от Ванга" и прочие простотии.Та опитах да изчистя кеша и да рестартирам настройките на браузъра, но не постигнах ефект.Ще се радвам ако някой може да помогне! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018 Ran by SHANOVr (administrator) on DESKTOP-4AUH82I (13-12-2018 12:11:15) Running from D:\Camera\downloads D Loaded Profiles: SHANOVr (Available Profiles: defaultuser0 & SHANOVr) Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Hi-Rez Studios) D:\SteamGammEZ\HiPatchService.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (f.lux Software LLC) C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUSTek) C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor) HKLM-x32\...\Run: [VirtualCloneDrive] => D:\CloneDrive\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation) HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [f.lux] => C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC) HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [EpicGamesLauncher] => D:\boiii\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.) HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803328 2018-09-10] (Skype Technologies S.A.) HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [SHANOVr] => explorer.exe hxxp://dipladoks.org <==== ATTENTION HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\MountPoints2: {5911fcb2-a851-11e8-a4da-fcaa14184561} - "F:\EuroTruckSimulator2_setup.exe" GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 66.117.6.114 180.76.76.76 Tcpip\..\Interfaces\{b2172693-d883-4ed3-8b20-1cd27a17c8d4}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [DhcpNameServer] 66.117.6.114 180.76.76.76 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-392342708-715023771-1080359625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2017-05-20] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2017-05-20] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default [2018-12-13] CHR Extension: (Slides) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Docs) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22] CHR Extension: (YouTube) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22] CHR Extension: (Adblock Plus) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-12] CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-11-19] CHR Extension: (Sheets) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs Offline) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (AdBlock) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22] CHR Extension: (Chrome Media Router) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-07] () S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-16] (EasyAntiCheat Ltd) U2 HiPatchService; D:\SteamGammEZ\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation) R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-12-12 15:59 - 2018-12-12 15:59 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\Google 2018-11-28 00:07 - 2018-11-21 15:41 - 000715172 _____ C:\Users\SHANOVr\Desktop\Scan2.TIF ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-12-13 12:11 - 2017-04-22 22:42 - 000000000 ____D C:\FRST 2018-12-13 12:10 - 2018-01-20 22:10 - 001425282 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-13 12:07 - 2017-01-22 20:01 - 000000000 ____D C:\ProgramData\NVIDIA 2018-12-13 12:06 - 2018-01-20 22:09 - 000003098 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II 2018-12-13 12:05 - 2018-01-20 21:57 - 000000000 ____D C:\Users\SHANOVr 2018-12-13 12:05 - 2017-01-22 20:15 - 000000000 __SHD C:\Users\SHANOVr\IntelGraphicsProfiles 2018-12-13 12:05 - 2017-01-22 19:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-12-13 12:04 - 2018-01-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-12-13 12:04 - 2018-01-20 21:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-12-13 09:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-12-12 22:54 - 2017-01-22 20:18 - 000000000 ____D C:\Program Files\Steam 2018-12-12 09:13 - 2017-02-28 08:33 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\AIMP3 2018-12-12 08:46 - 2017-01-23 13:27 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-12-10 22:50 - 2018-02-04 12:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-12-06 09:16 - 2018-01-20 21:58 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\Packages 2018-12-03 10:25 - 2018-01-20 22:09 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392342708-715023771-1080359625-1001 2018-12-03 10:25 - 2017-01-22 19:50 - 000002369 _____ C:\Users\SHANOVr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-11-29 08:12 - 2017-01-27 15:27 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\CrashDumps 2018-11-27 23:57 - 2017-01-22 19:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-11-27 23:57 - 2017-01-22 19:52 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-11-23 12:33 - 2018-10-19 09:15 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\ElevatedDiagnostics ==================== Files in the root of some directories ======= 2017-02-06 20:32 - 2017-02-06 20:32 - 000000017 _____ () C:\Users\SHANOVr\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-12-08 22:12 ==================== End of FRST.txt ============================ Addition.txt
  22. Здравейте! Ползвам Google Chrome, но от известно време, докато не ми стана трън в очите и не ми пречеше, се появиха едни и същи реклами/банери на руски, показващи някакви абсолютни глупости, понякога и порнографски снимки върху оригиналните реклами, за които е платено да се появят в интернет пространството! Който и сайт да отворя те веднага покриват местата за платените реклами върху оригиналните, които трябва да се появят там! Докато днес си пуснах видео в един сайт на БГ телевизия и видях, че се появяват върху самото видео като по този начин ми блокират и функциите на видеото за спиране , пускане, увеличаване на екрана (прикачил съм снимка)! Някой, ако знае как да спра/премахна тази досада, ще съм благодарен да сподели! Addition.txt FRST.txt
  23. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018 Ran by Dellssd (administrator) on DELLSSD-PC (29-09-2018 16:54:29) Running from C:\Users\Dellssd\Downloads Loaded Profiles: Dellssd (Available Profiles: Dellssd) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.805\SSScheduler.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe (BitTorrent Inc.) C:\Users\Dellssd\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [1447936 2018-07-13] (Adobe Systems Incorporated) HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\MountPoints2: {6e61377d-2802-11e7-81ae-1c659d02e554} - G:\AutoRun.exe HKU\S-1-5-21-477188782-2465529923-3270759937-1000\...\MountPoints2: {76ec0a4f-0d2e-11e6-8287-1c659d02e554} - F:\SETUP.EXE HKU\S-1-5-21-477188782-2465529923-3270759937-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-09-26] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.805\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-477188782-2465529923-3270759937-1000] => Proxy is enabled. