Премини към съдържанието

    Препоръчан отговор


    Извинявам се че ви занимавам, но мисля, че имам някакъв вирус, ако може някой да го погледне, ако имам нещо, се надявам да ми помогнете да го премахнем. Ако все пак съм "чист" ... извинявайте за отнетото време.

    Благодаря

    DDS

    DDS (Ver_2011-09-30.01) - NTFS_x86

    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

    Run by Shteryan at 20:35:47 on 2012-07-13

    Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.3037.1124 [GMT 3:00]

    .

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ================

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\atiesrxx.exe

    C:\Windows\Installer\MSI2CDD.tmp

    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

    C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

    C:\Program Files\Google\Update\GoogleUpdate.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

    C:\Windows\system32\atieclxx.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\Dwm.exe

    C:\Program Files\Unlocker\UnlockerAssistant.exe

    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

    C:\Program Files\Dude\dude.exe

    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Launch Manager\LManager.EXE

    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe

    C:\Users\Shteryan\AppData\Local\Google\Update\GoogleUpdate.exe

    C:\Program Files\DAEMON Tools Lite\DTLite.exe

    C:\Program Files\uTorrent\uTorrent.exe

    C:\Program Files\Skype\Phone\Skype.exe

    C:\Program Files\RocketDock\RocketDock.exe

    C:\Program Files\Steam\Steam.exe

    C:\Users\Shteryan\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\rundll32.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Shteryan\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = about:blank

    uDefault_Search_URL = hxxp://www.google.com/ie

    uProxyOverride = <local>

    uSearchAssistant = hxxp://www.google.com/ie

    uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s

    uURLSearchHooks: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - <orphaned>

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

    BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

    BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

    BHO: FDMIECookiesBHO Class: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll

    BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

    uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

    uRun: [AtiTrayTools] "c:\program files\ray adams\ati tray tools\atitray.exe"

    uRun: [Google Update] "c:\users\shteryan\appdata\local\google\update\GoogleUpdate.exe" /c

    uRun: [Akamai NetSession Interface] "c:\users\shteryan\appdata\local\akamai\netsession_win.exe"

    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

    uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

    uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

    uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

    uRun: [steam] "c:\program files\steam\steam.exe" -silent

    mRun: [DudeServer] c:\program files\dude\dude.exe

    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

    mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

    mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe

    mRun: [PLFSetL] c:\windows\PLFSetL.exe

    mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

    mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

    mRun: [bonus.SSR.FR10] "c:\program files\abbyy finereader 10\Bonus.ScreenshotReader.exe" /autorun

    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

    mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

    mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

    mRun: [LManager] c:\program files\launch manager\LManager.EXE

    mRunOnce: [b Register c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus directshow filters\DirectShowDemuxFilter.dll",DllRegisterServer

    uPolicies-Explorer: TaskbarNoNotification = dword:0

    uPolicies-Explorer: NoWindowsUpdate = dword:0

    uPolicies-Explorer: NoAutorun = dword:1

    uPolicies-Explorer: DontSetAutoplayCheckbox = dword:0

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

    mPolicies-Explorer: NoCustomizeThisFolder = dword:0

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableLUA = dword:0

    mPolicies-System: EnableUIADesktopToggle = dword:0

    mPolicies-System: PromptOnSecureDesktop = dword:0

    mPolicies-System: NoDispAppearancePage = dword:0

    mPolicies-System: NoVirtMemPage = dword:0

    mPolicies-System: DisplayLastLogonInfo = dword:1

    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

    IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000

    IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105

    IE: Свали видеото с Free Download Manager - c:\program files\free download manager\dlfvideo.htm

    IE: Свали всички с Free Download Manager - c:\program files\free download manager\dlall.htm

    IE: Свали избраните с Free Download Manager - c:\program files\free download manager\dlselected.htm

    IE: Свали с Free Download Manager - c:\program files\free download manager\dllink.htm

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

    IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\icq7.7\ICQ.exe

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

    LSP: %SystemRoot%\System32\dynujwo.dll

    .

    INFO: HKCU has more than 50 listed domains.

    If you wish to scan all of them, select the 'Force scan all domains' option.

    .

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    TCP: NameServer = 192.168.1.1

    TCP: Interfaces\{02C1951F-38D9-4B31-9F1C-7A3AC0D9AAA8} : NameServer = 212.39.90.42,212.39.90.43

    TCP: Interfaces\{293958B6-ED7E-4925-9B64-85B7BC3D4942} : DHCPNameServer = 192.168.1.1

    TCP: Interfaces\{293958B6-ED7E-4925-9B64-85B7BC3D4942}\24F4C45465142544 : DHCPNameServer = 192.168.1.1

    TCP: Interfaces\{293958B6-ED7E-4925-9B64-85B7BC3D4942}\26162702A41636B6 : DHCPNameServer = 93.123.47.1

    TCP: Interfaces\{293958B6-ED7E-4925-9B64-85B7BC3D4942}\362336468303 : DHCPNameServer = 62.221.132.29 217.9.224.206

    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - LocalServer32 - <no file>

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

    SSODL: WebCheck - <orphaned>

    STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll

    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - c:\users\shteryan\appdata\roaming\mozilla\firefox\profiles\z5v5mp3d.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp

    FF - prefs.js: network.proxy.type - 0

    FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL

    FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL

    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

    FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

    FF - plugin: c:\program files\google\update\1.3.21.71\npGoogleUpdate3.dll

    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll

    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

    FF - plugin: c:\program files\oracle\javafx 2.0 runtime\bin\plugin2\npjp2.dll

    FF - plugin: c:\program files\vdownloader\addons\npVDownloader.dll

    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

    FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll

    FF - plugin: c:\users\shteryan\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

    FF - plugin: c:\users\shteryan\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll

    FF - plugin: c:\users\shteryan\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

    FF - plugin: c:\users\shteryan\appdata\roaming\facebook\npfbplugin_1_0_1.dll

    FF - plugin: c:\users\shteryan\appdata\roaming\facebook\npfbplugin_1_0_3.dll

    FF - plugin: c:\users\shteryan\appdata\roaming\mozilla\plugins\npgoogletalk.dll

    FF - plugin: c:\users\shteryan\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll

    FF - plugin: c:\windows\system32\npdeployJava1.dll

    FF - plugin: c:\windows\system32\npmproxy.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2011-12-18 3332784]

    R1 atitray;atitray;c:\program files\ray adams\ati tray tools\atitray.sys [2011-3-27 20384]

    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]

    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-5-28 217600]

    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-5-12 57688]

    R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2010-4-15 24576]

    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2011-8-4 1361288]

    R2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\installer\MSI2CDD.tmp [2010-4-25 86016]

    R2 Live Updater Service;Live Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2012-5-28 255376]

    R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-5-2 90112]

    R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-3-19 2666880]

    R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-5-28 9334784]

    R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-5-28 275968]

    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-7-7 86656]

    R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2011-7-12 38608]

    R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\drivers\KMWDFILTER.sys [2009-4-29 25088]

    R3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\drivers\nuvotoncir.sys [2009-6-24 44544]

    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-2-26 197224]

    S0 flqf4nvb;Vba32 Armour Driver;c:\windows\system32\drivers\flqf4nvb.sys [2010-10-15 35904]

    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-5-12 611672]

    S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\system32\appdrvrem01.exe svc --> c:\windows\system32\appdrvrem01.exe svc [?]

    S2 avast! Antivirus;avast! Antivirus;"c:\program files\avast software\avast\avastsvc.exe" --> c:\program files\avast software\avast\AvastSvc.exe [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 gupdate;Услуга на Google Актуализация (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-10 136176]

    S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-1-5 8192]

    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-11 250056]

    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

    S3 c2wts;Claims to Windows Token Service;c:\program files\windows identity foundation\v3.5\c2wtshost.exe [2010-1-18 13080]

    S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-10 136176]

    S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2011-6-17 105344]

    S3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [2011-1-12 13304]

    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-20 129976]

    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

    S3 NSJCPVCBTKW;NSJCPVCBTKW;c:\users\shteryan\appdata\local\temp\nsjcpvcbtkw.exe --> c:\users\shteryan\appdata\local\temp\NSJCPVCBTKW.exe [?]

    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

    S3 PsSdk40;PsSdk40;c:\windows\system32\drivers\pssdk40.sys [2012-1-12 36928]

    S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.sys [2012-1-12 53312]

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-24 15872]

    S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-5-2 86824]

    S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-5-2 15016]

    S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-5-2 114728]

    S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-5-2 106208]

    S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-5-2 26024]

    S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-5-2 104744]

    S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-5-2 109864]

    S3 SIVDRIVER;SIV Kernel Driver;c:\windows\system32\drivers\SIVX32.sys [2010-4-15 65600]

    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]

    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]

    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]

    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-24 52224]

    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

    S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-2 1343400]

    S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]

    .

    =============== Created Last 30 ================

    .

    2012-07-10 23:53:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

    2012-07-10 23:47:03 2345984 ----a-w- c:\windows\system32\win32k.sys

    2012-07-10 23:44:35 514560 ----a-w- c:\windows\system32\qdvd.dll

    2012-07-10 23:44:34 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

    2012-07-10 23:44:34 369336 ----a-w- c:\windows\system32\drivers\cng.sys

    2012-07-10 23:44:34 225280 ----a-w- c:\windows\system32\schannel.dll

    2012-07-10 23:44:34 219136 ----a-w- c:\windows\system32\ncrypt.dll

    2012-07-10 23:44:34 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

    2012-07-10 19:27:37 1390080 ----a-w- c:\windows\system32\msxml6.dll

    2012-07-10 19:27:36 2048 ----a-w- c:\windows\system32\msxml3r.dll

    2012-07-10 19:27:36 1236992 ----a-w- c:\windows\system32\msxml3.dll

    2012-07-10 19:27:34 805376 ----a-w- c:\windows\system32\cdosys.dll

    2012-07-10 19:27:34 1019904 ----a-w- c:\program files\common files\system\ado\msado15.dll

    2012-07-10 19:27:33 57344 ----a-w- c:\program files\common files\system\ado\msador15.dll

    2012-07-10 19:27:33 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

    2012-07-10 19:27:32 212992 ----a-w- c:\program files\common files\system\msadc\msadco.dll

    2012-07-10 19:27:31 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

    2012-07-10 19:27:31 143360 ----a-w- c:\program files\common files\system\ado\msjro.dll

    2012-07-06 22:07:08 86656 ----a-w- c:\windows\system32\drivers\AtihdW73.sys

    2012-06-30 23:43:06 164352 ----a-w- c:\windows\system32\profsvc.dll

    2012-06-30 23:42:57 140288 ----a-w- c:\windows\system32\cryptsvc.dll

    2012-06-30 23:42:57 1158656 ----a-w- c:\windows\system32\crypt32.dll

    2012-06-30 23:42:57 103936 ----a-w- c:\windows\system32\cryptnet.dll

    2012-06-30 18:47:05 -------- d-----w- c:\users\shteryan\appdata\roaming\DarkBlood ServiceNa

    2012-06-21 01:49:59 2422272 ----a-w- c:\windows\system32\wucltux.dll

    2012-06-21 01:49:41 88576 ----a-w- c:\windows\system32\wudriver.dll

    2012-06-21 01:49:14 33792 ----a-w- c:\windows\system32\wuapp.exe

    2012-06-21 01:49:14 171904 ----a-w- c:\windows\system32\wuwebv.dll

    2012-06-13 23:43:35 2342400 ----a-w- c:\windows\system32\msi.dll

    .

    ==================== Find3M ====================

    .

    2012-07-11 18:35:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-07-11 18:35:15 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-06-11 10:50:42 159232 ----a-w- c:\windows\system32\clinfo.exe

    2012-06-11 10:50:24 65024 ----a-w- c:\windows\system32\OpenVideo.dll

    2012-06-11 10:50:14 56320 ----a-w- c:\windows\system32\OVDecode.dll

    2012-06-11 10:49:22 13008896 ----a-w- c:\windows\system32\amdocl.dll

    2012-06-08 22:54:37 249856 ------w- c:\windows\Setup1.exe

    2012-06-08 22:54:35 73216 ----a-w- c:\windows\ST6UNST.EXE

    2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll

    2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll

    2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe

    2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb

    2012-05-04 16:29:22 772504 ----a-w- c:\windows\system32\npdeployJava1.dll

    2012-05-04 16:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll

    2012-04-28 04:41:44 919040 ----a-w- c:\windows\system32\rdpcorets.dll

    2012-04-28 03:17:07 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2012-04-26 04:45:55 58880 ----a-w- c:\windows\system32\rdpwsx.dll

    2012-04-26 04:45:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

    2012-04-26 04:41:16 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

    2010-01-26 08:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe

    2006-05-03 08:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll

    2007-02-21 09:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll

    2008-03-16 11:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll

    2010-01-06 21:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll

    .

    ============= FINISH: 20:36:41,25 ===============

    Attachs

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-09-30.01)

    .

    Microsoft Windows 7 Ultimate

    Boot Device: \Device\HarddiskVolume2

    Install Date: 15.4.2010 г. 15:23:44

    System Uptime: 11.7.2012 г. 18:36:42 (50 hours ago)

    .

    Motherboard: Acer | | Makalu

    Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | U2E1 | 2000/200mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 143 GiB total, 17,963 GiB free.

    D: is FIXED (NTFS) - 139 GiB total, 19,296 GiB free.

    E: is CDROM ()

    G: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e96d-e325-11ce-bfc1-08002be10318}

    Description: HDA CX11270 Soft Modem

    Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_1025015E&REV_1000\4&158CBE3A&0&0102

    Manufacturer: Conexant

    Name: HDA CX11270 Soft Modem

    PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_1025015E&REV_1000\4&158CBE3A&0&0102

    Service: Modem

    .

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

    Description: Vba32 Armour Driver

    Device ID: ROOT\LEGACY_FLQF4NVB\0000

    Manufacturer:

    Name: Vba32 Armour Driver

    PNP Device ID: ROOT\LEGACY_FLQF4NVB\0000

    Service: flqf4nvb

    .

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

    Description: ntiomin

    Device ID: ROOT\LEGACY_NTIOMIN\0000

    Manufacturer:

    Name: ntiomin

    PNP Device ID: ROOT\LEGACY_NTIOMIN\0000

    Service: ntiomin

    .

    ==== System Restore Points ===================

    .

    No restore point in system.

    .

    ==== Installed Programs ======================

    .