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{645E12D2-5740-463F-B063-09C024155032}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{B0D854A2-9D35-438A-98DE-EE2EB8CFFC94}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-477188782-2465529923-3270759937-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> 9845cd48-2779-11e7-bbbc-1c659d02e554 URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://yandex.ru/search/?win=277&clid=2262092-3&text={searchTerms} SearchScopes: HKU\S-1-5-21-477188782-2465529923-3270759937-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10041_spdf_opdfs_all_b_doc2pdf_170414__yaie&p={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-10] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-10] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-10] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-10] (Google Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Google\Google Desktop Search\Plugins\gdSkype\skype4com.dll No File StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: yk7fki5l.default FF ProfilePath: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default [2018-09-26] FF Homepage: Mozilla\Firefox\Profiles\yk7fki5l.default -> hxxps://search.avast.com/AV772/ FF NewTab: Mozilla\Firefox\Profiles\yk7fki5l.default -> about:newtab FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-08-10] FF Extension: (Поиск Mail.Ru) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-04-12] FF Extension: (Советник Яндекс.Маркета) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-09-19] FF Extension: (Avast SafePrice) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-08-10] FF Extension: (Визуальные закладки) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-05-06] FF Extension: (Avast Online Security) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\[email protected] [2018-05-30] FF Extension: (Пульт) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2017-12-03] FF Extension: (Telemetry coverage) - C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\features\{02617030-72af-413d-a344-376f30098954}\[email protected] [2018-09-19] [Legacy] FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\avast-search.xml [2017-08-25] FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\yahoo-lavasoft.xml [2017-04-14] FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\Yahoo®-20173422.xml [2017-04-22] FF SearchPlugin: C:\Users\Dellssd\AppData\Roaming\Mozilla\Firefox\Profiles\yk7fki5l.default\searchplugins\yandex.ru-20173422.xml [2017-04-22] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin-x32: Soda PDF Desktop -> C:\Program Files (x86)\Soda PDF Desktop\np-previewer.dll [2017-03-23] (LULU Software) FF Plugin HKU\S-1-5-21-477188782-2465529923-3270759937-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Dellssd\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.) Chrome: ======= CHR HomePage: Default -> yandex.ru CHR NewTab: Default -> Active:"chrome-extension://fehhbdbmfjboomkmkflbaekjkhkklbnh/newtabproduct.html", Active:"chrome-extension://ceopoaldcnmhechacafgagdkklcogkgd/newtabproduct.html", Not-active:"chrome-extension://hcckjhfbahlnihggjcbadkgfjcghcibl/newtab/newtab.html", Not-active:"chrome-extension://mebpengldpmmlnaeehejppajiakgpbek/redirect.html", Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html", Not-active:"chrome-extension://agibagflppafhfonkefpklndlohkclcb/index.html", Not-active:"chrome-extension://ghfmhofojkkfdnlfefhkckbflohgiicn/index.html" CHR DefaultSearchURL: Default -> hxxp://musix.searchalgo.com/search/?category=web&s=wmds&q={searchTerms} CHR DefaultSearchKeyword: Default -> WowMusix CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Profile: C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default [2018-09-29] CHR Extension: (Slides) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-19] CHR Extension: (Skype Calling) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-10-25] CHR Extension: (YouTube) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-19] CHR Extension: (OnlineMapFinder) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd [2018-04-26] CHR Extension: (Tampermonkey) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-24] CHR Extension: (Стартовая — Яндекс) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkekdlkmdpipihonapoleopfekmapadh [2017-06-14] CHR Extension: (Adobe Acrobat) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-14] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20] CHR Extension: (MyImageConverter) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fehhbdbmfjboomkmkflbaekjkhkklbnh [2018-08-23] CHR Extension: (Sheets) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Search App - Music) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\flohajbbpjlbphjgeffnhlopdhoonghc [2017-09-13] CHR Extension: (Google Docs Offline) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Avast Online Security) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26] CHR Extension: (Яндекс) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfblcbjfojmgagikhldeppgmgdpjkpl [2017-06-20] CHR Extension: (Ask Web Search) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmengapaekgmapkcophhdmppmjinpogo [2018-09-21] CHR Extension: (Ask Web Search) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkmodlfcmmnhhlofndkhdcembjaefbb [2018-09-21] CHR Extension: (FromDocToPDF) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2018-08-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\odijcgafkhpobjlnfdgiacpdenpmbgme [2016-10-19] CHR Extension: (Parity to Affinity) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\peagbbjfdfkkfcehfbddelhhppflbgla [2017-03-13] CHR Extension: (Mail.Ru) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkdcinmmljblpnkohlipaiodlonpinf [2016-10-19] CHR Extension: (SearchApp - Entertainment) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\phlbjnedeghkgaeghaiocogfofoicbpg [2018-01-16] CHR Extension: (Gmail) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-19] CHR Extension: (Chrome Media Router) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19] CHR Extension: (Pulse) - C:\Users\Dellssd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmpoaahleccaibbhfjfimigepmfmmbbk [2018-06-06] CHR HKLM-x32\...\Chrome\Extension: [dkekdlkmdpipihonapoleopfekmapadh] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jkfblcbjfojmgagikhldeppgmgdpjkpl] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [odijcgafkhpobjlnfdgiacpdenpmbgme] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [phkdcinmmljblpnkohlipaiodlonpinf] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pmpoaahleccaibbhfjfimigepmfmmbbk] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxps://www.yandex.ru/?win=277&clid=2262091-3" ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-23] (AVAST Software) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.805\McCHSvc.exe [405392 2018-09-24] (McAfee, Inc.) R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2017-02-22] (Microsoft) S2 Soda PDF Desktop Creator; C:\Program Files\Soda PDF Desktop\creator-ws.exe [755048 2017-03-23] (LULU Software) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25192 2017-04-14] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\Kingsoft Office\wpscloudsvr.exe [220288 2018-03-28] (Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-12] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-05] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software) R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [103088 2015-02-26] (STMicroelectronics) R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\IFS64.sys [31320 2015-12-07] () S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X] S3 btwaudio; system32\drivers\btwaudio.sys [X] S3 btwavdt; system32\drivers\btwavdt.sys [X] S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X] S3 btwrchid; system32\DRIVERS\btwrchid.