    µTorrent

    ABBYY FineReader 10 Professional Edition

    Acer Updater

    Adobe AIR

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.3)

    Adobe Shockwave Player 11.6

    AIMP3

    AMD Accelerated Video Transcoding

    AMD APP SDK Runtime

    AMD Catalyst Install Manager

    AMD Drag and Drop Transcoding

    AMD Media Foundation Decoders

    Atheros Client Installation Program

    Audacity 2.0

    Catalyst Control Center

    Catalyst Control Center - Branding

    Catalyst Control Center Graphics Previews Common

    Catalyst Control Center Localization All

    ccc-utility

    CCC Help Chinese Standard

    CCC Help Chinese Traditional

    CCC Help Czech

    CCC Help Danish

    CCC Help Dutch

    CCC Help English

    CCC Help Finnish

    CCC Help French

    CCC Help German

    CCC Help Greek

    CCC Help Hungarian

    CCC Help Italian

    CCC Help Japanese

    CCC Help Korean

    CCC Help Norwegian

    CCC Help Polish

    CCC Help Portuguese

    CCC Help Russian

    CCC Help Spanish

    CCC Help Swedish

    CCC Help Thai

    CCC Help Turkish

    CCleaner

    Corel Graphics - Windows Shell Extension

    CorelDRAW Graphics Suite X6

    CorelDRAW Graphics Suite X6 - Capture

    CorelDRAW Graphics Suite X6 - Common

    CorelDRAW Graphics Suite X6 - Connect

    CorelDRAW Graphics Suite X6 - Custom Data

    CorelDRAW Graphics Suite X6 - Draw

    CorelDRAW Graphics Suite X6 - EN

    CorelDRAW Graphics Suite X6 - Filters

    CorelDRAW Graphics Suite X6 - FontNav

    CorelDRAW Graphics Suite X6 - IPM

    CorelDRAW Graphics Suite X6 - PHOTO-PAINT

    CorelDRAW Graphics Suite X6 - Photozoom Plugin

    CorelDRAW Graphics Suite X6 - Redist

    CorelDRAW Graphics Suite X6 - Setup Files

    CorelDRAW Graphics Suite X6 - VBA

    CorelDRAW Graphics Suite X6 - VideoBrowser

    CorelDRAW Graphics Suite X6 - VSTA

    CorelDRAW Graphics Suite X6 - Writing Tools

    DAEMON Tools Lite

    DarkBloodOnline

    Daum PotPlayer 1.5.33573

    Diablo 2 &Diablo 2: Lord Of Destruction

    DivX Setup

    Dota 2

    Garena Plus

    Google Chrome

    Google Update Helper

    HDD Regenerator

    Hero Editor V1.04

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

    ICQ7.7

    Java Auto Updater

    Java™ 7 Update 5

    JavaFX 2.1.1

    LADSPA_plugins-win-0.4.15

    LAME v3.99.3 (for Windows)

    Launch Manager

    Lisas Fleet Flight 1.00

    Lunascape6 (All Users)

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 4 Client Profile

    Microsoft .NET Framework 4 Extended

    Microsoft Games for Windows - LIVE Redistributable

    Microsoft Games for Windows Marketplace

    Microsoft Office ScreenTip Language 2010 – български

    Microsoft Visual Basic for Applications 7.1 (x86)

    Microsoft Visual Basic for Applications 7.1 (x86) English

    Microsoft Visual Basic PowerPacks 10.0

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual Studio Tools for Applications 2.0 - ENU

    mIRC

    Monument Builders - Titanic

    Mortal Kombat Arcade Kollection

    Mozilla Firefox 12.0 (x86 bg)

    Mozilla Maintenance Service

    NVIDIA PhysX

    Opera 12.00

    Orcs Must Die!

    Picasa 3

    PicPick

    POD-Bot 2.5

    Realtek High Definition Audio Driver

    RegInOut System Utilities

    RocketDock 1.3.5

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

    SEGA Mega Drive Classic Collection: Gold Edition

    Skype™ 5.9

    Steam

    SUPER © v2012.build.50 (February 21st, 2012) version v2012.buil

    swMSM

    Synaptics Pointing Device Driver

    System Requirements Lab CYRI

    TeamSpeak 3 Client

    TeamViewer 7

    TeraCopy 2.3 beta

    The Dude

    TortoiseSVN 1.7.7.22907 (32 bit)

    Unity Web Player

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft .NET Framework 4 Extended (KB2468871)

    Update for Microsoft .NET Framework 4 Extended (KB2533523)

    Update for Microsoft .NET Framework 4 Extended (KB2600217)

    VC80CRTRedist - 8.0.50727.6195

    Warcraft III: All Products

    Windows 7 Tweaker 3.8

    .

    ==== Event Viewer Messages From Past Week ========

    .

    7.7.2012 г. 13:20:32, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding

    7.7.2012 г. 03:32:16, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    13.7.2012 г. 20:30:40, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding

    13.7.2012 г. 20:21:54, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    13.7.2012 г. 20:08:30, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    12.7.2012 г. 15:31:18, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding

    11.7.2012 г. 18:39:38, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: aswSnx ATITool ntiomin

    11.7.2012 г. 18:39:07, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - Компютърът е рестартиран от проверка за грешки. Проверката е: 0x0000007e (0xc0000005, 0x83438856, 0x8e523648, 0x8e523220). Разтоварването е записано в: C:\Windows\MEMORY.DMP. ИД на доклада: 071112-107562-01.

    11.7.2012 г. 18:39:00, Error: Service Control Manager [7000] - Услуга avast! Antivirus не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл.

    11.7.2012 г. 18:38:54, Error: Service Control Manager [7023] - Услуга WWAN AutoConfig прекъсна със следната грешка: Достъпът е отказан.

    11.7.2012 г. 02:59:20, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    10.7.2012 г. 21:33:44, Error: Service Control Manager [7031] - Услуга Akamai NetSession Interface беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 1000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.

    .

    ==== End Of File ===========================

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте..!За съжаление системата ви е заразена..!

    Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук и го запазете на десктопа си.

    • Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
    Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs
    • Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.
    Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
    • Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repair режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.
    • Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console. В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.
    ** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.

    Публикувано изображение

    След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:

    Публикувано изображение

    Изберете Yes, за да продължи сканирането за зловреден софтуер.

    Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:ComboFix.txt в следващия Ви коментар в тази тема.

    Бележка:

    • Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа.
    • ComboFix ще нулира всички настройки на Microsoft Internet Explorer, включително да направи IE браузър по подразбиране.
    • ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразяват чрез autorun. Ако това е проблем за вас - моля, уведомете ме.
    • ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си.
    • В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:BUG.txt в следващия Ви коментар в тази тема.
    Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.Архивирайте папката C:Qoobox и я качете тук . Изпратете линка на лична за да го прегледам.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    ComboFix 12-07-13.03 - Shteryan 07.2012 г. 23:13:43.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.3037.2125 [GMT 3:00] Running from: c:usersShteryanDesktopComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:DSC00140.JPG C:DSC00141.JPG c:programdataeBay.ico c:programdatahpeC002.dll c:programdataMicrosoftWindowsStart MenuProgramsRelevantKnowledge c:programdataMicrosoftWindowsStart MenuProgramsRelevantKnowledgeAbout RelevantKnowledge.lnk c:programdataMicrosoftWindowsStart MenuProgramsRelevantKnowledgePrivacy Policy and User License Agreement.lnk c:programdataMicrosoftWindowsStart MenuProgramsRelevantKnowledgeSupport.lnk c:programdataQuickStores.ico c:programdataxml9E21.tmp c:programdataxmlA053.tmp c:programdataxmlA054.tmp c:programdataxmlA055.tmp c:usersShteryanAppDataLocalassemblytmp c:usersShteryanAppDataLocalTempDIR c:usersShteryanAppDataLocalTempDIRBetterInstaller.exe c:usersShteryanAppDataRoaminglog.txt c:windowsiun6002.exe c:windowssecurityDatabasetmp.edb c:windowssystem32cc32100mt.dll c:windowssystem32driversetchosts.ics c:windowssystem32networkdlllsp.dll c:windowsXSxS . . ((((((((((((((((((((((((( Files Created from 2012-06-13 to 2012-07-13 ))))))))))))))))))))))))))))))) . . 2012-07-10 23:53 . 2012-06-02 08:25 1427968 ----a-w- c:windowssystem32inetcpl.cpl 2012-07-10 23:47 . 2012-06-12 02:40 2345984 ----a-w- c:windowssystem32win32k.sys 2012-07-10 23:44 . 2012-05-04 09:59 514560 ----a-w- c:windowssystem32qdvd.dll 2012-07-10 23:44 . 2012-06-02 04:45 67440 ----a-w- c:windowssystem32driversksecdd.sys 2012-07-10 23:44 . 2012-06-02 04:45 134000 ----a-w- c:windowssystem32driversksecpkg.sys 2012-07-10 23:44 . 2012-06-02 04:40 369336 ----a-w- c:windowssystem32driverscng.sys 2012-07-10 23:44 . 2012-06-02 04:40 225280 ----a-w- c:windowssystem32schannel.dll 2012-07-10 23:44 . 2012-06-02 04:39 219136 ----a-w- c:windowssystem32ncrypt.dll 2012-07-10 19:27 . 2012-06-06 05:05 1390080 ----a-w- c:windowssystem32msxml6.dll 2012-07-10 19:27 . 2012-06-06 05:05 1236992 ----a-w- c:windowssystem32msxml3.dll 2012-07-10 19:27 . 2010-06-26 03:24 2048 ----a-w- c:windowssystem32msxml3r.dll 2012-07-10 19:27 . 2012-06-06 05:05 1019904 ----a-w- c:program filesCommon FilesSystemadomsado15.dll 2012-07-10 19:27 . 2012-06-06 05:03 805376 ----a-w- c:windowssystem32cdosys.dll 2012-07-10 19:27 . 2012-06-06 05:05 57344 ----a-w- c:program filesCommon FilesSystemadomsador15.dll 2012-07-10 19:27 . 2012-06-06 05:05 352256 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll 2012-07-10 19:27 . 2012-06-06 05:05 212992 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll 2012-07-10 19:27 . 2012-06-06 05:05 143360 ----a-w- c:program filesCommon FilesSystemadomsjro.dll 2012-07-10 19:27 . 2012-06-06 05:05 372736 ----a-w- c:program filesCommon FilesSystemadomsadox.dll 2012-07-06 22:07 . 2012-05-14 06:12 86656 ----a-w- c:windowssystem32driversAtihdW73.sys 2012-06-30 23:43 . 2012-05-01 04:44 164352 ----a-w- c:windowssystem32profsvc.dll 2012-06-30 23:42 . 2012-04-24 04:36 140288 ----a-w- c:windowssystem32cryptsvc.dll 2012-06-30 23:42 . 2012-04-24 04:36 1158656 ----a-w- c:windowssystem32crypt32.dll 2012-06-30 23:42 . 2012-04-24 04:36 103936 ----a-w- c:windowssystem32cryptnet.dll 2012-06-30 18:47 . 2012-06-30 18:51 -------- d-----w- c:usersShteryanAppDataRoamingDarkBlood ServiceNa 2012-06-21 01:50 . 2012-06-02 22:19 53784 ----a-w- c:windowssystem32wuauclt.exe 2012-06-21 01:50 . 2012-06-02 22:19 45080 ----a-w- c:windowssystem32wups2.dll 2012-06-21 01:49 . 2012-06-02 22:19 1933848 ----a-w- c:windowssystem32wuaueng.dll 2012-06-21 01:49 . 2012-06-02 22:12 2422272 ----a-w- c:windowssystem32wucltux.dll 2012-06-21 01:49 . 2012-06-02 22:19 35864 ----a-w- c:windowssystem32wups.dll 2012-06-21 01:49 . 2012-06-02 22:19 577048 ----a-w- c:windowssystem32wuapi.dll 2012-06-21 01:49 . 2012-06-02 22:12 88576 ----a-w- c:windowssystem32wudriver.dll 2012-06-21 01:49 . 2012-06-02 12:19 171904 ----a-w- c:windowssystem32wuwebv.dll 2012-06-21 01:49 . 2012-06-02 12:12 33792 ----a-w- c:windowssystem32wuapp.exe 2012-06-13 23:43 . 2012-04-07 11:26 2342400 ----a-w- c:windowssystem32msi.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-11 18:35 . 2012-04-11 19:56 426184 ----a-w- c:windowssystem32FlashPlayerApp.exe 2012-07-11 18:35 . 2011-07-18 18:33 70344 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2012-06-11 10:50 . 2012-06-11 10:50 159232 ----a-w- c:windowssystem32clinfo.exe 2012-06-11 10:50 . 2012-06-11 10:50 65024 ----a-w- c:windowssystem32OpenVideo.dll 2012-06-11 10:50 . 2012-06-11 10:50 56320 ----a-w- c:windowssystem32OVDecode.dll 2012-06-11 10:49 . 2012-06-11 10:49 13008896 ----a-w- c:windowssystem32amdocl.dll 2012-06-08 22:54 . 2012-06-08 22:54 249856 ------w- c:windowsSetup1.exe 2012-06-08 22:54 . 2012-06-08 22:54 73216 ----a-w- c:windowsST6UNST.EXE 2012-05-04 16:29 . 2012-02-28 18:01 772504 ----a-w- c:windowssystem32npdeployJava1.dll 2012-05-04 16:29 . 2010-04-16 07:02 687504 ----a-w- c:windowssystem32deployJava1.dll 2012-04-28 04:41 . 2012-06-12 20:31 919040 ----a-w- c:windowssystem32rdpcorets.dll 2012-04-28 03:17 . 2012-06-12 20:31 183808 ----a-w- c:windowssystem32driversrdpwd.sys 2012-04-26 04:45 . 2012-06-12 20:31 58880 ----a-w- c:windowssystem32rdpwsx.dll 2012-04-26 04:45 . 2012-06-12 20:31 129536 ----a-w- c:windowssystem32rdpcorekmts.dll 2012-04-26 04:41 . 2012-06-12 20:31 8192 ----a-w- c:windowssystem32rdrmemptylst.exe 2010-01-26 08:11 . 2011-07-14 20:09 444283 ----a-w- c:program filesCommon FilesWinPcapNmap.exe 2012-05-20 20:02 . 2011-06-23 17:55 97208 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll 2006-05-03 08:06 163328 --sha-r- c:windowsSystem32flvDX.dll 2007-02-21 09:47 31232 --sha-r- c:windowsSystem32msfDX.dll 2008-03-16 11:30 216064 --sha-r- c:windowsSystem32nbDX.dll 2010-01-06 21:00 107520 --sha-r- c:windowsSystem32TAKDSDecoder.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "ISUSPM"="c:program filesCommon FilesInstallShieldUpdateServiceISUSPM.exe" [2006-03-20 213936] "AtiTrayTools"="c:program filesRay AdamsATI Tray Toolsatitray.exe" [2011-04-16 929792] "DAEMON Tools Lite"="c:program filesDAEMON Tools LiteDTLite.exe" [2011-11-10 3514176] "uTorrent"="c:program filesuTorrentuTorrent.exe" [2012-07-04 904080] "Skype"="c:program filesSkypePhoneSkype.exe" [2012-06-05 17344176] "RocketDock"="c:program filesRocketDockRocketDock.exe" [2007-09-02 495616] "Steam"="c:program filesSteamsteam.exe" [2012-05-22 1242448] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "DudeServer"="c:program filesDudedude.exe" [2011-01-03 4836352] "QuickTime Task"="c:program filesQuickTimeQTTask.exe" [2011-07-05 421888] "UnlockerAssistant"="c:program filesUnlockerUnlockerAssistant.exe" [2010-07-04 17408] "amd_dc_opt"="c:program filesAMDDual-Core Optimizeramd_dc_opt.exe" [2008-07-22 77824] "PLFSetL"="c:windowsPLFSetL.exe" [2008-07-03 94208] "RTHDVCPL"="c:program filesRealtekAudioHDARtHDVCpl.exe" [2011-10-17 11430504] "SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2011-06-23 2274600] "Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-01-03 843712] "Bonus.SSR.FR10"="c:program filesABBYY FineReader 10Bonus.ScreenshotReader.exe" [2011-06-08 941320] "DivXUpdate"="c:program filesDivXDivX UpdateDivXUpdate.exe" [2011-07-28 1259376] "StartCCC"="c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-04-05 641664] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-17 252296] "LManager"="c:program filesLaunch ManagerLManager.EXE" [2009-09-15 842248] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "DisplayLastLogonInfo"= 1 (0x1) . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoCustomizeThisFolder"= 0 (0x0) . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "TaskbarNoNotification"= 0 (0x0) "NoAutorun"= 1 (0x1) "DontSetAutoplayCheckbox"= 0 (0x0) . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ 0 . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGoogle Update] 2010-12-16 14:01 136176 ----atw- c:usersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSalem Secrets OLR] 2009-12-17 11:27 79104 ------w- c:progra~1Avanquest Software Publishing LtdOLRSalem SecretsBVRPOLR.exe . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "Sony Ericsson PC Companion"="c:program filesSony EricssonSony Ericsson PC CompanionPCCompanion.exe" /systray /nologon . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-] "PLFSetI"=c:windowsPLFSetI.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center] "AntiSpyWareDisableNotify"=dword:00000001 . R0 flqf4nvb;Vba32 Armour Driver;c:windowsSystem32Driversflqf4nvb.sys [x] R1 aswSnx;aswSnx; [x] R1 ntiomin;ntiomin; [x] R2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc [x] R2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [x] R2 KMService;KMService;c:windowssystem32srvany.exe [x] R2 OMSI download service;Sony Ericsson OMSI download service;c:program filesSony EricssonSony Ericsson PC SuiteSupServ.exe [x] R2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [x] R3 c2wts;Claims to Windows Token Service;c:program filesWindows Identity Foundationv3.5c2wtshost.exe [x] R3 cpuz130;cpuz130;c:usersShteryanAppDataLocalTempcpuz130cpuz_x32.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:windowssystem32DRIVERSew_hwusbdev.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:windowssystem32DRIVERSewusbnet.sys [x] R3 GarenaPEngine;GarenaPEngine;c:usersShteryanAppDataLocalTempMJJ2536.tmp [x] R3 GGSAFERDriver;GGSAFER Driver;c:program filesGarena PlusRoomsafedrv.sys [x] R3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [x] R3 huawei_enumerator;huawei_enumerator;c:windowssystem32DRIVERSew_jubusenum.sys [x] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:windowssystem32DRIVERSjrdusbser.sys [x] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:windowssystem32DRIVERSManyCam.sys [x] R3 MonitorFunction;Driver for Monitor;c:windowssystem32DRIVERSTVMonitor.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesMozilla Maintenance Servicemaintenanceservice.exe [x] R3 npggsvc;nProtect GameGuard Service;c:windowssystem32GameMon.des [x] R3 NSJCPVCBTKW;NSJCPVCBTKW;c:usersShteryanAppDataLocalTempNSJCPVCBTKW.exe [x] R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [x] R3 PCANDIS4_RETWIFI;PCANDIS4_RETWIFI Protocol Driver;c:progra~1eEye Digital SecurityRetina Wireless ScannerPCANDIS4_RETWIFI.SYS [x] R3 PCANDIS5_WIFISCAN.SYS;PCANDIS5_WIFISCAN.SYS;c:program fileseEye Digital SecurityRetina Wireless ScannerPCANDIS5_WIFISCAN.SYS [x] R3 pcouffin;VSO Software pcouffin;c:windowssystem32Driverspcouffin.sys [x] R3 PsSdk40;PsSdk40;c:windowssystem32Driverspssdk40.sys [x] R3 PsSdkLBF;PsSdkLBF;c:windowssystem32Driverspssdklbf.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [x] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:windowssystem32DRIVERSs1018bus.sys [x] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:windowssystem32DRIVERSs1018mdfl.sys [x] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:windowssystem32DRIVERSs1018mdm.sys [x] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:windowssystem32DRIVERSs1018mgmt.sys [x] R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:windowssystem32DRIVERSs1018nd5.sys [x] R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:windowssystem32DRIVERSs1018obex.sys [x] R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:windowssystem32DRIVERSs1018unic.sys [x] R3 SIVDRIVER;SIV Kernel Driver;c:windowssystem32DriversSIVX32.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:windowssystem32DRIVERSVSTAZL3.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:windowssystem32DRIVERSVSTDPV3.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:windowssystem32DRIVERSVSTCNXT3.SYS [x] R3 Synth3dVsc;Synth3dVsc;c:windowssystem32driverssynth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:windowssystem32driverstsusbhub.sys [x] R3 VGPU;VGPU;c:windowssystem32driversrdvgkmd.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32DRIVERSvwifimp.sys [x] R3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:windowssystem32WatWatAdminSvc.exe [x] R3 winbondcir;Winbond IR Transceiver;c:windowssystem32DRIVERSwinbondcir.sys [x] R3 XDva348;XDva348;c:windowssystem32XDva348.sys [x] R3 XDva375;XDva375;c:windowssystem32XDva375.sys [x] R3 XDva398;XDva398;c:windowssystem32XDva398.sys [x] S0 sptd;sptd;c:windowsSystemRootSystem32Driverssptd.sys [x] S1 appdrv01;Application Driver (01);c:windowssystem32Driversappdrv01.sys [x] S1 atitray;atitray;c:program filesRay AdamsATI Tray Toolsatitray.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:program filesCommon FilesAdobeARM1.0armsvc.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [x] S2 ETService;Empowering Technology Service;c:program filesAcerEmpowering TechnologyServiceETService.exe [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:program filesLogMeIn Hamachihamachi-2.exe [x] S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:windowsInstallerMSI2CDD.tmp [x] S2 Live Updater Service;Live Updater Service;c:program filesAcerAcer UpdaterUpdaterService.exe [x] S2 npf;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [x] S2 TeamViewer7;TeamViewer 7;c:program filesTeamViewerVersion7TeamViewer_Service.exe [x] S3 amdkmdag;amdkmdag;c:windowssystem32DRIVERSatikmdag.sys [x] S3 amdkmdap;amdkmdap;c:windowssystem32DRIVERSatikmpag.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [x] S3 DKRtWrt;DKRtWrt;c:windowssystem32DRIVERSDKRtWrt.sys [x] S3 KMWDFILTERx86;HIDServiceDesc;c:windowssystem32DRIVERSKMWDFILTER.sys [x] S3 nuvotoncir;Nuvoton IR Transceiver;c:windowssystem32DRIVERSnuvotoncir.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-13 c:windowsTasksAdobe Flash Player Updater.job - c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2012-04-11 18:35] . 2012-07-13 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2011-07-10 18:17] . 2012-07-13 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001Core.job - c:usersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-16 14:01] . . ------- Supplementary Scan ------- . uStart Page = about:blank uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s IE: Add to Google Photos Screensa&ver - c:windowssystem32GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:progra~1MIF5BA~1Office14EXCEL.EXE/3000 IE: Se&nd to OneNote - c:progra~1MIF5BA~1Office14ONBttnIE.dll/105 IE: Свали видеото с Free Download Manager - file://c:program filesFree Download Managerdlfvideo.htm IE: Свали всички с Free Download Manager - file://c:program filesFree Download Managerdlall.htm IE: Свали избраните с Free Download Manager - file://c:program filesFree Download Managerdlselected.htm IE: Свали с Free Download Manager - file://c:program filesFree Download Managerdllink.htm IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:program filesICQ7.7ICQ.exe LSP: %SystemRoot%System32dynujwo.dll TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces{02C1951F-38D9-4B31-9F1C-7A3AC0D9AAA8}: NameServer = 212.39.90.42,212.39.90.43 FF - ProfilePath - c:usersShteryanAppDataRoamingMozillaFirefoxProfilesz5v5mp3d.default FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file) ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - (no file) ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - (no file) HKCU-Run-Akamai NetSession Interface - c:usersShteryanAppDataLocalAkamainetsession_win.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesGarenaPEngine] "ImagePath"="??c:usersShteryanAppDataLocalTempMJJ2536.tmp" . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesHyperDeskCustomThemeEnabler] "ImagePath"=""c:windowsInstallerMSI2CDD.tmp" -service" . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesnpggsvc] "ImagePath"="c:windowssystem32GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{645FF040-5081-101B-9F08-00AA002F954E}shellB20@O=5 *=0 *C*C*l*e*a*n*e*r*& command] @="c:Program FilesCCleanerccleaner.exe" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0000AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0001AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0002AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0006AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0007AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . Completion time: 2012-07-13 23:38:42 ComboFix-quarantined-files.txt 2012-07-13 20:38 . Pre-Run: 19 060 756 480 bytes free Post-Run: 19 075 792 896 bytes free . - - End Of File - - 532BFC95BEFA05386D828664EF97BF0D

    Редактирано от AcTePuKc (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Публикувано изображение Моля, изтеглете aswMBR и го запазете на вашия десктоп.

    • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
    • Изчакайте да изтегли дефинициите на avast!
    • От падащото меню посочете дял C: както е на снимката:
    Публикувано изображение
    • Изберете Scan бутона, за да започне проверката.
    • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.
    Публикувано изображение Моля, изтеглете последната версия на TDSSKiller - оттук и я запазете на вашия декстоп.
    • Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.

      Публикувано изображение

    • Сложете отметки пред Verify Driver Digital Signature и Detect TDLFS file system и натиснете ОК.

      Публикувано изображение

    • Натиснете бутона Start Scan.

      Публикувано изображение

    • Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.

      Публикувано изображение

    • Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.

      Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.

      Публикувано изображение

      Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.

    • Лог файл ще бъде създаден в свободната директория на дял C: . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ужас това .. сканира 4 часа, че и повече ...

    след 4 часа екрана стана черен и не можех да правя нищо, чаках го 20-на мин и ... го рестартирах ... това се отнася само за сканирането с aswMBR, лога ... е загубен нали така или мога да го намеря някъде

    откри ми 2 "вируса" в игра, която бях теглил от интернет, от официалния им сайт, но както и да е ... ако трябва ще го пусна пак, за сега ще продължа с TDDSKiller-a

    TDDSKiller

    19:41:17.0375 5468 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

    19:41:17.0627 5468 ============================================================

    19:41:17.0627 5468 Current date / time: 2012/07/14 19:41:17.0627

    19:41:17.0627 5468 SystemInfo:

    19:41:17.0627 5468

    19:41:17.0627 5468 OS Version: 6.1.7601 ServicePack: 1.0

    19:41:17.0627 5468 Product type: Workstation

    19:41:17.0628 5468 ComputerName: ACTEPUKC

    19:41:17.0628 5468 UserName: Shteryan

    19:41:17.0628 5468 Windows directory: C:Windows

    19:41:17.0628 5468 System windows directory: C:Windows

    19:41:17.0628 5468 Processor architecture: Intel x86

    19:41:17.0628 5468 Number of processors: 2

    19:41:17.0628 5468 Page size: 0x1000

    19:41:17.0628 5468 Boot type: Normal boot

    19:41:17.0628 5468 ============================================================

    19:41:18.0433 5468 Drive DeviceHarddisk0DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

    19:41:18.0436 5468 ============================================================

    19:41:18.0436 5468 DeviceHarddisk0DR0:

    19:41:18.0436 5468 MBR partitions:

    19:41:18.0436 5468 DeviceHarddisk0DR0Partition0: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x11E16800

    19:41:18.0436 5468 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x13617000, BlocksNum 0x11700000

    19:41:18.0436 5468 ============================================================

    19:41:18.0505 5468 C: <-> DeviceHarddisk0DR0Partition0

    19:41:18.0568 5468 D: <-> DeviceHarddisk0DR0Partition1

    19:41:18.0568 5468 ============================================================

    19:41:18.0568 5468 Initialize success

    19:41:18.0568 5468 ============================================================

    19:41:38.0335 1284 ============================================================

    19:41:38.0335 1284 Scan started

    19:41:38.0335 1284 Mode: Manual; SigCheck; TDLFS;

    19:41:38.0335 1284 ============================================================

    19:41:39.0880 1284 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:Windowssystem32drivers1394ohci.sys

    19:41:40.0020 1284 1394ohci - ok

    19:41:40.0082 1284 ACPI (cea80c80bed809aa0da6febc04733349) C:Windowssystem32driversACPI.sys

    19:41:40.0114 1284 ACPI - ok

    19:41:40.0176 1284 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:Windowssystem32driversacpipmi.sys

    19:41:40.0332 1284 AcpiPmi - ok

    19:41:40.0784 1284 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:Program FilesCommon FilesAdobeARM1.0armsvc.exe

    19:41:40.0816 1284 AdobeARMservice - ok

    19:41:41.0720 1284 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe

    19:41:41.0830 1284 AdobeFlashPlayerUpdateSvc - ok

    19:41:42.0204 1284 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:Windowssystem32DRIVERSadp94xx.sys

    19:41:42.0251 1284 adp94xx - ok

    19:41:42.0298 1284 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:Windowssystem32DRIVERSadpahci.sys

    19:41:42.0360 1284 adpahci - ok

    19:41:42.0407 1284 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:Windowssystem32DRIVERSadpu320.sys

    19:41:42.0422 1284 adpu320 - ok

    19:41:42.0656 1284 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:WindowsSystem32aelupsvc.dll

    19:41:42.0859 1284 AeLookupSvc - ok

    19:41:42.0937 1284 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:Windowssystem32driversafd.sys

    19:41:43.0000 1284 AFD - ok

    19:41:43.0062 1284 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:Windowssystem32driversagp440.sys

    19:41:43.0078 1284 agp440 - ok

    19:41:43.0280 1284 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:Windowssystem32DRIVERSdjsvs.sys

    19:41:43.0327 1284 aic78xx - ok

    19:41:43.0421 1284 ALG (18a54e132947cd98fea9accc57f98f13) C:WindowsSystem32alg.exe

    19:41:43.0468 1284 ALG - ok

    19:41:43.0530 1284 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:Windowssystem32driversaliide.sys

    19:41:43.0546 1284 aliide - ok

    19:41:43.0951 1284 AMD External Events Utility (50ebbb86e493bd9ab7ddf914a90eef8e) C:Windowssystem32atiesrxx.exe

    19:41:44.0092 1284 AMD External Events Utility - ok

    19:41:44.0154 1284 amdagp (3c6600a0696e90a463771c7422e23ab5) C:Windowssystem32driversamdagp.sys

    19:41:44.0170 1284 amdagp - ok

    19:41:44.0248 1284 amdide (cd5914170297126b6266860198d1d4f0) C:Windowssystem32driversamdide.sys

    19:41:44.0263 1284 amdide - ok

    19:41:44.0357 1284 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:Windowssystem32DRIVERSamdk8.sys

    19:41:44.0388 1284 AmdK8 - ok

    19:41:54.0871 1284 amdkmdag (70eb74785ab7fc603fef19d87b7a7946) C:Windowssystem32DRIVERSatikmdag.sys