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-29 16:54 - 2018-09-29 16:54 - 000026700 _____ C:\Users\Dellssd\Downloads\FRST.txt 2018-09-29 16:54 - 2018-09-29 16:54 - 000000000 ____D C:\FRST 2018-09-29 16:53 - 2018-09-29 16:53 - 002414080 _____ (Farbar) C:\Users\Dellssd\Downloads\FRST64.exe 2018-09-29 16:19 - 2018-09-29 16:19 - 004279416 _____ (ESET) C:\Users\Dellssd\Downloads\eset_internet_security_live_installer.exe 2018-09-29 15:16 - 2018-09-29 15:16 - 000017773 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E03.720p.WEBRip.x264-TBS.torrent 2018-09-29 11:31 - 2018-09-29 11:31 - 000001191 _____ C:\Users\Dellssd\AppData\Roaming\uni.txt 2018-09-29 08:39 - 2018-09-29 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2018-09-29 08:30 - 2018-09-29 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-09-27 23:29 - 2018-09-27 23:29 - 005193216 _____ ( ) C:\Users\Dellssd\Downloads\wspsetup.exe 2018-09-26 14:31 - 2018-09-26 14:31 - 000001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2018-09-26 14:31 - 2018-09-26 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2018-09-26 14:31 - 2018-09-26 14:31 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2018-09-25 11:26 - 2018-09-28 11:38 - 000109568 ____H C:\Users\Dellssd\Desktop\~WRL1409.tmp 2018-09-25 11:26 - 2018-09-27 10:53 - 000094208 ____H C:\Users\Dellssd\Desktop\~WRL1082.tmp 2018-09-25 11:26 - 2018-09-26 13:19 - 000084480 ____H C:\Users\Dellssd\Desktop\~WRL1831.tmp 2018-09-24 22:25 - 2018-09-24 22:25 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv (2).torrent 2018-09-24 09:39 - 2018-09-24 09:39 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv (1).torrent 2018-09-23 22:48 - 2018-09-23 22:48 - 000014480 _____ C:\Users\Dellssd\Downloads\Preacher.S03E10.HDTV.x264-KILLERS.mkv.torrent 2018-09-23 22:46 - 2018-09-23 22:46 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA (2).torrent 2018-09-23 08:18 - 2018-09-23 08:18 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA (1).torrent 2018-09-22 20:53 - 2018-09-22 20:53 - 000011432 _____ C:\Users\Dellssd\Downloads\Preacher.S03E09.HDTV.x264-SVA.torrent 2018-09-22 19:56 - 2018-09-22 19:56 - 000018281 _____ C:\Users\Dellssd\Downloads\Preacher.S03E08.720p.HEVC.x265-MeGusta.torrent 2018-09-22 19:03 - 2018-09-22 19:03 - 000017384 _____ C:\Users\Dellssd\Downloads\Preacher.S03E07.720p.HEVC.x265-MeGusta.torrent 2018-09-22 10:02 - 2018-09-22 10:02 - 000010528 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E01.HDTV.x264-SVA (1).torrent 2018-09-21 18:54 - 2018-09-21 18:54 - 000010528 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E01.HDTV.x264-SVA.torrent 2018-09-21 18:52 - 2018-09-21 18:52 - 000017830 _____ C:\Users\Dellssd\Downloads\American.Horror.Story.S08E02.WEBRip.x264-TBS.torrent 2018-09-19 10:10 - 2018-09-19 10:10 - 000262144 _____ C:\Windows\Minidump\091918-9126-01.dmp 2018-09-16 10:43 - 2018-09-16 10:43 - 000218836 _____ C:\Users\Dellssd\Desktop\a.psd 2018-09-16 10:20 - 2018-09-16 10:21 - 000024235 _____ C:\Users\Dellssd\Desktop\a.jpf 2018-09-08 16:34 - 2018-09-08 16:34 - 000152887 _____ C:\Users\Dellssd\Desktop\5.jpeg 2018-09-06 20:51 - 2018-09-06 20:51 - 000015001 _____ C:\Users\Dellssd\Downloads\[kinozal.tv]id1604058.torrent 2018-08-30 23:30 - 2018-08-30 23:29 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-29 16:53 - 2016-04-28 15:06 - 000000000 ____D C:\Users\Dellssd\AppData\Roaming\uTorrent 2018-09-29 16:43 - 2017-05-15 14:15 - 000000378 _____ C:\Windows\Tasks\WpsNotifyTask_Dellssd.job 2018-09-29 16:39 - 2018-02-11 22:39 - 000000994 _____ C:\Windows\Tasks\Chromium nefil.job 2018-09-29 16:12 - 2016-10-21 06:34 - 000000000 ____D C:\Users\Dellssd\AppData\Roaming\vlc 2018-09-29 15:16 - 2017-09-30 23:37 - 000000000 ____D C:\Users\Dellssd\AppData\LocalLow\uTorrent 2018-09-29 13:22 - 2016-04-28 19:38 - 000000392 _____ C:\Windows\Tasks\update-sys.job 2018-09-29 12:57 - 2016-04-28 19:38 - 000000392 _____ C:\Windows\Tasks\update-S-1-5-21-477188782-2465529923-3270759937-1000.job 2018-09-29 08:39 - 2016-04-28 19:38 - 000003270 _____ C:\Windows\System32\Tasks\update-S-1-5-21-477188782-2465529923-3270759937-1000 2018-09-29 08:38 - 2009-07-14 07:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-09-29 08:38 - 2009-07-14 07:45 - 000014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-09-29 08:30 - 2017-08-13 12:16 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-09-29 08:30 - 2017-03-11 18:15 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk 2018-09-29 08:30 - 2017-03-11 18:15 - 000000000 ___RD C:\Program Files (x86)\Skype 2018-09-29 08:30 - 2016-04-28 15:22 - 000000000 ____D C:\ProgramData\Skype 2018-09-29 08:28 - 2009-07-14 08:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2018-09-29 08:28 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2018-09-29 08:21 - 2016-04-28 15:19 - 000000204 _____ C:\Windows\Tasks\AutoKMS.job 2018-09-29 08:21 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-09-27 23:33 - 2018-03-23 00:37 - 000000000 ____D C:\Users\Dellssd\AppData\Local\AVAST Software 2018-09-27 10:13 - 2016-12-02 22:36 - 000000000 ____D C:\Users\Dellssd\Desktop\преводи 2018-09-26 14:31 - 2018-07-13 15:01 - 000000000 ____D C:\Program Files\McAfee Security Scan 2018-09-24 09:29 - 2017-04-13 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-09-24 09:29 - 2016-08-18 13:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-09-23 23:46 - 2016-12-01 16:09 - 000000000 ____D C:\Users\Dellssd\AppData\LocalLow\Mozilla 2018-09-23 08:33 - 2017-07-27 09:56 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-477188782-2465529923-3270759937-1000 2018-09-23 08:33 - 2017-05-14 12:21 - 000002164 _____ C:\Users\Dellssd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2018-09-23 08:33 - 2017-05-14 12:21 - 000000000 ___RD C:\Users\Dellssd\OneDrive 2018-09-22 17:35 - 2018-08-29 08:46 - 000501760 ____H C:\Users\Dellssd\Desktop\~WRL1243.tmp 2018-09-21 18:56 - 2016-10-30 19:56 - 000000000 ____D C:\Users\Dellssd\Desktop\subtitri 2018-09-21 14:57 - 2018-08-29 08:46 - 000493568 ____H C:\Users\Dellssd\Desktop\~WRL3209.tmp 2018-09-20 12:11 - 2016-09-26 11:57 - 000119544 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2018-09-20 10:36 - 2017-04-14 13:23 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-09-20 10:36 - 2017-04-14 13:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-09-19 23:21 - 2018-03-23 00:38 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2018-09-19 10:10 - 2017-01-14 08:33 - 000000000 ____D C:\Windows\Minidump 2018-09-18 23:46 - 2016-09-19 00:17 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-09-18 23:46 - 2016-09-19 00:17 - 000002389 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-09-18 12:47 - 2018-08-29 08:46 - 000419328 ____H C:\Users\Dellssd\Desktop\~WRL1414.tmp 2018-09-17 12:36 - 2018-08-29 08:46 - 000396288 ____H C:\Users\Dellssd\Desktop\~WRL2232.tmp 2018-09-17 09:55 - 2016-04-28 15:19 - 000000202 _____ C:\Windows\Tasks\AutoKMSDaily.job 2018-09-16 22:22 - 2018-07-13 14:31 - 000004482 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-09-16 22:22 - 2018-06-17 11:13 - 000003138 _____ C:\Windows\System32\Tasks\{810AB3C2-34D4-499B-B4BB-9D38D546FA12} 2018-09-16 22:22 - 2018-05-05 14:25 - 000003944 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Dellssd 2018-09-16 22:22 - 2017-08-07 09:24 - 000004192 _____ C:\Windows\System32\Tasks\WpsExternal_Dellssd_20170807092444 2018-09-16 22:22 - 2017-05-15 14:15 - 000004196 _____ C:\Windows\System32\Tasks\WpsKtpcntrQingTask_Dellssd 2018-09-16 22:22 - 2017-05-15 14:15 - 000003362 _____ C:\Windows\System32\Tasks\WpsNotifyTask_Dellssd 2018-09-16 22:22 - 2017-04-16 19:21 - 000004308 _____ C:\Windows\System32\Tasks\Opera scheduled suite Autoupdate 1492359678 2018-09-16 22:22 - 2017-04-16 19:21 - 000004086 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1492359677 2018-09-16 22:22 - 2017-04-14 13:19 - 000003572 _____ C:\Windows\System32\Tasks\doPDF Update 2018-09-16 22:22 - 2017-03-11 18:01 - 000003154 _____ C:\Windows\System32\Tasks\{F75FB1AB-3FC6-4CCB-8E59-EFFFE1750F20} 2018-09-16 22:22 - 2017-03-11 17:59 - 000003154 _____ C:\Windows\System32\Tasks\{CEDD031E-67BD-4005-BC8D-F936A030F0BA} 2018-09-16 22:22 - 2017-03-10 11:47 - 000003154 _____ C:\Windows\System32\Tasks\{54495718-5171-4E02-8AE9-0C0BA73E7D7F} 2018-09-16 22:22 - 2017-03-10 11:46 - 000003154 _____ C:\Windows\System32\Tasks\{E1C2E6E7-851E-4C71-BE27-06A41080DD86} 2018-09-16 22:22 - 2017-03-08 15:35 - 000003154 _____ C:\Windows\System32\Tasks\{380FC156-4700-48BE-8B5A-FBA1286DCE61} 2018-09-16 22:22 - 2017-03-07 19:54 - 000003154 _____ C:\Windows\System32\Tasks\{B59123EA-C895-4329-A7B1-CB325A18760F} 2018-09-16 22:22 - 2017-03-07 19:53 - 000003154 _____ C:\Windows\System32\Tasks\{1B3678E0-0EBD-4B19-8557-0E961136459F} 2018-09-16 22:22 - 2017-03-07 19:23 - 000003152 _____ C:\Windows\System32\Tasks\{C3112054-5422-446C-8C6A-CBF71C0F1362} 2018-09-16 22:22 - 2017-03-07 19:18 - 000003154 _____ C:\Windows\System32\Tasks\{2A7E9ED5-EA5D-44CE-A690-23D3D3057CA2} 2018-09-16 22:22 - 2017-03-07 19:14 - 000003154 _____ C:\Windows\System32\Tasks\{E3C65BC8-A75A-427C-B27F-42C9BBE41C62} 2018-09-16 22:22 - 2016-10-20 13:50 - 000003112 _____ C:\Windows\System32\Tasks\{35511907-B4BB-42B6-B5D5-1DEA4D518FE5} 2018-09-16 22:22 - 2016-10-20 13:36 - 000003164 _____ C:\Windows\System32\Tasks\{CF456C35-60A1-4F96-848F-0062539D31D4} 2018-09-16 22:22 - 2016-10-20 13:08 - 000003164 _____ C:\Windows\System32\Tasks\{286D155D-B077-4884-A3BD-71EBE307BEF5} 2018-09-16 22:22 - 2016-10-20 13:07 - 000003164 _____ C:\Windows\System32\Tasks\{295B979B-F0EA-40DA-9832-C45D45FC859B} 2018-09-16 22:22 - 2016-10-19 13:20 - 000003164 _____ C:\Windows\System32\Tasks\{B72E12E4-120A-46A7-B0FC-AED00851297F} 2018-09-16 22:22 - 2016-10-19 12:55 - 000003164 _____ C:\Windows\System32\Tasks\{A7EABB03-E8E6-444E-9C70-01DEA803DBEC} 2018-09-16 22:22 - 2016-10-19 12:53 - 000003164 _____ C:\Windows\System32\Tasks\{D6E5F4DF-91E3-4ECA-B09F-9DCF123E1030} 2018-09-16 22:22 - 2016-09-19 00:16 - 000003432 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-09-16 22:22 - 2016-09-19 00:16 - 000003304 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-09-16 22:22 - 2016-04-28 19:38 - 000003400 _____ C:\Windows\System32\Tasks\update-sys 2018-09-16 22:22 - 2016-04-28 15:19 - 000002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily 2018-09-16 22:22 - 2016-04-28 15:19 - 000002436 _____ C:\Windows\System32\Tasks\AutoKMS 2018-09-16 22:22 - 2016-04-28 15:14 - 000003148 _____ C:\Windows\System32\Tasks\{5A5A1497-EAC4-4683-9946-09144759EE3B} 2018-09-16 22:22 - 2016-04-28 13:36 - 000003254 _____ C:\Windows\System32\Tasks\{CD225CD4-3990-439E-8F36-78EB3BDEE4E1} 2018-09-16 20:22 - 2018-08-29 08:46 - 000370688 ____H C:\Users\Dellssd\Desktop\~WRL3793.tmp 2018-09-15 19:37 - 2018-08-29 08:46 - 000344576 ____H C:\Users\Dellssd\Desktop\~WRL1766.tmp 2018-09-14 18:54 - 2018-08-29 08:46 - 000297984 ____H C:\Users\Dellssd\Desktop\~WRL2266.tmp 2018-09-13 15:27 - 2018-08-29 08:46 - 000268288 ____H C:\Users\Dellssd\Desktop\~WRL2379.tmp 2018-09-12 23:30 - 2016-04-28 15:24 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-09-12 12:59 - 2018-08-29 08:46 - 000251904 ____H C:\Users\Dellssd\Desktop\~WRL1812.tmp 2018-09-12 12:19 - 2016-04-28 15:24 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-09-09 09:00 - 2018-08-29 08:46 - 000212992 ____H C:\Users\Dellssd\Desktop\~WRL1160.tmp 2018-09-08 11:36 - 2018-08-29 08:46 - 000209920 ____H C:\Users\Dellssd\Desktop\~WRL3129.tmp 2018-09-07 13:25 - 2018-08-29 08:46 - 000199168 ____H C:\Users\Dellssd\Desktop\~WRL0459.tmp 2018-09-05 11:53 - 2016-04-28 15:24 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-09-04 13:41 - 2018-08-29 08:46 - 000154624 ____H C:\Users\Dellssd\Desktop\~WRL0358.tmp 2018-09-03 23:58 - 2017-03-11 17:50 - 000000000 _____ C:\Windows\SysWOW64\last.dump 2018-09-03 10:30 - 2018-08-29 08:46 - 000122368 ____H C:\Users\Dellssd\Desktop\~WRL1632.tmp 2018-09-01 12:16 - 2018-08-29 08:46 - 000114688 ____H C:\Users\Dellssd\Desktop\~WRL0845.tmp 2018-08-31 12:46 - 2018-08-29 08:46 - 000098304 ____H C:\Users\Dellssd\Desktop\~WRL3568.tmp 2018-08-30 23:30 - 2017-04-04 12:54 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2018-08-30 23:30 - 2016-04-28 15:24 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-08-30 23:29 - 2017-12-23 19:29 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-08-30 23:29 - 2017-11-13 11:28 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-08-30 23:29 - 2017-04-04 12:54 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys 2018-08-30 23:29 - 2017-04-04 12:54 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2018-08-30 23:29 - 2017-04-04 12:54 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys 2018-08-30 23:29 - 2017-04-04 12:54 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys 2018-08-30 23:29 - 2016-04-28 15:24 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-08-30 23:29 - 2016-04-28 15:24 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-08-30 23:29 - 2016-04-28 15:24 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-08-30 23:29 - 2016-04-28 15:24 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-08-30 13:39 - 2018-08-29 08:46 - 000077824 ____H C:\Users\Dellssd\Desktop\~WRL3210.tmp ==================== Files in the root of some directories ======= 2015-10-21 18:11 - 2015-10-21 18:11 - 130502551 _____ () C:\Program Files\openoffice1.cab 2015-10-21 18:10 - 2015-10-21 18:10 - 002310144 _____ () C:\Program Files\openoffice412.msi 2015-10-21 18:10 - 2015-10-21 18:10 - 000478720 _____ () C:\Program Files\setup.exe 2015-10-21 18:10 - 2015-10-21 18:10 - 000000279 _____ () C:\Program Files\setup.ini 2016-12-08 14:00 - 2017-03-04 10:53 - 000000132 _____ () C:\Users\Dellssd\AppData\Roaming\Adobe AIFF Format CS6 Prefs 2016-12-07 08:29 - 2016-12-07 08:29 - 000000146 _____ () C:\Users\Dellssd\AppData\Roaming\gamma_ramp.reg 2018-09-29 11:31 - 2018-09-29 11:31 - 000001191 _____ () C:\Users\Dellssd\AppData\Roaming\uni.txt 2017-04-08 21:19 - 2016-03-31 21:40 - 000145792 _____ () C:\Users\Dellssd\AppData\Local\downloader.exe 2016-04-28 19:38 - 2016-04-28 19:38 - 000000003 ____H () C:\Users\Dellssd\AppData\Local\updater.log 2016-04-28 19:38 - 2016-04-28 19:38 - 000000424 ____H () C:\Users\Dellssd\AppData\Local\UserProducts.xml 2016-10-29 12:23 - 2016-10-29 12:23 - 000017408 _____ () C:\Users\Dellssd\AppData\Local\WebpageIcons.db 2017-02-10 09:00 - 2017-02-10 09:00 - 000000000 _____ () C:\Users\Dellssd\AppData\Local\{DC54C818-2F39-4DF4-A54B-09F3D3BE3CC3} Some files in TEMP: ==================== 2018-04-09 11:51 - 2018-08-20 12:55 - 062983128 _____ (Softland) C:\Users\Dellssd\AppData\Local\Temp\dopdf-full.exe 2017-05-15 14:12 - 2017-05-15 14:12 - 003463288 _____ (Gadomotus ) C:\Users\Dellssd\AppData\Local\Temp\ICReinstall_microsoft_office (1).exe 2016-10-29 19:52 - 2016-10-30 14:18 - 037642072 _____ (PandoraTV) C:\Users\Dellssd\AppData\Local\Temp\KMP_4.1.3.3.exe 2017-12-16 10:25 - 2017-12-16 10:25 - 039544976 _____ (PandoraTV) C:\Users\Dellssd\AppData\Local\Temp\KMP_4.2.2.5.exe 2016-12-06 13:30 - 2016-12-07 08:28 - 048947193 _____ () C:\Users\Dellssd\AppData\Local\Temp\new_version.exe 2017-10-10 23:42 - 2017-10-10 23:42 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710104236545.dll 2017-10-12 10:00 - 2017-10-12 10:00 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017101208259.dll 2017-10-13 10:42 - 2017-10-13 10:42 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710134229437.dll 2017-10-13 10:47 - 2017-10-13 10:47 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171013479979.dll 2017-10-16 10:13 - 2017-10-16 10:13 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710161342290.dll 2017-10-19 23:59 - 2017-10-19 23:59 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710195926616.dll 2017-10-24 10:14 - 2017-10-24 10:14 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201710241457563.dll 2017-10-24 10:09 - 2017-10-24 10:09 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171024911435.dll 2017-10-02 08:58 - 2017-10-02 08:58 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171025819305.dll 2017-10-28 08:06 - 2017-10-28 08:06 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171028622139.dll 2017-10-04 09:31 - 2017-10-04 09:31 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171043113370.dll 2017-10-05 09:53 - 2017-10-05 09:53 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017105532580.dll 2017-10-06 09:16 - 2017-10-06 09:16 - 002163200 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171061623730.dll 2017-10-06 23:52 - 2017-10-06 23:52 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171065224505.dll 2017-10-07 09:54 - 2017-10-07 09:54 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171075447890.dll 2017-10-09 10:23 - 2017-10-09 10:23 - 002163712 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171092328422.dll 2017-11-10 11:43 - 2017-11-10 11:43 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711104321386.dll 2017-11-01 10:23 - 2017-11-01 10:23 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171112339856.dll 2017-11-02 00:52 - 2017-11-02 00:52 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171115225368.dll 2017-11-17 12:11 - 2017-11-17 12:11 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171117111267.dll 2017-11-18 19:17 - 2017-11-18 19:17 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711181734927.dll 2017-11-21 00:46 - 2017-11-21 00:46 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017112046238.dll 2017-11-23 00:46 - 2017-11-23 00:46 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711224618694.dll 2017-11-25 09:12 - 2017-11-25 09:12 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711251244928.dll 2017-11-27 10:16 - 2017-11-27 10:16 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201711271659784.dll 2017-11-06 09:42 - 2017-11-06 09:42 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171164236192.dll 2017-11-08 10:10 - 2017-11-08 10:10 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017118103184.dll 2017-11-09 00:50 - 2017-11-09 00:50 - 002172416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171185049290.dll 2017-12-11 11:10 - 2017-12-11 11:10 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171211109386.dll 2017-12-16 10:08 - 2017-12-16 10:08 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171216841406.dll 2017-12-20 10:30 - 2017-12-20 10:30 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171220300768.dll 2017-12-21 09:59 - 2017-12-21 09:59 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171221599557.dll 2017-12-25 11:52 - 2017-12-25 11:52 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712255220697.dll 2017-12-27 10:46 - 2017-12-27 10:46 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712274620418.dll 2017-12-28 10:30 - 2017-12-28 10:30 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20171228304823.dll 2017-12-30 09:54 - 2017-12-30 09:54 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201712305435151.dll 2017-12-06 11:04 - 2017-12-06 11:04 - 002230784 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017126459962.dll 2017-05-16 23:45 - 2017-05-16 23:45 - 001980416 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175164533688.dll 2017-05-19 08:44 - 2017-05-19 08:44 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175194420141.dll 2017-05-20 06:44 - 2017-05-20 06:44 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175204459667.dll 2017-05-24 09:17 - 2017-05-24 09:17 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017524175694.dll 2017-05-29 08:07 - 2017-05-29 08:07 - 002008064 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20175297735.dll 2017-06-13 07:40 - 2017-06-13 07:40 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176134013374.dll 2017-06-13 23:42 - 2017-06-13 23:42 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017613428192.dll 2017-06-16 08:07 - 2017-06-16 08:07 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017616745230.dll 2017-06-17 20:54 - 2017-06-17 20:54 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176175444375.dll 2017-06-20 12:39 - 2017-06-20 12:39 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017620392713.dll 2017-06-22 07:31 - 2017-06-22 07:31 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20176223128826.dll 2017-06-30 08:43 - 2017-06-30 08:43 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017630439814.dll 2017-06-05 13:34 - 2017-06-05 13:34 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017653419350.dll 2017-06-06 23:39 - 2017-06-06 23:39 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017663958437.dll 2017-06-08 18:49 - 2017-06-08 18:49 - 002011648 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017684938352.dll 2017-07-10 18:05 - 2017-07-10 18:05 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017710548407.dll 2017-07-14 18:41 - 2017-07-14 18:41 - 001973248 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017714411279.dll 2017-07-18 23:54 - 2017-07-18 23:54 - 001973248 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177185419573.dll 2017-07-21 05:15 - 2017-07-21 05:15 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177211525566.dll 2017-07-27 09:55 - 2017-07-27 09:55 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177275517760.dll 2017-07-28 04:57 - 2017-07-28 04:57 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20177285736189.dll 2017-07-03 08:19 - 2017-07-03 08:19 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017731946996.dll 2017-07-04 09:07 - 2017-07-04 09:07 - 001972736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201774732193.dll 2017-08-01 08:38 - 2017-08-01 08:38 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201781381180.dll 2017-08-16 05:06 - 2017-08-16 05:06 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017816647150.dll 2017-08-18 04:56 - 2017-08-18 04:56 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178185624580.dll 2017-08-20 07:53 - 2017-08-20 07:53 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178205358978.dll 2017-08-23 09:46 - 2017-08-23 09:46 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20178234653479.dll 2017-08-26 09:05 - 2017-08-26 09:05 - 001999360 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017826549919.dll 2017-08-31 08:56 - 2017-08-31 08:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017831561686.dll 2017-08-05 07:40 - 2017-08-05 07:40 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017854013409.dll 2017-08-06 22:28 - 2017-08-06 22:28 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017862837477.dll 2017-08-09 09:31 - 2017-08-09 09:31 - 001973760 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017893159204.dll 2017-09-14 08:52 - 2017-09-14 08:52 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179145250727.dll 2017-09-20 08:56 - 2017-09-20 08:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179205616444.dll 2017-09-02 09:04 - 2017-09-02 09:04 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201792421331.dll 2017-09-26 11:48 - 2017-09-26 11:48 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20179264854497.dll 2017-09-28 00:05 - 2017-09-28 00:05 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017927529360.dll 2017-09-07 04:56 - 2017-09-07 04:56 - 001999872 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2017975639972.dll 2018-01-16 10:06 - 2018-01-16 10:06 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_201811662581.dll 2018-01-18 