    19:41:55.0246 1284 amdkmdag - ok

    19:41:57.0492 1284 amdkmdap (ba99833bbde9c4ff389fc8114fb14843) C:Windowssystem32DRIVERSatikmpag.sys

    19:41:57.0617 1284 amdkmdap - ok

    19:41:57.0679 1284 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:Windowssystem32DRIVERSAmdLLD.sys

    19:41:57.0726 1284 AmdLLD - ok

    19:41:57.0851 1284 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:Windowssystem32DRIVERSamdppm.sys

    19:41:57.0898 1284 AmdPPM - ok

    19:41:58.0085 1284 amdsata (d320bf87125326f996d4904fe24300fc) C:Windowssystem32driversamdsata.sys

    19:41:58.0100 1284 amdsata - ok

    19:41:58.0319 1284 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:Windowssystem32DRIVERSamdsbs.sys

    19:41:58.0366 1284 amdsbs - ok

    19:41:58.0397 1284 amdxata (46387fb17b086d16dea267d5be23a2f2) C:Windowssystem32driversamdxata.sys

    19:41:58.0412 1284 amdxata - ok

    19:42:03.0389 1284 appdrv01 (98f481241ba8bba38aa565bd3bf678f9) C:Windowssystem32Driversappdrv01.sys

    19:42:03.0514 1284 appdrv01 - ok

    19:42:03.0950 1284 appdrvrem01 - ok

    19:42:04.0387 1284 AppID (aea177f783e20150ace5383ee368da19) C:Windowssystem32driversappid.sys

    19:42:04.0496 1284 AppID - ok

    19:42:04.0637 1284 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:WindowsSystem32appidsvc.dll

    19:42:04.0699 1284 AppIDSvc - ok

    19:42:04.0730 1284 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:WindowsSystem32appinfo.dll

    19:42:04.0777 1284 Appinfo - ok

    19:42:04.0871 1284 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:WindowsSystem32appmgmts.dll

    19:42:04.0949 1284 AppMgmt - ok

    19:42:05.0089 1284 arc (2932004f49677bd84dbc72edb754ffb3) C:Windowssystem32DRIVERSarc.sys

    19:42:05.0105 1284 arc - ok

    19:42:05.0136 1284 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:Windowssystem32DRIVERSarcsas.sys

    19:42:05.0152 1284 arcsas - ok

    19:42:05.0760 1284 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:WindowsMicrosoft.NETFrameworkv4.0.30319aspnet_state.exe

    19:42:05.0807 1284 aspnet_state - ok

    19:42:05.0932 1284 aswMonFlt (db4f54dc3b9b537952e83f1925a4c1dc) C:Windowssystem32driversaswMonFlt.sys

    19:42:05.0947 1284 aswMonFlt - ok

    19:42:06.0025 1284 AswRdr (a25a20789281fbb3b6296e5cbb2e2861) C:Windowssystem32driversAswRdr.sys

    19:42:06.0072 1284 AswRdr - ok

    19:42:06.0914 1284 aswSnx (a1753b1b53d4ab7a50a28c527ceeeade) C:Windowssystem32driversaswSnx.sys

    19:42:07.0008 1284 aswSnx - ok

    19:42:07.0039 1284 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:Windowssystem32DRIVERSasyncmac.sys

    19:42:07.0164 1284 AsyncMac - ok

    19:42:07.0320 1284 atapi (338c86357871c167a96ab976519bf59e) C:Windowssystem32driversatapi.sys

    19:42:07.0382 1284 atapi - ok

    19:42:09.0254 1284 athr (d59e7a5daa08c91172e95b4f1ca6d8c3) C:Windowssystem32DRIVERSathr.sys

    19:42:09.0410 1284 athr - ok

    19:42:10.0206 1284 AtiHDAudioService (434192d027a6a11e32e1c74c7c43e1ed) C:Windowssystem32driversAtihdW73.sys

    19:42:10.0222 1284 AtiHDAudioService - ok

    19:42:10.0284 1284 AtiHdmiService (36a49b49e982450ac117eda6ab35bdf5) C:Windowssystem32driversAtiHdmi.sys

    19:42:10.0315 1284 AtiHdmiService ( UnsignedFile.Multi.Generic ) - warning

    19:42:10.0315 1284 AtiHdmiService - detected UnsignedFile.Multi.Generic (1)

    19:42:11.0282 1284 atikmdag (70eb74785ab7fc603fef19d87b7a7946) C:Windowssystem32DRIVERSatikmdag.sys

    19:42:11.0407 1284 atikmdag - ok

    19:42:13.0576 1284 AtiPcie (aca01c43d065e546c6dc88ea669ceca6) C:Windowssystem32DRIVERSAtiPcie.sys

    19:42:13.0622 1284 AtiPcie - ok

    19:42:13.0716 1284 ATITool (0e4bb35c5305099ac82053ac992e3e0e) C:Windowssystem32DRIVERSATITool.sys

    19:42:13.0763 1284 ATITool ( UnsignedFile.Multi.Generic ) - warning

    19:42:13.0763 1284 ATITool - detected UnsignedFile.Multi.Generic (1)

    19:42:14.0059 1284 atitray (6cceb2cb70eaf24df999ebf1dea67ea9) C:Program FilesRay AdamsATI Tray Toolsatitray.sys

    19:42:14.0122 1284 atitray ( UnsignedFile.Multi.Generic ) - warning

    19:42:14.0122 1284 atitray - detected UnsignedFile.Multi.Generic (1)

    19:42:14.0558 1284 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:WindowsSystem32Audiosrv.dll

    19:42:14.0652 1284 AudioEndpointBuilder - ok

    19:42:14.0652 1284 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:WindowsSystem32Audiosrv.dll

    19:42:14.0683 1284 Audiosrv - ok

    19:42:14.0761 1284 avast! Antivirus - ok

    19:42:14.0839 1284 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:WindowsSystem32AxInstSV.dll

    19:42:14.0917 1284 AxInstSV - ok

    19:42:15.0307 1284 b06bdrv (1a231abec60fd316ec54c66715543cec) C:Windowssystem32DRIVERSbxvbdx.sys

    19:42:15.0416 1284 b06bdrv - ok

    19:42:15.0510 1284 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:Windowssystem32DRIVERSb57nd60x.sys

    19:42:15.0557 1284 b57nd60x - ok

    19:42:15.0666 1284 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:WindowsSystem32bdesvc.dll

    19:42:15.0713 1284 BDESVC - ok

    19:42:15.0728 1284 Beep (505506526a9d467307b3c393dedaf858) C:Windowssystem32driversBeep.sys

    19:42:15.0791 1284 Beep - ok

    19:42:15.0884 1284 BFE (1e2bac209d184bb851e1a187d8a29136) C:WindowsSystem32bfe.dll

    19:42:15.0962 1284 BFE - ok

    19:42:16.0118 1284 BITS (e585445d5021971fae10393f0f1c3961) C:Windowssystem32qmgr.dll

    19:42:16.0212 1284 BITS - ok

    19:42:16.0274 1284 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:Windowssystem32DRIVERSblbdrive.sys

    19:42:16.0306 1284 blbdrive - ok

    19:42:16.0368 1284 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:Windowssystem32DRIVERSbowser.sys

    19:42:16.0430 1284 bowser - ok

    19:42:16.0493 1284 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:Windowssystem32DRIVERSBrFiltLo.sys

    19:42:16.0555 1284 BrFiltLo - ok

    19:42:16.0586 1284 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:Windowssystem32DRIVERSBrFiltUp.sys

    19:42:16.0680 1284 BrFiltUp - ok

    19:42:16.0727 1284 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:Windowssystem32DRIVERSbridge.sys

    19:42:16.0789 1284 BridgeMP - ok

    19:42:17.0023 1284 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:WindowsSystem32browser.dll

    19:42:17.0101 1284 Browser - ok

    19:42:17.0944 1284 Brserid (845b8ce732e67f3b4133164868c666ea) C:WindowsSystem32DriversBrserid.sys

    19:42:18.0022 1284 Brserid - ok

    19:42:18.0053 1284 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:WindowsSystem32DriversBrSerWdm.sys

    19:42:18.0084 1284 BrSerWdm - ok

    19:42:18.0178 1284 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:WindowsSystem32DriversBrUsbMdm.sys

    19:42:18.0224 1284 BrUsbMdm - ok

    19:42:18.0240 1284 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:WindowsSystem32DriversBrUsbSer.sys

    19:42:18.0287 1284 BrUsbSer - ok

    19:42:18.0380 1284 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:Windowssystem32DRIVERSbthmodem.sys

    19:42:18.0521 1284 BTHMODEM - ok

    19:42:18.0614 1284 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:Windowssystem32bthserv.dll

    19:42:18.0661 1284 bthserv - ok

    19:42:18.0942 1284 c2wts (7953c40d24bffe71ec7637edf9154c2c) C:Program FilesWindows Identity Foundationv3.5c2wtshost.exe

    19:42:18.0958 1284 c2wts - ok

    19:42:19.0348 1284 catchme - ok

    19:42:19.0410 1284 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:Windowssystem32DRIVERScdfs.sys

    19:42:19.0457 1284 cdfs - ok

    19:42:19.0800 1284 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:Windowssystem32DRIVERScdrom.sys

    19:42:19.0925 1284 cdrom - ok

    19:42:20.0128 1284 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:WindowsSystem32certprop.dll

    19:42:20.0174 1284 CertPropSvc - ok

    19:42:20.0362 1284 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:Windowssystem32DRIVERScirclass.sys

    19:42:20.0455 1284 circlass - ok

    19:42:21.0188 1284 CLFS (635181e0e9bbf16871bf5380d71db02d) C:Windowssystem32CLFS.sys

    19:42:21.0251 1284 CLFS - ok

    19:42:21.0625 1284 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe

    19:42:21.0656 1284 clr_optimization_v2.0.50727_32 - ok

    19:42:22.0296 1284 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe

    19:42:22.0358 1284 clr_optimization_v4.0.30319_32 - ok

    19:42:22.0374 1284 CmBatt (dea805815e587dad1dd2c502220b5616) C:Windowssystem32DRIVERSCmBatt.sys

    19:42:22.0405 1284 CmBatt - ok

    19:42:22.0452 1284 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:Windowssystem32driverscmdide.sys

    19:42:22.0468 1284 cmdide - ok

    19:42:22.0514 1284 CNG (247b4ce2dab1160cd422d532d5241e1f) C:Windowssystem32Driverscng.sys

    19:42:22.0546 1284 CNG - ok

    19:42:22.0592 1284 Compbatt (a6023d3823c37043986713f118a89bee) C:Windowssystem32DRIVERScompbatt.sys

    19:42:22.0608 1284 Compbatt - ok

    19:42:22.0717 1284 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:Windowssystem32driversCompositeBus.sys

    19:42:22.0780 1284 CompositeBus - ok

    19:42:22.0811 1284 COMSysApp - ok

    19:42:23.0154 1284 cpuz130 - ok

    19:42:23.0263 1284 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:Windowssystem32DRIVERScrcdisk.sys

    19:42:23.0279 1284 crcdisk - ok

    19:42:23.0762 1284 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:Windowssystem32cryptsvc.dll

    19:42:23.0856 1284 CryptSvc - ok

    19:42:24.0917 1284 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:Windowssystem32driverscsc.sys

    19:42:25.0010 1284 CSC - ok

    19:42:26.0274 1284 CscService (15f93b37f6801943360d9eb42485d5d3) C:WindowsSystem32cscsvc.dll

    19:42:26.0336 1284 CscService - ok

    19:42:26.0383 1284 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:Windowssystem32rpcss.dll

    19:42:26.0446 1284 DcomLaunch - ok

    19:42:27.0007 1284 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:WindowsSystem32defragsvc.dll

    19:42:27.0116 1284 defragsvc - ok

    19:42:27.0475 1284 DfsC (f024449c97ec1e464aaffda18593db88) C:Windowssystem32Driversdfsc.sys

    19:42:27.0584 1284 DfsC - ok

    19:42:27.0943 1284 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:Windowssystem32dhcpcore.dll

    19:42:28.0052 1284 Dhcp - ok

    19:42:28.0162 1284 discache (1a050b0274bfb3890703d490f330c0da) C:Windowssystem32driversdiscache.sys

    19:42:28.0224 1284 discache - ok

    19:42:28.0286 1284 Disk (565003f326f99802e68ca78f2a68e9ff) C:Windowssystem32DRIVERSdisk.sys

    19:42:28.0302 1284 Disk - ok

    19:42:30.0143 1284 Diskeeper (0b080464aa2ea3fcc7747b41988d6b92) C:Program FilesDiskeeper CorporationDiskeeperDkService.exe

    19:42:30.0236 1284 Diskeeper - ok

    19:42:31.0921 1284 DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:Windowssystem32DRIVERSDKbFltr.sys

    19:42:31.0937 1284 DKbFltr - ok

    19:42:32.0046 1284 DKRtWrt (ab24ee68ff85a592586c03a3f339fcd5) C:Windowssystem32DRIVERSDKRtWrt.sys

    19:42:32.0046 1284 DKRtWrt - ok

    19:42:32.0467 1284 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:WindowsSystem32dnsrslvr.dll

    19:42:32.0576 1284 Dnscache - ok

    19:42:32.0779 1284 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:WindowsSystem32dot3svc.dll

    19:42:32.0888 1284 dot3svc - ok

    19:42:32.0935 1284 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:Windowssystem32dps.dll

    19:42:32.0982 1284 DPS - ok

    19:42:33.0091 1284 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:Windowssystem32driversdrmkaud.sys

    19:42:33.0107 1284 drmkaud - ok

    19:42:34.0246 1284 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:WindowsSystem32driversdxgkrnl.sys

    19:42:34.0277 1284 DXGKrnl - ok

    19:42:34.0355 1284 EagleNT - ok

    19:42:34.0604 1284 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:WindowsSystem32eapsvc.dll

    19:42:34.0729 1284 EapHost - ok

    19:42:35.0447 1284 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:Windowssystem32DRIVERSevbdx.sys

    19:42:35.0587 1284 ebdrv - ok

    19:42:35.0852 1284 EFS (81951f51e318aecc2d68559e47485cc4) C:WindowsSystem32lsass.exe

    19:42:35.0915 1284 EFS - ok

    19:42:36.0008 1284 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:WindowsehomeehRecvr.exe

    19:42:36.0071 1284 ehRecvr - ok

    19:42:36.0102 1284 ehSched (d389bff34f80caede417bf9d1507996a) C:Windowsehomeehsched.exe

    19:42:36.0133 1284 ehSched - ok

    19:42:36.0305 1284 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:Windowssystem32DRIVERSelxstor.sys

    19:42:36.0336 1284 elxstor - ok

    19:42:36.0367 1284 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:Windowssystem32driverserrdev.sys

    19:42:36.0414 1284 ErrDev - ok

    19:42:36.0554 1284 ETService (c0fe39b8f686b7c70a666e716cc12b49) C:Program FilesAcerEmpowering TechnologyServiceETService.exe

    19:42:36.0586 1284 ETService ( UnsignedFile.Multi.Generic ) - warning

    19:42:36.0586 1284 ETService - detected UnsignedFile.Multi.Generic (1)

    19:42:36.0664 1284 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:Windowssystem32es.dll

    19:42:36.0820 1284 EventSystem - ok

    19:42:36.0835 1284 ewusbnet - ok

    19:42:36.0851 1284 ew_hwusbdev - ok

    19:42:36.0913 1284 exfat (2dc9108d74081149cc8b651d3a26207f) C:Windowssystem32driversexfat.sys

    19:42:36.0944 1284 exfat - ok

    19:42:36.0991 1284 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:Windowssystem32driversfastfat.sys

    19:42:37.0038 1284 fastfat - ok

    19:42:37.0132 1284 Fax (967ea5b213e9984cbe270205df37755b) C:Windowssystem32fxssvc.exe

    19:42:37.0194 1284 Fax - ok

    19:42:37.0256 1284 fdc (e817a017f82df2a1f8cfdbda29388b29) C:Windowssystem32DRIVERSfdc.sys

    19:42:37.0272 1284 fdc - ok

    19:42:37.0303 1284 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:Windowssystem32fdPHost.dll

    19:42:37.0350 1284 fdPHost - ok

    19:42:37.0381 1284 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:Windowssystem32fdrespub.dll

    19:42:37.0428 1284 FDResPub - ok

    19:42:37.0444 1284 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:Windowssystem32driversfileinfo.sys

    19:42:37.0459 1284 FileInfo - ok

    19:42:37.0475 1284 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:Windowssystem32driversfiletrace.sys

    19:42:37.0537 1284 Filetrace - ok

    19:42:37.0568 1284 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:Windowssystem32DRIVERSflpydisk.sys

    19:42:37.0600 1284 flpydisk - ok

    19:42:37.0678 1284 flqf4nvb (04f76bc3aff4dd42a0ff860c8e70acc8) C:Windowssystem32Driversflqf4nvb.sys

    19:42:37.0693 1284 flqf4nvb - ok

    19:42:37.0740 1284 FltMgr (7520ec808e0c35e0ee6f841294316653) C:Windowssystem32driversfltmgr.sys

    19:42:37.0756 1284 FltMgr - ok

    19:42:37.0802 1284 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:Windowssystem32FntCache.dll

    19:42:37.0865 1284 FontCache - ok

    19:42:38.0021 1284 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe

    19:42:38.0036 1284 FontCache3.0.0.0 - ok

    19:42:38.0099 1284 FreshIO - ok

    19:42:38.0161 1284 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:Windowssystem32driversFsDepends.sys

    19:42:38.0177 1284 FsDepends - ok

    19:42:38.0239 1284 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:Windowssystem32driversFs_Rec.sys

    19:42:38.0255 1284 Fs_Rec - ok

    19:42:38.0348 1284 fvevol (8a73e79089b282100b9393b644cb853b) C:Windowssystem32DRIVERSfvevol.sys

    19:42:38.0364 1284 fvevol - ok

    19:42:38.0411 1284 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:Windowssystem32DRIVERSgagp30kx.sys

    19:42:38.0426 1284 gagp30kx - ok

    19:42:38.0676 1284 GarenaPEngine - ok

    19:42:38.0754 1284 gdrv (d556cb79967e92b5cc69686d16c1d846) C:Windowsgdrv.sys

    19:42:38.0770 1284 gdrv - ok

    19:42:38.0894 1284 GGSAFERDriver - ok

    19:42:39.0066 1284 giveio (77ebf3e9386daa51551af429052d88d0) C:Windowssystem32giveio.sys

    19:42:39.0097 1284 giveio ( UnsignedFile.Multi.Generic ) - warning

    19:42:39.0097 1284 giveio - detected UnsignedFile.Multi.Generic (1)

    19:42:39.0175 1284 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:WindowsSystem32gpsvc.dll

    19:42:39.0253 1284 gpsvc - ok

    19:42:39.0347 1284 gupdate (f02a533f517eb38333cb12a9e8963773) C:Program FilesGoogleUpdateGoogleUpdate.exe

    19:42:39.0362 1284 gupdate - ok

    19:42:39.0362 1284 gupdatem (f02a533f517eb38333cb12a9e8963773) C:Program FilesGoogleUpdateGoogleUpdate.exe

    19:42:39.0378 1284 gupdatem - ok

    19:42:39.0425 1284 gusvc (c1b577b2169900f4cf7190c39f085794) C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

    19:42:39.0440 1284 gusvc - ok

    19:42:39.0503 1284 hamachi (833051c6c6c42117191935f734cfbd97) C:Windowssystem32DRIVERShamachi.sys

    19:42:39.0518 1284 hamachi - ok

    19:42:39.0659 1284 Hamachi2Svc (d1c12332326d7f4ab5cb57c660feed0b) C:Program FilesLogMeIn Hamachihamachi-2.exe

    19:42:39.0721 1284 Hamachi2Svc - ok

    19:42:39.0955 1284 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:Windowssystem32drivershcw85cir.sys

    19:42:39.0986 1284 hcw85cir - ok

    19:42:40.0064 1284 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:Windowssystem32driversHdAudio.sys

    19:42:40.0111 1284 HdAudAddService - ok

    19:42:40.0158 1284 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:Windowssystem32driversHDAudBus.sys

    19:42:40.0205 1284 HDAudBus - ok

    19:42:40.0236 1284 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:Windowssystem32DRIVERSHidBatt.sys

    19:42:40.0252 1284 HidBatt - ok

    19:42:40.0283 1284 HidBth (89448f40e6df260c206a193a4683ba78) C:Windowssystem32DRIVERShidbth.sys

    19:42:40.0314 1284 HidBth - ok

    19:42:40.0361 1284 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:Windowssystem32DRIVERShidir.sys

    19:42:40.0408 1284 HidIr - ok

    19:42:40.0470 1284 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:WindowsSystem32hidserv.dll

    19:42:40.0501 1284 hidserv - ok

    19:42:40.0564 1284 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:Windowssystem32DRIVERShidusb.sys

    19:42:40.0579 1284 HidUsb - ok

    19:42:40.0642 1284 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:Windowssystem32kmsvc.dll

    19:42:40.0704 1284 hkmsvc - ok

    19:42:40.0751 1284 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:Windowssystem32ListSvc.dll

    19:42:40.0766 1284 HomeGroupListener - ok

    19:42:40.0860 1284 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:Windowssystem32provsvc.dll

    19:42:40.0907 1284 HomeGroupProvider - ok

    19:42:40.0969 1284 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:Windowssystem32driversHpSAMD.sys

    19:42:40.0985 1284 HpSAMD - ok

    19:42:41.0063 1284 HTTP (871917b07a141bff43d76d8844d48106) C:Windowssystem32driversHTTP.sys

    19:42:41.0110 1284 HTTP - ok

    19:42:41.0125 1284 huawei_enumerator - ok

    19:42:41.0141 1284 hwdatacard - ok

    19:42:41.0172 1284 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:Windowssystem32drivershwpolicy.sys

    19:42:41.0188 1284 hwpolicy - ok

    19:42:41.0281 1284 HyperDeskCustomThemeEnabler (306a0bb38e23d16ef51eaf43e26073a0) C:WindowsInstallerMSI2CDD.tmp

    19:42:41.0312 1284 HyperDeskCustomThemeEnabler ( UnsignedFile.Multi.Generic ) - warning

    19:42:41.0312 1284 HyperDeskCustomThemeEnabler - detected UnsignedFile.Multi.Generic (1)

    19:42:41.0359 1284 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:Windowssystem32DRIVERSi8042prt.sys

    19:42:41.0375 1284 i8042prt - ok

    19:42:41.0437 1284 iaStor (db81f413fa4e3f328cad7b5d59ef3f21) C:Windowssystem32DRIVERSiaStor.sys

    19:42:41.0453 1284 iaStor - ok

    19:42:41.0515 1284 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:Windowssystem32driversiaStorV.sys

    19:42:41.0546 1284 iaStorV - ok

    19:42:41.0734 1284 IDriverT (6f95324909b502e2651442c1548ab12f) C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

    19:42:41.0765 1284 IDriverT ( UnsignedFile.Multi.Generic ) - warning

    19:42:41.0765 1284 IDriverT - detected UnsignedFile.Multi.Generic (1)

    19:42:42.0248 1284 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:WindowsMicrosoft.NETFrameworkv3.0Windows Communication Foundationinfocard.exe

    19:42:42.0311 1284 idsvc - ok

    19:42:42.0841 1284 iirsp (4173ff5708f3236cf25195fecd742915) C:Windowssystem32DRIVERSiirsp.sys

    19:42:42.0888 1284 iirsp - ok

    19:42:44.0167 1284 IKEEXT (f95622f161474511b8d80d6b093aa610) C:WindowsSystem32ikeext.dll

    19:42:44.0245 1284 IKEEXT - ok

    19:42:44.0308 1284 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:Windowssystem32driversint15.sys

    19:42:44.0323 1284 int15 - ok

    19:42:46.0398 1284 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:Windowssystem32driversRTKVHDA.sys

    19:42:46.0554 1284 IntcAzAudAddService - ok

    19:42:47.0318 1284 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:Windowssystem32driversintelide.sys

    19:42:47.0334 1284 intelide - ok

    19:42:47.0443 1284 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:Windowssystem32DRIVERSintelppm.sys

    19:42:47.0459 1284 intelppm - ok

    19:42:47.0677 1284 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:Windowssystem32ipbusenum.dll

    19:42:47.0771 1284 IPBusEnum - ok

    19:42:47.0786 1284 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:Windowssystem32DRIVERSipfltdrv.sys

    19:42:47.0818 1284 IpFilterDriver - ok

    19:42:47.0942 1284 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:WindowsSystem32iphlpsvc.dll

    19:42:48.0020 1284 iphlpsvc - ok

    19:42:48.0067 1284 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:Windowssystem32driversIPMIDrv.sys

    19:42:48.0098 1284 IPMIDRV - ok

    19:42:48.0145 1284 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:Windowssystem32driversipnat.sys

    19:42:48.0192 1284 IPNAT - ok

    19:42:48.0239 1284 IRENUM (42996cff20a3084a56017b7902307e9f) C:Windowssystem32driversirenum.sys

    19:42:48.0270 1284 IRENUM - ok

    19:42:48.0364 1284 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:Windowssystem32driversisapnp.sys

    19:42:48.0364 1284 isapnp - ok

    19:42:48.0410 1284 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:Windowssystem32DRIVERSmsiscsi.sys

    19:42:48.0426 1284 iScsiPrt - ok

    19:42:48.0832 1284 IviRegMgr (213822072085b5bbad9af30ab577d817) C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe

    19:42:48.0863 1284 IviRegMgr - ok

    19:42:48.0925 1284 jrdusbser (119ab8740bacb9f1108f4dd02294569d) C:Windowssystem32DRIVERSjrdusbser.sys

    19:42:48.0972 1284 jrdusbser - ok

    19:42:49.0050 1284 kbdclass (adef52ca1aeae82b50df86b56413107e) C:Windowssystem32DRIVERSkbdclass.sys

    19:42:49.0066 1284 kbdclass - ok

    19:42:49.0144 1284 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:Windowssystem32DRIVERSkbdhid.sys

    19:42:49.0206 1284 kbdhid - ok

    19:42:49.0268 1284 KeyIso (81951f51e318aecc2d68559e47485cc4) C:Windowssystem32lsass.exe

    19:42:49.0284 1284 KeyIso - ok

    19:42:49.0409 1284 KMService (4635935fc972c582632bf45c26bfcb0e) C:Windowssystem32srvany.exe

    19:42:49.0456 1284 KMService ( UnsignedFile.Multi.Generic ) - warning

    19:42:49.0456 1284 KMService - detected UnsignedFile.Multi.Generic (1)

    19:42:49.0518 1284 KMWDFILTERx86 (4476fe98aaf505acdcd3ee6360aabec1) C:Windowssystem32DRIVERSKMWDFILTER.sys

    19:42:49.0534 1284 KMWDFILTERx86 - ok

    19:42:49.0799 1284 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:Windowssystem32Driversksecdd.sys

    19:42:49.0861 1284 KSecDD - ok

    19:42:49.0908 1284 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:Windowssystem32Driversksecpkg.sys

    19:42:49.0924 1284 KSecPkg - ok

    19:42:50.0844 1284 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:Windowssystem32msdtckrm.dll

    19:42:50.0891 1284 KtmRm - ok

    19:42:51.0062 1284 L1E (14f63a275c1bff4d35e02de1127e8a85) C:Windowssystem32DRIVERSL1E62x86.sys

    19:42:51.0094 1284 L1E - ok

    19:42:51.0156 1284 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:WindowsSystem32srvsvc.dll

    19:42:51.0203 1284 LanmanServer - ok

    19:42:51.0250 1284 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:WindowsSystem32wkssvc.dll

    19:42:51.0296 1284 LanmanWorkstation - ok

    19:42:51.0749 1284 Live Updater Service (93b73ded2bc688f140c6ae2fbad45789) C:Program FilesAcerAcer UpdaterUpdaterService.exe

    19:42:51.0780 1284 Live Updater Service - ok

    19:42:51.0874 1284 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:Windowssystem32DRIVERSlltdio.sys

    19:42:51.0920 1284 lltdio - ok

    19:42:51.0983 1284 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:WindowsSystem32lltdsvc.dll

    19:42:52.0014 1284 lltdsvc - ok

    19:42:52.0045 1284 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:WindowsSystem32lmhsvc.dll

    19:42:52.0092 1284 lmhosts - ok

    19:42:52.0139 1284 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:Windowssystem32DRIVERSlsi_fc.sys

    19:42:52.0154 1284 LSI_FC - ok

    19:42:52.0170 1284 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:Windowssystem32DRIVERSlsi_sas.sys

    19:42:52.0186 1284 LSI_SAS - ok

    19:42:52.0232 1284 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:Windowssystem32DRIVERSlsi_sas2.sys

    19:42:52.0248 1284 LSI_SAS2 - ok

    19:42:52.0264 1284 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:Windowssystem32DRIVERSlsi_scsi.sys

    19:42:52.0279 1284 LSI_SCSI - ok

    19:42:52.0326 1284 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:Windowssystem32driversluafv.sys

    19:42:52.0388 1284 luafv - ok

    19:42:52.0420 1284 ManyCam - ok

    19:42:52.0466 1284 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:Windowssystem32Mcx2Svc.dll

    19:42:52.0513 1284 Mcx2Svc - ok

    19:42:52.0529 1284 mdmxsdk - ok

    19:42:52.0607 1284 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:Windowssystem32DRIVERSmegasas.sys

    19:42:52.0622 1284 megasas - ok

    19:42:52.0669 1284 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:Windowssystem32DRIVERSMegaSR.sys

    19:42:52.0700 1284 MegaSR - ok

    19:42:52.0763 1284 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:Windowssystem32mmcss.dll

    19:42:52.0810 1284 MMCSS - ok

    19:42:52.0841 1284 Modem (f001861e5700ee84e2d4e52c712f4964) C:Windowssystem32driversmodem.sys

    19:42:52.0903 1284 Modem - ok

    19:42:52.0966 1284 monitor (79d10964de86b292320e9dfe02282a23) C:Windowssystem32DRIVERSmonitor.sys

    19:42:52.0997 1284 monitor - ok

    19:42:53.0044 1284 MonitorFunction (111a023266532c621ee69ae96e47081e) C:Windowssystem32DRIVERSTVMonitor.sys