00:32 - 2018-01-18 00:32 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181173214934.dll 2018-01-19 00:31 - 2018-01-19 00:31 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181183124471.dll 2018-01-21 11:17 - 2018-01-21 11:17 - 002329600 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_20181211757955.dll 2018-01-04 11:38 - 2018-01-04 11:38 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018143847667.dll 2018-01-07 08:59 - 2018-01-07 08:59 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018175955849.dll 2018-01-09 10:29 - 2018-01-09 10:29 - 002228736 _____ (Opera Software) C:\Users\Dellssd\AppData\Local\Temp\Opera_installer_2018192959337.dll 2010-06-17 17:09 - 2010-06-17 17:09 - 000149352 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00000.exe 2012-11-10 21:20 - 2012-11-10 21:20 - 000150600 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00001.exe 2008-11-16 13:38 - 2008-11-16 13:38 - 000145184 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00002.exe 2010-06-17 17:09 - 2010-06-17 17:09 - 000149352 ____R (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\ose00003.exe 2016-08-16 10:48 - 2016-08-16 10:48 - 000488960 _____ () C:\Users\Dellssd\AppData\Local\Temp\sqlite3.exe 2017-04-22 19:34 - 2017-04-22 19:34 - 000181544 _____ () C:\Users\Dellssd\AppData\Local\Temp\ubar-yadownloader.exe 2017-03-15 22:10 - 2017-03-15 22:10 - 014456872 _____ (Microsoft Corporation) C:\Users\Dellssd\AppData\Local\Temp\vc_redist.x86.exe 2017-08-13 12:15 - 2017-08-13 12:15 - 030950664 _____ () C:\Users\Dellssd\AppData\Local\Temp\vlc-2.2.6-win32.exe 2017-04-14 13:05 - 2017-04-14 13:05 - 000349280 _____ (Lavasoft) C:\Users\Dellssd\AppData\Local\Temp\WcInstaller.exe 2017-04-22 21:17 - 2017-03-27 12:10 - 000237920 _____ () C:\Users\Dellssd\AppData\Local\Temp\YandexWorking.exe 2017-03-30 21:07 - 2017-03-30 21:07 - 061980664 _____ (YANDEX LLC) C:\Users\Dellssd\AppData\Local\Temp\{13BD144E-5CAE-445E-ACAC-B02F6DDCF43E}.exe 2016-10-20 12:07 - 2016-10-20 12:07 - 044295032 _____ (Google Inc.) C:\Users\Dellssd\AppData\Local\Temp\{486E4B52-BB14-452C-9A04-353419ACD5E8}-54.0.2840.71_chrome_installer.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-09-25 14:59 ==================== End of FRST.txt ============================ Addition.txt
  24. Здравейте, Имам съмнения, че системата ми е заразена работи, бавно и първият път, като отворя нов таб във файрфокс се отварят още два прозореца с реклами. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018 Ran by Anton (administrator) on DESKTOP-IRI1MIH (04-08-2018 17:20:24) Running from C:\Users\Anton\Desktop Loaded Profiles: Anton (Available Profiles: Anton) Platform: Windows 10 Enterprise Version 1709 16299.431 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (BitTorrent Inc.) C:\Users\Anton\AppData\Roaming\uTorrent\uTorrent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (BitTorrent Inc.) C:\Users\Anton\AppData\Roaming\uTorrent\updates\3.5.3_44494\utorrentie.exe (BitTorrent Inc.) C:\Users\Anton\AppData\Roaming\uTorrent\updates\3.5.3_44494\utorrentie.exe () C:\Program Files\WindowsApps\60145ScottBrogden.ditto-cp_3.21.223.0_x86__n6b029mg40na2\Ditto.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Lenovo Group Limited) C:\Users\Anton\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (AVAST Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek semiconductor) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-22] (AVAST Software) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\Run: [uTorrent] => C:\Users\Anton\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-22] (BitTorrent Inc.) HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\Run: [Viber] => C:\Users\Anton\AppData\Local\Viber\Viber.exe [37338696 2018-04-24] (Viber Media S.Ã r.l.) HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-30] (Disc Soft Ltd) HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7368480 2018-08-04] (Lavasoft) HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\MountPoints2: {a097669a-1fdb-11e8-8817-f8a963267c4d} - "I:\startme.exe" HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\MountPoints2: {a09767e5-1fdb-11e8-8817-f8a963267c4d} - "H:\SETUP.EXE" HKU\S-1-5-21-1747955922-307037692-2103265143-1001\...\MountPoints2: {a0976fa4-1fdb-11e8-8817-f8a963267c4d} - "I:\Setup.exe" GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 62.221.132.211 85.130.60.11 Tcpip\..\Interfaces\{3dad8f67-5fb2-42f7-8404-142ac9dfe4b7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7fd9a328-bcce-42f4-bd1c-45a1f2ee1e6c}: [DhcpNameServer] 62.221.132.211 85.130.60.11 Internet Explorer: ================== HKU\S-1-5-21-1747955922-307037692-2103265143-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__yaie SearchScopes: HKU\S-1-5-21-1747955922-307037692-2103265143-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180523__yaie&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-04-10] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6l09fpov.default-1519148072560 FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560 [2018-08-04] FF Homepage: Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560 -> about:home FF NewTab: Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__yaff FF Extension: (Easy YouTube mp3) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560\Extensions\[email protected] [2018-07-07] FF Extension: (Avast Online Security) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560\Extensions\[email protected] [2018-06-01] FF Extension: (Adblock Plus) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-18] FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\6l09fpov.default-1519148072560\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-23] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-14] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-14] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) FF Plugin HKU\S-1-5-21-1747955922-307037692-2103265143-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default [2018-07-25] CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-26] CHR Extension: (Avast SafePrice) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-18] CHR Extension: (Avast Online Security) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-26] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-26] CHR Extension: (Chrome Media Router) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-23] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-22] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-22] (AVAST Software) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-30] (Disc Soft Ltd) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-31] (Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-08-04] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [65248 2015-04-24] (Advanced Micro Devices, Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-22] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-22] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-22] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-22] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-22] (AVAST Software) S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-22] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-22] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-22] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-22] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-22] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-22] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-22] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-07-25] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-22] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-22] (AVAST