    19:42:53.0059 1284 MonitorFunction - ok

    19:42:53.0153 1284 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:Windowssystem32DRIVERSmouclass.sys

    19:42:53.0168 1284 mouclass - ok

    19:42:53.0215 1284 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:Windowssystem32DRIVERSmouhid.sys

    19:42:53.0231 1284 mouhid - ok

    19:42:53.0278 1284 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:Windowssystem32driversmountmgr.sys

    19:42:53.0293 1284 mountmgr - ok

    19:42:53.0964 1284 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe

    19:42:53.0995 1284 MozillaMaintenance - ok

    19:42:54.0026 1284 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:Windowssystem32driversmpio.sys

    19:42:54.0058 1284 mpio - ok

    19:42:54.0245 1284 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:Windowssystem32driversmpsdrv.sys

    19:42:54.0323 1284 mpsdrv - ok

    19:42:54.0838 1284 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:Windowssystem32mpssvc.dll

    19:42:54.0931 1284 MpsSvc - ok

    19:42:54.0962 1284 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:Windowssystem32driversmrxdav.sys

    19:42:54.0994 1284 MRxDAV - ok

    19:42:55.0087 1284 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:Windowssystem32DRIVERSmrxsmb.sys

    19:42:55.0134 1284 mrxsmb - ok

    19:42:55.0384 1284 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:Windowssystem32DRIVERSmrxsmb10.sys

    19:42:55.0415 1284 mrxsmb10 - ok

    19:42:55.0462 1284 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:Windowssystem32DRIVERSmrxsmb20.sys

    19:42:55.0477 1284 mrxsmb20 - ok

    19:42:55.0555 1284 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:Windowssystem32driversmsahci.sys

    19:42:55.0571 1284 msahci - ok

    19:42:55.0618 1284 msdsm (55055f8ad8be27a64c831322a780a228) C:Windowssystem32driversmsdsm.sys

    19:42:55.0633 1284 msdsm - ok

    19:42:55.0680 1284 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:WindowsSystem32msdtc.exe

    19:42:55.0742 1284 MSDTC - ok

    19:42:55.0789 1284 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:Windowssystem32driversMsfs.sys

    19:42:55.0820 1284 Msfs - ok

    19:42:55.0836 1284 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:WindowsSystem32driversmshidkmdf.sys

    19:42:55.0883 1284 mshidkmdf - ok

    19:42:55.0930 1284 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:Windowssystem32driversmsisadrv.sys

    19:42:55.0945 1284 msisadrv - ok

    19:42:56.0008 1284 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:Windowssystem32iscsiexe.dll

    19:42:56.0070 1284 MSiSCSI - ok

    19:42:56.0070 1284 msiserver - ok

    19:42:56.0101 1284 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:Windowssystem32driversMSKSSRV.sys

    19:42:56.0148 1284 MSKSSRV - ok

    19:42:56.0179 1284 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:Windowssystem32driversMSPCLOCK.sys

    19:42:56.0273 1284 MSPCLOCK - ok

    19:42:56.0288 1284 MSPQM (f456e973590d663b1073e9c463b40932) C:Windowssystem32driversMSPQM.sys

    19:42:56.0351 1284 MSPQM - ok

    19:42:56.0398 1284 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:Windowssystem32driversMsRPC.sys

    19:42:56.0413 1284 MsRPC - ok

    19:42:56.0522 1284 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:Windowssystem32driversmssmbios.sys

    19:42:56.0538 1284 mssmbios - ok

    19:42:56.0585 1284 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:Windowssystem32driversMSTEE.sys

    19:42:56.0616 1284 MSTEE - ok

    19:42:56.0632 1284 MTConfig (33599130f44e1f34631cea241de8ac84) C:Windowssystem32DRIVERSMTConfig.sys

    19:42:56.0647 1284 MTConfig - ok

    19:42:56.0678 1284 Mup (159fad02f64e6381758c990f753bcc80) C:Windowssystem32Driversmup.sys

    19:42:56.0694 1284 Mup - ok

    19:42:56.0741 1284 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:Windowssystem32qagentRT.dll

    19:42:56.0788 1284 napagent - ok

    19:42:56.0866 1284 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:Windowssystem32DRIVERSnwifi.sys

    19:42:56.0912 1284 NativeWifiP - ok

    19:42:57.0006 1284 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:Windowssystem32driversndis.sys

    19:42:57.0053 1284 NDIS - ok

    19:42:57.0100 1284 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:Windowssystem32DRIVERSndiscap.sys

    19:42:57.0146 1284 NdisCap - ok

    19:42:57.0209 1284 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:Windowssystem32DRIVERSndistapi.sys

    19:42:57.0256 1284 NdisTapi - ok

    19:42:57.0661 1284 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:Windowssystem32DRIVERSndisuio.sys

    19:42:57.0770 1284 Ndisuio - ok

    19:42:57.0911 1284 NdisWan (38fbe267e7e6983311179230facb1017) C:Windowssystem32DRIVERSndiswan.sys

    19:42:57.0958 1284 NdisWan - ok

    19:42:58.0004 1284 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:Windowssystem32driversNDProxy.sys

    19:42:58.0067 1284 NDProxy - ok

    19:42:58.0207 1284 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:Windowssystem32DRIVERSnetbios.sys

    19:42:58.0316 1284 NetBIOS - ok

    19:42:58.0582 1284 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:Windowssystem32DRIVERSnetbt.sys

    19:42:58.0613 1284 NetBT - ok

    19:42:58.0769 1284 Netlogon (81951f51e318aecc2d68559e47485cc4) C:Windowssystem32lsass.exe

    19:42:58.0784 1284 Netlogon - ok

    19:42:59.0190 1284 Netman (7cccfca7510684768da22092d1fa4db2) C:WindowsSystem32netman.dll

    19:42:59.0252 1284 Netman - ok

    19:42:59.0424 1284 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:WindowsMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe

    19:42:59.0440 1284 NetMsmqActivator - ok

    19:42:59.0440 1284 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:WindowsMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe

    19:42:59.0455 1284 NetPipeActivator - ok

    19:42:59.0502 1284 netprofm (8c338238c16777a802d6a9211eb2ba50) C:WindowsSystem32netprofm.dll

    19:42:59.0549 1284 netprofm - ok

    19:42:59.0596 1284 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:WindowsMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe

    19:42:59.0611 1284 NetTcpActivator - ok

    19:42:59.0611 1284 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:WindowsMicrosoft.NETFrameworkv4.0.30319SMSvcHost.exe

    19:42:59.0627 1284 NetTcpPortSharing - ok

    19:42:59.0689 1284 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:Windowssystem32DRIVERSnfrd960.sys

    19:42:59.0705 1284 nfrd960 - ok

    19:42:59.0767 1284 NlaSvc (912084381d30d8b89ec4e293053f4710) C:WindowsSystem32nlasvc.dll

    19:42:59.0830 1284 NlaSvc - ok

    19:42:59.0892 1284 npf (b9730495e0cf674680121e34bd95a73b) C:Windowssystem32driversnpf.sys

    19:42:59.0892 1284 npf - ok

    19:42:59.0908 1284 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:Windowssystem32driversNpfs.sys

    19:42:59.0970 1284 Npfs - ok

    19:43:00.0001 1284 npggsvc - ok

    19:43:00.0079 1284 nsi (ba387e955e890c8a88306d9b8d06bf17) C:Windowssystem32nsisvc.dll

    19:43:00.0110 1284 nsi - ok

    19:43:00.0173 1284 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:Windowssystem32driversnsiproxy.sys

    19:43:00.0220 1284 nsiproxy - ok

    19:43:00.0422 1284 NSJCPVCBTKW - ok

    19:43:00.0516 1284 Ntfs (81189c3d7763838e55c397759d49007a) C:Windowssystem32driversNtfs.sys

    19:43:00.0578 1284 Ntfs - ok

    19:43:01.0187 1284 ntiomin - ok

    19:43:01.0327 1284 Null (f9756a98d69098dca8945d62858a812c) C:Windowssystem32driversNull.sys

    19:43:01.0421 1284 Null - ok

    19:43:01.0686 1284 nuvotoncir (7f5d69a031be0e7bdfb8126e1a212417) C:Windowssystem32DRIVERSnuvotoncir.sys

    19:43:01.0780 1284 nuvotoncir - ok

    19:43:02.0310 1284 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:Windowssystem32driversnvraid.sys

    19:43:02.0388 1284 nvraid - ok

    19:43:02.0528 1284 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:Windowssystem32driversnvstor.sys

    19:43:02.0544 1284 nvstor - ok

    19:43:02.0606 1284 nv_agp (5a0983915f02bae73267cc2a041f717d) C:Windowssystem32driversnv_agp.sys

    19:43:02.0622 1284 nv_agp - ok

    19:43:02.0809 1284 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:Windowssystem32driversohci1394.sys

    19:43:02.0934 1284 ohci1394 - ok

    19:43:03.0293 1284 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:Program FilesSony EricssonSony Ericsson PC SuiteSupServ.exe

    19:43:03.0371 1284 OMSI download service ( UnsignedFile.Multi.Generic ) - warning

    19:43:03.0371 1284 OMSI download service - detected UnsignedFile.Multi.Generic (1)

    19:43:03.0511 1284 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:Program FilesCommon FilesMicrosoft SharedSource EngineOSE.EXE

    19:43:03.0527 1284 ose - ok

    19:43:08.0285 1284 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE

    19:43:08.0503 1284 osppsvc - ok

    19:43:09.0252 1284 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:Windowssystem32pnrpsvc.dll

    19:43:09.0299 1284 p2pimsvc - ok

    19:43:09.0377 1284 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:Windowssystem32p2psvc.dll

    19:43:09.0424 1284 p2psvc - ok

    19:43:09.0580 1284 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:Windowssystem32DRIVERSparport.sys

    19:43:09.0611 1284 Parport - ok

    19:43:09.0673 1284 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:Windowssystem32driverspartmgr.sys

    19:43:09.0689 1284 partmgr - ok

    19:43:09.0798 1284 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:Windowssystem32DRIVERSparvdm.sys

    19:43:09.0907 1284 Parvdm - ok

    19:43:10.0157 1284 PCANDIS4_RETWIFI - ok

    19:43:10.0219 1284 PCANDIS5_WIFISCAN.SYS - ok

    19:43:10.0734 1284 PcaSvc (358ab7956d3160000726574083dfc8a6) C:WindowsSystem32pcasvc.dll

    19:43:10.0828 1284 PcaSvc - ok

    19:43:10.0906 1284 pci (673e55c3498eb970088e812ea820aa8f) C:Windowssystem32driverspci.sys

    19:43:10.0921 1284 pci - ok

    19:43:10.0968 1284 pciide (afe86f419014db4e5593f69ffe26ce0a) C:Windowssystem32driverspciide.sys

    19:43:10.0984 1284 pciide - ok

    19:43:11.0046 1284 pcmcia (f396431b31693e71e8a80687ef523506) C:Windowssystem32DRIVERSpcmcia.sys

    19:43:11.0077 1284 pcmcia - ok

    19:43:11.0171 1284 pcouffin (5b6c11de7e839c05248ced8825470fef) C:Windowssystem32Driverspcouffin.sys

    19:43:11.0202 1284 pcouffin - ok

    19:43:11.0233 1284 pcw (250f6b43d2b613172035c6747aeeb19f) C:Windowssystem32driverspcw.sys

    19:43:11.0249 1284 pcw - ok

    19:43:11.0296 1284 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:Windowssystem32driverspeauth.sys

    19:43:11.0342 1284 PEAUTH - ok

    19:43:14.0400 1284 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:Windowssystem32peerdistsvc.dll

    19:43:14.0509 1284 PeerDistSvc - ok

    19:43:15.0695 1284 pla (414bba67a3ded1d28437eb66aeb8a720) C:Windowssystem32pla.dll

    19:43:15.0851 1284 pla - ok

    19:43:16.0880 1284 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:Windowssystem32umpnpmgr.dll

    19:43:16.0927 1284 PlugPlay - ok

    19:43:16.0974 1284 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:Windowssystem32pnrpauto.dll

    19:43:17.0005 1284 PNRPAutoReg - ok

    19:43:17.0052 1284 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:Windowssystem32pnrpsvc.dll

    19:43:17.0068 1284 PNRPsvc - ok

    19:43:17.0130 1284 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:WindowsSystem32ipsecsvc.dll

    19:43:17.0192 1284 PolicyAgent - ok

    19:43:17.0239 1284 Power (f87d30e72e03d579a5199ccb3831d6ea) C:Windowssystem32umpo.dll

    19:43:17.0286 1284 Power - ok

    19:43:17.0442 1284 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:Windowssystem32DRIVERSraspptp.sys

    19:43:17.0489 1284 PptpMiniport - ok

    19:43:17.0551 1284 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:Windowssystem32DRIVERSprocessr.sys

    19:43:17.0567 1284 Processor - ok

    19:43:17.0941 1284 ProfSvc (cadefac453040e370a1bdff3973be00d) C:Windowssystem32profsvc.dll

    19:43:17.0988 1284 ProfSvc - ok

    19:43:18.0175 1284 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:Windowssystem32lsass.exe

    19:43:18.0191 1284 ProtectedStorage - ok

    19:43:18.0316 1284 Psched (6270ccae2a86de6d146529fe55b3246a) C:Windowssystem32DRIVERSpacer.sys

    19:43:18.0378 1284 Psched - ok

    19:43:19.0205 1284 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe

    19:43:19.0267 1284 PSI_SVC_2 - ok

    19:43:19.0486 1284 PsSdk40 (dc6a43cdecc16cbd1ab8f26dccf49703) C:Windowssystem32Driverspssdk40.sys

    19:43:19.0564 1284 PsSdk40 - ok

    19:43:19.0579 1284 PsSdkLBF (69b25e6601c59115490def40fce53555) C:Windowssystem32Driverspssdklbf.sys

    19:43:19.0595 1284 PsSdkLBF - ok

    19:43:20.0624 1284 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:Windowssystem32DRIVERSql2300.sys

    19:43:20.0687 1284 ql2300 - ok

    19:43:21.0124 1284 ql40xx (b4dd51dd25182244b86737dc51af2270) C:Windowssystem32DRIVERSql40xx.sys

    19:43:21.0139 1284 ql40xx - ok

    19:43:21.0638 1284 QWAVE (31ac809e7707eb580b2bdb760390765a) C:Windowssystem32qwave.dll

    19:43:21.0670 1284 QWAVE - ok

    19:43:21.0779 1284 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:Windowssystem32driversqwavedrv.sys

    19:43:21.0857 1284 QWAVEdrv - ok

    19:43:21.0872 1284 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:Windowssystem32DRIVERSrasacd.sys

    19:43:21.0919 1284 RasAcd - ok

    19:43:21.0997 1284 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:Windowssystem32DRIVERSAgileVpn.sys

    19:43:22.0044 1284 RasAgileVpn - ok

    19:43:22.0106 1284 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:WindowsSystem32rasauto.dll

    19:43:22.0169 1284 RasAuto - ok

    19:43:22.0231 1284 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:Windowssystem32DRIVERSrasl2tp.sys