Software) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-04] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-03-04] (Disc Soft Ltd) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-04 17:19 - 2018-08-04 17:20 - 000040238 _____ C:\Users\Anton\Desktop\Addition.txt 2018-08-04 17:16 - 2018-08-04 17:23 - 000018696 _____ C:\Users\Anton\Desktop\FRST.txt 2018-08-04 17:16 - 2018-08-04 17:20 - 000000000 ____D C:\FRST 2018-08-04 17:14 - 2018-08-04 17:15 - 002412544 _____ (Farbar) C:\Users\Anton\Desktop\FRST64.exe 2018-08-04 17:09 - 2018-08-04 17:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC 2018-07-25 15:13 - 2018-07-25 15:13 - 000000000 ____D C:\Users\Anton\AppData\Local\PlaceholderTileLogoFolder 2018-07-25 15:11 - 2018-07-25 15:11 - 000107310 _____ C:\Users\Anton\Desktop\FileZilla.xml 2018-07-25 15:10 - 2018-07-25 15:11 - 007791072 _____ (Tim Kosse) C:\Users\Anton\Downloads\FileZilla_3.35.1_win64-setup.exe 2018-07-19 13:01 - 2018-07-19 13:01 - 000000711 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tanki Online.lnk 2018-07-19 12:59 - 2018-07-19 12:59 - 009644712 _____ (AlternativaGame Ltd ) C:\Users\Anton\Downloads\tankionline_eu.exe 2018-07-19 09:44 - 2018-08-04 17:06 - 000000000 ____D C:\Users\Anton\AppData\LocalLow\uTorrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-04 17:22 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-08-04 17:22 - 2017-09-26 18:50 - 000000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent 2018-08-04 17:21 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-08-04 17:09 - 2017-09-26 00:28 - 000000000 ____D C:\Users\Anton\AppData\LocalLow\Mozilla 2018-08-04 17:08 - 2018-06-23 10:14 - 000000000 ____D C:\Users\Anton\AppData\Local\AVAST Software 2018-08-04 17:06 - 2017-10-12 22:48 - 000000000 ____D C:\Users\Anton\AppData\Local\HTC MediaHub 2018-08-04 17:05 - 2017-12-31 07:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-08-04 17:05 - 2017-10-23 19:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-08-04 17:05 - 2017-10-21 12:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-08-04 17:05 - 2017-09-26 00:39 - 000000000 __SHD C:\Users\Anton\IntelGraphicsProfiles 2018-07-25 20:17 - 2017-09-29 11:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-07-25 20:00 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-07-25 19:52 - 2017-12-31 07:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-07-25 17:10 - 2017-12-31 07:18 - 000000000 ____D C:\Users\Anton 2018-07-25 16:53 - 2017-09-26 19:10 - 000000000 ____D C:\Users\Anton\AppData\Roaming\vlc 2018-07-25 16:51 - 2018-06-03 23:14 - 000000000 ____D C:\Users\Anton\AppData\Roaming\FileZilla 2018-07-25 15:48 - 2018-06-03 23:14 - 000000000 ____D C:\Users\Anton\AppData\Local\FileZilla 2018-07-25 15:13 - 2017-12-31 07:19 - 000000000 ____D C:\Users\Anton\AppData\Local\Packages 2018-07-25 15:13 - 2017-09-29 16:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-07-25 15:12 - 2018-06-03 23:12 - 000000000 ____D C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2018-07-25 15:12 - 2018-06-03 23:12 - 000000000 ____D C:\Program Files\FileZilla FTP Client 2018-07-25 14:51 - 2017-09-26 18:43 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-07-24 21:36 - 2017-12-31 07:35 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-07-22 16:34 - 2017-10-08 22:55 - 000000875 _____ C:\Users\Anton\Desktop\Книги.txt 2018-07-22 15:44 - 2017-09-29 16:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-07-18 23:21 - 2018-06-26 23:00 - 000000000 ____D C:\Users\Anton\AppData\Local\CrashDumps 2018-07-18 23:19 - 2018-04-21 10:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2018-07-18 23:18 - 2015-10-30 10:24 - 000000167 _____ C:\WINDOWS\win.ini 2018-07-15 13:29 - 2017-09-27 00:48 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-07-15 13:24 - 2017-09-27 00:48 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-07-15 13:17 - 2017-09-29 16:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-07-15 12:58 - 2017-12-23 17:33 - 000000000 ___DC C:\WINDOWS\Panther 2018-07-15 12:16 - 2017-12-31 07:34 - 000065683 _____ C:\WINDOWS\diagwrn.xml 2018-07-15 12:16 - 2017-12-31 07:34 - 000062868 _____ C:\WINDOWS\diagerr.xml 2018-07-15 10:45 - 2017-10-21 13:22 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2018-07-15 10:43 - 2017-09-29 11:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-07-15 10:07 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\Registration 2018-07-15 10:06 - 2018-04-12 20:30 - 000000000 ___HD C:\$WINDOWS.~BT 2018-07-14 11:11 - 2017-10-15 22:30 - 000000000 ____D C:\Users\Anton\AppData\Local\LenovoServiceBridge 2018-07-14 11:05 - 2018-03-15 00:41 - 000004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-07-14 11:05 - 2017-12-31 07:35 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-07-14 11:05 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-07-14 11:05 - 2017-09-29 16:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-07-10 23:51 - 2017-09-29 00:46 - 000000187 _____ C:\Users\Anton\Desktop\Angliski.txt 2018-07-10 20:48 - 2017-12-31 07:35 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2018-07-10 20:47 - 2017-09-26 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-07-10 08:13 - 2017-12-31 07:35 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1747955922-307037692-2103265143-1001 2018-07-10 08:13 - 2017-09-26 00:26 - 000002391 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-07-10 08:13 - 2017-09-26 00:26 - 000000000 ___RD C:\Users\Anton\OneDrive 2018-07-08 23:05 - 2018-02-20 20:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-07-08 23:05 - 2018-02-20 20:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-07-07 15:25 - 2018-02-20 20:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk ==================== Files in the root of some directories ======= 2018-06-03 22:57 - 2018-06-03 23:09 - 000000600 _____ () C:\Users\Anton\AppData\Roaming\winscp.rnd 2018-02-25 19:38 - 2018-02-25 19:38 - 000001456 _____ () C:\Users\Anton\AppData\Local\Adobe Save for Web 13.0 Prefs 2018-06-10 00:20 - 2018-06-10 00:20 - 000002031 _____ () C:\Users\Anton\AppData\Local\recently-used.xbel Some files in TEMP: ==================== 2018-07-10 08:14 - 2018-08-04 17:09 - 000391024 _____ (adaware) C:\Users\Anton\AppData\Local\Temp\wcupdater.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-07-22 16:44 ==================== End of FRST.txt ============================ Addition.txt
  25. Здравейте,сблъсках се със следния проблем-неизвестно лице или лица правят опити за проникване в мои акаунти в електронни пощи и сайтове където съм се регистрирал.Получих писмо от единия сайт че е правен опит за вписване с моето потребителско име,но с грешна парола,и аналогично съобщение от е-майл провайдър.Ползвам десктоп компютър и лаптоп и не знам дали някое от устройствата не е със зловреден софтуер.Видимо нямам проблеми с машините,освен че и на двата компютъра като исках да си сменя паролата на един сайт,ми излезе прозорец с искане да си напиша електронната поща с който съм регистриран в сайта и като я написах след това ми излезе втори прозорец с подкана да напиша и паролата си за съответната поща.Нищо не смених в крайна сметка докато не установя къде е проблема.Изпращам резултатите от сканиране с FRST на настолния компютър : Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018 Ran by User1 (administrator) on PC1 (30-08-2018 15:49:50) Running from C:\Documents and Settings\User1\Desktop Loaded Profiles: User1 (Available Profiles: User1 & User2 & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe () C:\WINDOWS\tsnpstd3.exe () C:\WINDOWS\vsnpstd3.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\vpngui.