    19:43:22.0294 1284 Rasl2tp - ok

    19:43:22.0403 1284 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:WindowsSystem32rasmans.dll

    19:43:22.0465 1284 RasMan - ok

    19:43:22.0496 1284 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:Windowssystem32DRIVERSraspppoe.sys

    19:43:22.0528 1284 RasPppoe - ok

    19:43:22.0887 1284 RasSstp (44101f495a83ea6401d886e7fd70096b) C:Windowssystem32DRIVERSrassstp.sys

    19:43:22.0965 1284 RasSstp - ok

    19:43:23.0043 1284 rdbss (d528bc58a489409ba40334ebf96a311b) C:Windowssystem32DRIVERSrdbss.sys

    19:43:23.0105 1284 rdbss - ok

    19:43:23.0121 1284 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:Windowssystem32DRIVERSrdpbus.sys

    19:43:23.0152 1284 rdpbus - ok

    19:43:23.0183 1284 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:Windowssystem32DRIVERSRDPCDD.sys

    19:43:23.0245 1284 RDPCDD - ok

    19:43:23.0417 1284 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:Windowssystem32driversrdpdr.sys

    19:43:23.0464 1284 RDPDR - ok

    19:43:23.0557 1284 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:Windowssystem32driversrdpencdd.sys

    19:43:23.0635 1284 RDPENCDD - ok

    19:43:23.0698 1284 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:Windowssystem32driversrdprefmp.sys

    19:43:23.0776 1284 RDPREFMP - ok

    19:43:23.0854 1284 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:Windowssystem32driversrdpvideominiport.sys

    19:43:23.0901 1284 RdpVideoMiniport - ok

    19:43:24.0135 1284 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:Windowssystem32driversRDPWD.sys

    19:43:24.0181 1284 RDPWD - ok

    19:43:24.0431 1284 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:Windowssystem32driversrdyboost.sys

    19:43:24.0447 1284 rdyboost - ok

    19:43:24.0509 1284 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:WindowsSystem32mprdim.dll

    19:43:24.0571 1284 RemoteAccess - ok

    19:43:24.0634 1284 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:Windowssystem32regsvc.dll

    19:43:24.0696 1284 RemoteRegistry - ok

    19:43:24.0743 1284 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:WindowsSystem32RpcEpMap.dll

    19:43:24.0790 1284 RpcEptMapper - ok

    19:43:24.0852 1284 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:Windowssystem32locator.exe

    19:43:24.0883 1284 RpcLocator - ok

    19:43:24.0930 1284 RpcSs (7660f01d3b38aca1747e397d21d790af) C:Windowssystem32rpcss.dll

    19:43:24.0977 1284 RpcSs - ok

    19:43:25.0055 1284 rspndr (032b0d36ad92b582d869879f5af5b928) C:Windowssystem32DRIVERSrspndr.sys

    19:43:25.0086 1284 rspndr - ok

    19:43:25.0149 1284 RSUSBSTOR (247b0a8164069cd4fe6f3094c581b13b) C:Windowssystem32DriversRtsUStor.sys

    19:43:25.0164 1284 RSUSBSTOR - ok

    19:43:25.0242 1284 RTHDMIAzAudService (c5008a19f63439aef8ceedb0263dc592) C:Windowssystem32driversRtHDMIV.sys

    19:43:25.0258 1284 RTHDMIAzAudService - ok

    19:43:25.0320 1284 RTSTOR (4501c8fe11df3192fb68d0d595ea94cc) C:Windowssystem32driversRTSTOR.SYS

    19:43:25.0336 1284 RTSTOR - ok

    19:43:25.0429 1284 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:Windowssystem32DRIVERSs1018bus.sys

    19:43:25.0476 1284 s1018bus - ok

    19:43:25.0539 1284 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:Windowssystem32DRIVERSs1018mdfl.sys

    19:43:25.0539 1284 s1018mdfl - ok

    19:43:25.0617 1284 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:Windowssystem32DRIVERSs1018mdm.sys

    19:43:25.0632 1284 s1018mdm - ok

    19:43:25.0663 1284 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:Windowssystem32DRIVERSs1018mgmt.sys

    19:43:25.0679 1284 s1018mgmt - ok

    19:43:25.0710 1284 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:Windowssystem32DRIVERSs1018nd5.sys

    19:43:25.0710 1284 s1018nd5 - ok

    19:43:25.0726 1284 s1018obex (49431efda842b474531c29ffae9f5d09) C:Windowssystem32DRIVERSs1018obex.sys

    19:43:25.0741 1284 s1018obex - ok

    19:43:25.0773 1284 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:Windowssystem32DRIVERSs1018unic.sys

    19:43:25.0788 1284 s1018unic - ok

    19:43:25.0819 1284 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:Windowssystem32driversvms3cap.sys

    19:43:25.0882 1284 s3cap - ok

    19:43:25.0944 1284 SamSs (81951f51e318aecc2d68559e47485cc4) C:Windowssystem32lsass.exe

    19:43:25.0944 1284 SamSs - ok

    19:43:26.0038 1284 SANDRA - ok

    19:43:26.0116 1284 sbp2port (05d860da1040f111503ac416ccef2bca) C:Windowssystem32driverssbp2port.sys

    19:43:26.0131 1284 sbp2port - ok

    19:43:26.0568 1284 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:WindowsSystem32SCardSvr.dll

    19:43:26.0677 1284 SCardSvr - ok

    19:43:26.0849 1284 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:Windowssystem32DRIVERSscfilter.sys

    19:43:26.0958 1284 scfilter - ok

    19:43:27.0645 1284 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:Windowssystem32schedsvc.dll

    19:43:27.0723 1284 Schedule - ok

    19:43:27.0769 1284 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:WindowsSystem32certprop.dll

    19:43:27.0801 1284 SCPolicySvc - ok

    19:43:27.0847 1284 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:WindowsSystem32SDRSVC.dll

    19:43:27.0894 1284 SDRSVC - ok

    19:43:27.0988 1284 secdrv (90a3935d05b494a5a39d37e71f09a677) C:Windowssystem32driverssecdrv.sys

    19:43:28.0019 1284 secdrv - ok

    19:43:28.0253 1284 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:Windowssystem32seclogon.dll

    19:43:28.0331 1284 seclogon - ok

    19:43:28.0362 1284 SENS (dcb7fcdcc97f87360f75d77425b81737) C:Windowssystem32sens.dll

    19:43:28.0409 1284 SENS - ok

    19:43:28.0456 1284 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:Windowssystem32sensrsvc.dll

    19:43:28.0503 1284 SensrSvc - ok

    19:43:28.0549 1284 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:Windowssystem32DRIVERSserenum.sys

    19:43:28.0596 1284 Serenum - ok

    19:43:28.0674 1284 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:Windowssystem32DRIVERSserial.sys

    19:43:28.0690 1284 Serial - ok

    19:43:28.0737 1284 sermouse (79bffb520327ff916a582dfea17aa813) C:Windowssystem32DRIVERSsermouse.sys

    19:43:28.0783 1284 sermouse - ok

    19:43:29.0095 1284 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:Windowssystem32sessenv.dll

    19:43:29.0205 1284 SessionEnv - ok

    19:43:29.0267 1284 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:Windowssystem32driverssffdisk.sys

    19:43:29.0283 1284 sffdisk - ok

    19:43:29.0314 1284 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:Windowssystem32driverssffp_mmc.sys

    19:43:29.0329 1284 sffp_mmc - ok

    19:43:29.0361 1284 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:Windowssystem32driverssffp_sd.sys

    19:43:29.0407 1284 sffp_sd - ok

    19:43:29.0517 1284 sfloppy (db96666cc8312ebc45032f30b007a547) C:Windowssystem32DRIVERSsfloppy.sys

    19:43:29.0532 1284 sfloppy - ok

    19:43:30.0281 1284 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:WindowsSystem32ipnathlp.dll

    19:43:30.0375 1284 SharedAccess - ok

    19:43:30.0421 1284 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:WindowsSystem32shsvcs.dll

    19:43:30.0453 1284 ShellHWDetection - ok

    19:43:30.0531 1284 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:Windowssystem32driverssisagp.sys

    19:43:30.0546 1284 sisagp - ok

    19:43:30.0624 1284 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:Windowssystem32DRIVERSSiSRaid2.sys

    19:43:30.0640 1284 SiSRaid2 - ok

    19:43:30.0671 1284 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:Windowssystem32DRIVERSsisraid4.sys

    19:43:30.0687 1284 SiSRaid4 - ok

    19:43:30.0780 1284 SIVDRIVER (7c957299ed2c6de4e3500e24d7f3f532) C:Windowssystem32DriversSIVX32.sys

    19:43:30.0796 1284 SIVDRIVER - ok

    19:43:31.0607 1284 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:Program FilesSkypeUpdaterUpdater.exe

    19:43:31.0654 1284 SkypeUpdate - ok

    19:43:31.0701 1284 Smb (3e21c083b8a01cb70ba1f09303010fce) C:Windowssystem32DRIVERSsmb.sys

    19:43:31.0732 1284 Smb - ok

    19:43:31.0841 1284 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:WindowsSystem32snmptrap.exe

    19:43:31.0857 1284 SNMPTRAP - ok

    19:43:34.0524 1284 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:Windowssystem32DRIVERSsnp2uvc.sys

    19:43:34.0618 1284 SNP2UVC - ok

    19:43:34.0852 1284 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:Windowssystem32speedfan.sys

    19:43:34.0867 1284 speedfan - ok

    19:43:34.0930 1284 spldr (95cf1ae7527fb70f7816563cbc09d942) C:Windowssystem32driversspldr.sys

    19:43:34.0945 1284 spldr - ok

    19:43:35.0008 1284 Spooler (866a43013535dc8587c258e43579c764) C:WindowsSystem32spoolsv.exe

    19:43:35.0055 1284 Spooler - ok

    19:43:35.0195 1284 sppsvc (cf87a1de791347e75b98885214ced2b8) C:Windowssystem32sppsvc.exe

    19:43:35.0351 1284 sppsvc - ok

    19:43:35.0523 1284 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:Windowssystem32sppuinotify.dll

    19:43:35.0569 1284 sppuinotify - ok

    19:43:35.0679 1284 sptd (f42efefb765235f24b24e1d2b6f99f46) C:WindowsSystem32Driverssptd.sys

    19:43:35.0679 1284 Suspicious file (NoAccess): C:WindowsSystem32Driverssptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46

    19:43:35.0679 1284 sptd ( LockedFile.Multi.Generic ) - warning

    19:43:35.0679 1284 sptd - detected LockedFile.Multi.Generic (1)

    19:43:35.0725 1284 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:Windowssystem32DRIVERSsrv.sys

    19:43:35.0803 1284 srv - ok

    19:43:35.0835 1284 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:Windowssystem32DRIVERSsrv2.sys

    19:43:35.0850 1284 srv2 - ok

    19:43:35.0928 1284 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:Windowssystem32DRIVERSVSTAZL3.SYS

    19:43:35.0944 1284 SrvHsfHDA - ok

    19:43:36.0006 1284 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:Windowssystem32DRIVERSVSTDPV3.SYS

    19:43:36.0053 1284 SrvHsfV92 - ok

    19:43:36.0100 1284 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:Windowssystem32DRIVERSVSTCNXT3.SYS

    19:43:36.0147 1284 SrvHsfWinac - ok

    19:43:36.0193 1284 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:Windowssystem32DRIVERSsrvnet.sys

    19:43:36.0256 1284 srvnet - ok

    19:43:36.0334 1284 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:WindowsSystem32ssdpsrv.dll

    19:43:36.0396 1284 SSDPSRV - ok

    19:43:36.0427 1284 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:Windowssystem32sstpsvc.dll

    19:43:36.0490 1284 SstpSvc - ok

    19:43:36.0568 1284 Steam Client Service - ok

    19:43:36.0615 1284 stexstor (db32d325c192b801df274bfd12a7e72b) C:Windowssystem32DRIVERSstexstor.sys

    19:43:36.0630 1284 stexstor - ok

    19:43:36.0693 1284 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:WindowsSystem32wiaservc.dll

    19:43:36.0755 1284 StiSvc - ok

    19:43:36.0817 1284 storflt (472af0311073dceceaa8fa18ba2bdf89) C:Windowssystem32driversvmstorfl.sys

    19:43:36.0817 1284 storflt - ok

    19:43:36.0849 1284 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:Windowssystem32driversstorvsc.sys

    19:43:36.0864 1284 storvsc - ok

    19:43:36.0880 1284 swenum (e58c78a848add9610a4db6d214af5224) C:Windowssystem32driversswenum.sys

    19:43:36.0895 1284 swenum - ok

    19:43:36.0973 1284 swprv (a28bd92df340e57b024ba433165d34d7) C:WindowsSystem32swprv.dll

    19:43:37.0020 1284 swprv - ok

    19:43:37.0036 1284 Synth3dVsc - ok

    19:43:37.0114 1284 SynTP (cc3061ce537cb46ad71711f0df843383) C:Windowssystem32DRIVERSSynTP.sys

    19:43:37.0192 1284 SynTP - ok

    19:43:37.0410 1284 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:Windowssystem32sysmain.dll

    19:43:37.0473 1284 SysMain - ok

    19:43:37.0519 1284 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:WindowsSystem32TabSvc.dll

    19:43:37.0551 1284 TabletInputService - ok

    19:43:37.0644 1284 tap0901 (5c7c939bbd03784fe58c80578d065cc9) C:Windowssystem32DRIVERStap0901.sys

    19:43:37.0660 1284 tap0901 - ok

    19:43:37.0722 1284 TapiSrv (613bf4820361543956909043a265c6ac) C:WindowsSystem32tapisrv.dll

    19:43:37.0785 1284 TapiSrv - ok

    19:43:37.0847 1284 TBS (b799d9fdb26111737f58288d8dc172d9) C:WindowsSystem32tbssvc.dll

    19:43:37.0894 1284 TBS - ok

    19:43:37.0956 1284 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:Windowssystem32driverstcpip.sys

    19:43:38.0019 1284 Tcpip - ok

    19:43:38.0206 1284 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:Windowssystem32DRIVERStcpip.sys

    19:43:38.0237 1284 TCPIP6 - ok

    19:43:38.0362 1284 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:Windowssystem32driverstcpipreg.sys

    19:43:38.0409 1284 tcpipreg - ok

    19:43:38.0440 1284 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:Windowssystem32driverstdpipe.sys

    19:43:38.0487 1284 TDPIPE - ok

    19:43:38.0533 1284 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:Windowssystem32driverstdtcp.sys

    19:43:38.0565 1284 TDTCP - ok

    19:43:38.0611 1284 tdx (b459575348c20e8121d6039da063c704) C:Windowssystem32DRIVERStdx.sys

    19:43:38.0658 1284 tdx - ok

    19:43:38.0877 1284 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:Program FilesTeamViewerVersion7TeamViewer_Service.exe

    19:43:39.0001 1284 TeamViewer7 - ok

    19:43:39.0189 1284 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:Windowssystem32driverstermdd.sys

    19:43:39.0204 1284 TermDD - ok

    19:43:39.0267 1284 TermService (382c804c92811be57829d8e550a900e2) C:WindowsSystem32termsrv.dll