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [262144 2006-06-19] () HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [827392 2006-09-19] () HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [8063200 2016-07-18] () HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Messenger (Yahoo!)] => "F:\SKYPE_~1\yahoo\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [395640 2011-05-02] (BitTorrent, Inc.) HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Google Update] => C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-12-02] (Google Inc.) HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [1447936 2018-07-27] (Adobe Systems Incorporated) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-03-28] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk [2018-08-30] ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{0227FD86-8C54-4C88-8029-3F44137A8ADF}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{1524681E-CD57-4084-9846-709C0A2CC0ED}: [NameServer] 192.168.100.40,192.168.100.140 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-220523388-412668190-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_152\bin\ssv.dll [2017-12-08] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_152\bin\jp2ssv.dll [2017-12-08] (Oracle Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-08] () FF Plugin: @java.com/DTPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\dtplugin\npDeployJava1.dll [2017-12-08] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\plugin2\npjp2.dll [2017-12-08] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.) FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-27] (Adobe Systems Incorporated) [File not signed] S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed] R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.) R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed] R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed] R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo) R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed] R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed] S3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [602112 2007-06-04] (Hewlett-Packard Co.) [File not signed] S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-01-12] (Oracle Corporation) R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed] R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed] R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [664040 2016-07-18] () S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed] S3 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed] R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed] R3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed] R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed] R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed] S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed] S2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed] R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-06-18] (Advanced Micro Devices) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.) R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed] R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [175008 2016-04-28] (BitDefender LLC) R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-19] (HP) R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-19] (HP) R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-19] (HP) R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed] R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4368896 2006-08-15] (Realtek Semiconductor Corp.) [File not signed] R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation) R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed] R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed] R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed] R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed] R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation) R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) S3 SNPSTD3; C:\WINDOWS\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.) R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed] R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed] S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-04-28] (BitDefender S.R.L.) S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed] R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed] R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed] S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed] R3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC) S3 catchme; \??\C:\DOCUME~1\User1\LOCALS~1\Temp\catchme.sys [X] S4 IntelIde; no ImagePath S2 StarOpen; no ImagePath S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X] S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-30 15:49 - 2018-08-30 15:50 - 000014109 _____ C:\Documents and Settings\User1\Desktop\FRST.txt 2018-08-30 15:15 - 2018-08-30 15:15 - 001773568 _____ (Farbar) C:\Documents and Settings\User1\Desktop\FRST.exe 2018-08-10 12:36 - 2018-08-10 12:40 - 000000000 ____D C:\Documents and Settings\User2\Desktop\куче Анжело 0887999938 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-30 15:50 - 2015-07-18 13:46 - 000000000 ____D C:\Documents and Settings\User1\Local Settings\temp 2018-08-30 15:49 - 2018-03-26 11:31 - 000000000 ____D C:\FRST 2018-08-30 15:48 - 2011-05-02 12:46 - 000000000 ____D C:\Documents and Settings\User1\Application Data\uTorrent 2018-08-30 15:31 - 2011-05-02 12:44 - 000000000 ____D C:\Program Files\Opera 2018-08-30 14:58 - 2016-02-20 13:25 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield 2018-08-30 14:58 - 2015-06-22 14:14 - 000000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2018-08-30 14:58 - 2015-06-22 14:14 - 000000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2018-08-30 14:58 - 2011-05-02 10:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-08-30 14:57 - 2018-03-27 15:50 - 000032638 _____ C:\WINDOWS\SchedLgU.Txt 2018-08-30 14:57 - 2011-05-02 12:10 - 000000178 ___SH C:\Documents and Settings\User1\ntuser.ini 2018-08-30 14:57 - 2011-05-02 12:10 - 000000000 ____D C:\Documents and Settings\User1 2018-08-30 14:55 - 2013-03-08 15:11 - 000001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003UA.job 2018-08-30 14:47 - 2015-04-26 09:48 - 000000000 ____D C:\Documents and Settings\User2\Application Data\Skype 2018-08-30 14:47 - 2011-05-02 13:28 - 000000000 ____D C:\Documents and Settings\User2\Local Settings\Temp 2018-08-30 12:55 - 2013-03-08 15:11 - 000001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003Core.job 2018-08-30 07:50 - 2001-08-23 12:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2018-08-25 12:48 - 2017-01-16 13:16 - 000000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2018-08-25 12:48 - 2011-05-02 10:10 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-08-09 12:25 - 2011-05-16 16:38 - 000000000 ____D C:\Program Files\Recuva 2018-08-02 14:29 - 2013-12-09 13:51 - 000000000 ____D C:\Documents and Settings\User2\Desktop\образци PDF ==================== Files in the root of some directories ======= 2011-05-02 13:33 - 2014-09-24 16:20 - 000014848 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-01 13:07 - 2014-01-01 13:07 - 000000036 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\housecall.guid.cache 2011-05-15 13:35 - 2011-05-15 13:35 - 000000056 _____ () C:\Documents and Settings\All Users\Application Data\ezsidmv.dat 2017-09-02 12:57 - 2018-04-11 15:32 - 000021736 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\dnsapi.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt
×
×
  • Добави ново...