    19:43:39.0345 1284 TermService - ok

    19:43:39.0391 1284 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:Windowssystem32themeservice.dll

    19:43:39.0438 1284 Themes - ok

    19:43:39.0516 1284 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:Windowssystem32mmcss.dll

    19:43:39.0532 1284 THREADORDER - ok

    19:43:39.0579 1284 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:WindowsSystem32trkwks.dll

    19:43:39.0610 1284 TrkWks - ok

    19:43:39.0719 1284 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:WindowsservicingTrustedInstaller.exe

    19:43:39.0750 1284 TrustedInstaller - ok

    19:43:39.0781 1284 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:Windowssystem32DRIVERStssecsrv.sys

    19:43:39.0844 1284 tssecsrv - ok

    19:43:39.0906 1284 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:Windowssystem32driverstsusbflt.sys

    19:43:39.0922 1284 TsUsbFlt - ok

    19:43:39.0922 1284 tsusbhub - ok

    19:43:40.0000 1284 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:Windowssystem32DRIVERStunnel.sys

    19:43:40.0031 1284 tunnel - ok

    19:43:40.0093 1284 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:Windowssystem32DRIVERSuagp35.sys

    19:43:40.0109 1284 uagp35 - ok

    19:43:40.0156 1284 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:Windowssystem32DRIVERSudfs.sys

    19:43:40.0218 1284 udfs - ok

    19:43:40.0296 1284 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:Windowssystem32UI0Detect.exe

    19:43:40.0374 1284 UI0Detect - ok

    19:43:40.0452 1284 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:Windowssystem32driversuliagpkx.sys

    19:43:40.0468 1284 uliagpkx - ok

    19:43:40.0577 1284 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:Windowssystem32driversumbus.sys

    19:43:40.0608 1284 umbus - ok

    19:43:40.0671 1284 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:Windowssystem32DRIVERSumpass.sys

    19:43:40.0686 1284 UmPass - ok

    19:43:40.0749 1284 UmRdpService (409994a8eaceee4e328749c0353527a0) C:WindowsSystem32umrdp.dll

    19:43:40.0795 1284 UmRdpService - ok

    19:43:40.0858 1284 upnphost (833fbb672460efce8011d262175fad33) C:WindowsSystem32upnphost.dll

    19:43:40.0905 1284 upnphost - ok

    19:43:40.0951 1284 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:Windowssystem32DRIVERSusbccgp.sys

    19:43:40.0998 1284 usbccgp - ok

    19:43:41.0404 1284 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:Windowssystem32driversusbcir.sys

    19:43:41.0497 1284 usbcir - ok

    19:43:41.0685 1284 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:Windowssystem32driversusbehci.sys

    19:43:41.0763 1284 usbehci - ok

    19:43:41.0809 1284 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:Windowssystem32DRIVERSusbhub.sys

    19:43:41.0841 1284 usbhub - ok

    19:43:42.0028 1284 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:Windowssystem32driversusbohci.sys

    19:43:42.0075 1284 usbohci - ok

    19:43:42.0168 1284 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:Windowssystem32DRIVERSusbprint.sys

    19:43:42.0262 1284 usbprint - ok

    19:43:42.0309 1284 USBSTOR (f991ab9cc6b908db552166768176896a) C:Windowssystem32DRIVERSUSBSTOR.SYS

    19:43:42.0355 1284 USBSTOR - ok

    19:43:42.0402 1284 usbuhci (68df884cf41cdada664beb01daf67e3d) C:Windowssystem32driversusbuhci.sys

    19:43:42.0418 1284 usbuhci - ok

    19:43:42.0465 1284 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:WindowsSystem32Driversusbvideo.sys

    19:43:42.0511 1284 usbvideo - ok

    19:43:42.0730 1284 UxSms (081e6e1c91aec36758902a9f727cd23c) C:WindowsSystem32uxsms.dll

    19:43:42.0823 1284 UxSms - ok

    19:43:42.0979 1284 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:Windowssystem32lsass.exe

    19:43:42.0995 1284 VaultSvc - ok

    19:43:43.0073 1284 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:Windowssystem32driversvdrvroot.sys

    19:43:43.0089 1284 vdrvroot - ok

    19:43:43.0510 1284 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:WindowsSystem32vds.exe

    19:43:43.0619 1284 vds - ok

    19:43:43.0744 1284 vga (17c408214ea61696cec9c66e388b14f3) C:Windowssystem32DRIVERSvgapnp.sys

    19:43:43.0806 1284 vga - ok

    19:43:43.0884 1284 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:WindowsSystem32driversvga.sys

    19:43:43.0915 1284 VgaSave - ok

    19:43:43.0962 1284 VGPU - ok

    19:43:44.0056 1284 vhdmp (5461686cca2fda57b024547733ab42e3) C:Windowssystem32driversvhdmp.sys

    19:43:44.0071 1284 vhdmp - ok

    19:43:44.0134 1284 viaagp (c829317a37b4bea8f39735d4b076e923) C:Windowssystem32driversviaagp.sys

    19:43:44.0149 1284 viaagp - ok

    19:43:44.0165 1284 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:Windowssystem32DRIVERSviac7.sys

    19:43:44.0196 1284 ViaC7 - ok

    19:43:44.0243 1284 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:Windowssystem32driversviaide.sys

    19:43:44.0259 1284 viaide - ok

    19:43:44.0851 1284 vmbus (c2f2911156fdc7817c52829c86da494e) C:Windowssystem32driversvmbus.sys

    19:43:44.0945 1284 vmbus - ok

    19:43:44.0976 1284 VMBusHID (d4d77455211e204f370d08f4963063ce) C:Windowssystem32driversVMBusHID.sys

    19:43:44.0992 1284 VMBusHID - ok

    19:43:45.0039 1284 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:Windowssystem32driversvolmgr.sys

    19:43:45.0054 1284 volmgr - ok

    19:43:45.0117 1284 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:Windowssystem32driversvolmgrx.sys

    19:43:45.0132 1284 volmgrx - ok

    19:43:45.0163 1284 volsnap (f497f67932c6fa693d7de2780631cfe7) C:Windowssystem32driversvolsnap.sys

    19:43:45.0195 1284 volsnap - ok

    19:43:45.0241 1284 vpcbus (b26536add1d748cda104d856c979ae79) C:Windowssystem32DRIVERSvpchbus.sys

    19:43:45.0273 1284 vpcbus - ok

    19:43:45.0491 1284 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:Windowssystem32DRIVERSvpcnfltr.sys

    19:43:45.0585 1284 vpcnfltr - ok

    19:43:45.0819 1284 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:Windowssystem32DRIVERSvpcusb.sys

    19:43:45.0897 1284 vpcusb - ok

    19:43:45.0943 1284 vpcvmm (b487191fe18d6863381a1ac55482469a) C:Windowssystem32driversvpcvmm.sys

    19:43:45.0975 1284 vpcvmm - ok

    19:43:46.0084 1284 vsmraid (9dfa0cc2f8855a04816729651175b631) C:Windowssystem32DRIVERSvsmraid.sys

    19:43:46.0099 1284 vsmraid - ok

    19:43:46.0755 1284 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:Windowssystem32vssvc.exe

    19:43:46.0879 1284 VSS - ok

    19:43:46.0911 1284 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:Windowssystem32DRIVERSvwifibus.sys

    19:43:46.0957 1284 vwifibus - ok

    19:43:46.0973 1284 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:Windowssystem32DRIVERSvwififlt.sys

    19:43:46.0989 1284 vwififlt - ok

    19:43:47.0035 1284 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:Windowssystem32DRIVERSvwifimp.sys

    19:43:47.0051 1284 vwifimp - ok

    19:43:47.0129 1284 W32Time (55187fd710e27d5095d10a472c8baf1c) C:Windowssystem32w32time.dll

    19:43:47.0176 1284 W32Time - ok

    19:43:47.0238 1284 WacomPen (de3721e89c653aa281428c8a69745d90) C:Windowssystem32DRIVERSwacompen.sys

    19:43:47.0269 1284 WacomPen - ok

    19:43:47.0332 1284 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:Windowssystem32DRIVERSwanarp.sys

    19:43:47.0363 1284 WANARP - ok

    19:43:47.0363 1284 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:Windowssystem32DRIVERSwanarp.sys

    19:43:47.0394 1284 Wanarpv6 - ok

    19:43:47.0503 1284 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:Windowssystem32WatWatAdminSvc.exe

    19:43:47.0566 1284 WatAdminSvc - ok

    19:43:51.0481 1284 wbengine (691e3285e53dca558e1a84667f13e15a) C:Windowssystem32wbengine.exe

    19:43:51.0528 1284 wbengine - ok

    19:43:51.0606 1284 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:WindowsSystem32wbiosrvc.dll

    19:43:51.0653 1284 WbioSrvc - ok

    19:43:51.0700 1284 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:WindowsSystem32wcncsvc.dll

    19:43:51.0747 1284 wcncsvc - ok

    19:43:51.0762 1284 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:WindowsSystem32WcsPlugInService.dll

    19:43:51.0793 1284 WcsPlugInService - ok

    19:43:51.0903 1284 Wd (1112a9badacb47b7c0bb0392e3158dff) C:Windowssystem32DRIVERSwd.sys

    19:43:51.0918 1284 Wd - ok

    19:43:52.0246 1284 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:Windowssystem32driversWdf01000.sys

    19:43:52.0277 1284 Wdf01000 - ok

    19:43:52.0339 1284 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:Windowssystem32wdi.dll

    19:43:52.0371 1284 WdiServiceHost - ok

    19:43:52.0371 1284 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:Windowssystem32wdi.dll

    19:43:52.0386 1284 WdiSystemHost - ok

    19:43:53.0182 1284 WebClient (a9d880f97530d5b8fee278923349929d) C:WindowsSystem32webclnt.dll

    19:43:53.0275 1284 WebClient - ok

    19:43:53.0712 1284 Wecsvc (760f0afe937a77cff27153206534f275) C:Windowssystem32wecsvc.dll

    19:43:53.0806 1284 Wecsvc - ok

    19:43:53.0821 1284 wercplsupport (ac804569bb2364fb6017370258a4091b) C:WindowsSystem32wercplsupport.dll

    19:43:53.0868 1284 wercplsupport - ok

    19:43:53.0931 1284 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:WindowsSystem32WerSvc.dll

    19:43:53.0962 1284 WerSvc - ok

    19:43:53.0993 1284 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:Windowssystem32DRIVERSwfplwf.sys

    19:43:54.0040 1284 WfpLwf - ok

    19:43:54.0071 1284 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:Windowssystem32driverswimmount.sys

    19:43:54.0087 1284 WIMMount - ok

    19:43:54.0133 1284 winbondcir (3fa87d56769838aac82fafc3e78fc732) C:Windowssystem32DRIVERSwinbondcir.sys

    19:43:54.0165 1284 winbondcir - ok

    19:43:54.0336 1284 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:Program FilesWindows Defendermpsvc.dll

    19:43:54.0399 1284 WinDefend - ok

    19:43:54.0414 1284 WinHttpAutoProxySvc - ok

    19:43:54.0539 1284 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:Windowssystem32wbemWMIsvc.dll

    19:43:54.0601 1284 Winmgmt - ok

    19:43:54.0695 1284 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:Windowssystem32WsmSvc.dll

    19:43:54.0757 1284 WinRM - ok

    19:43:54.0882 1284 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:Windowssystem32DRIVERSWinUsb.sys

    19:43:54.0929 1284 WinUsb - ok

    19:43:55.0007 1284 Wlansvc (16935c98ff639d185086a3529b1f2067) C:WindowsSystem32wlansvc.dll

    19:43:55.0054 1284 Wlansvc - ok

    19:43:55.0288 1284 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

    19:43:55.0366 1284 wlidsvc - ok

    19:43:58.0455 1284 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:Windowssystem32driverswmiacpi.sys

    19:43:58.0517 1284 WmiAcpi - ok

    19:43:58.0969 1284 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:Windowssystem32wbemWmiApSrv.exe

    19:43:58.0985 1284 wmiApSrv - ok

    19:44:00.0108 1284 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:Program FilesWindows Media Playerwmpnetwk.exe

    19:44:00.0186 1284 WMPNetworkSvc - ok

    19:44:00.0405 1284 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:WindowsSystem32wpcsvc.dll

    19:44:00.0436 1284 WPCSvc - ok

    19:44:00.0467 1284 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:Windowssystem32wpdbusenum.dll

    19:44:00.0483 1284 WPDBusEnum - ok

    19:44:00.0592 1284 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:Windowssystem32driversws2ifsl.sys

    19:44:00.0654 1284 ws2ifsl - ok

    19:44:00.0670 1284 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:Windowssystem32wscsvc.dll

    19:44:00.0717 1284 wscsvc - ok

    19:44:00.0717 1284 WSearch - ok

    19:44:00.0841 1284 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:Windowssystem32wuaueng.dll

    19:44:00.0919 1284 wuauserv - ok

    19:44:01.0122 1284 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:Windowssystem32driversWudfPf.sys

    19:44:01.0169 1284 WudfPf - ok

    19:44:01.0231 1284 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:Windowssystem32DRIVERSWUDFRd.sys

    19:44:01.0263 1284 WUDFRd - ok

    19:44:01.0325 1284 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:WindowsSystem32WUDFSvc.dll

    19:44:01.0356 1284 wudfsvc - ok

    19:44:01.0419 1284 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:WindowsSystem32wwansvc.dll

    19:44:01.0450 1284 WwanSvc - ok

    19:44:01.0497 1284 XDva348 - ok

    19:44:01.0559 1284 XDva375 - ok

    19:44:01.0559 1284 XDva398 - ok

    19:44:01.0590 1284 ZTEusbmdm6k - ok

    19:44:01.0606 1284 ZTEusbnmea - ok

    19:44:01.0621 1284 ZTEusbser6k - ok

    19:44:01.0699 1284 MBR (0x1B8) (d7ad5aa31a559120c3ba48fd0a1b1636) DeviceHarddisk0DR0

    19:44:02.0277 1284 DeviceHarddisk0DR0 - ok

    19:44:02.0277 1284 Boot (0x1200) (7ab84eb7126d2a328b30165697b17a0c) DeviceHarddisk0DR0Partition0

    19:44:02.0277 1284 DeviceHarddisk0DR0Partition0 - ok

    19:44:02.0323 1284 Boot (0x1200) (f0755f009b0a8598e2f5d196a08268ed) DeviceHarddisk0DR0Partition1

    19:44:02.0339 1284 DeviceHarddisk0DR0Partition1 - ok

    19:44:02.0339 1284 ============================================================

    19:44:02.0339 1284 Scan finished

    19:44:02.0339 1284 ============================================================

    19:44:02.0355 5532 Detected object count: 10

    19:44:02.0355 5532 Actual detected object count: 10

    19:45:46.0829 5532 AtiHdmiService ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0829 5532 AtiHdmiService ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0830 5532 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0830 5532 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0834 5532 atitray ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0834 5532 atitray ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0837 5532 ETService ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0837 5532 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0840 5532 giveio ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0841 5532 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0844 5532 HyperDeskCustomThemeEnabler ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0844 5532 HyperDeskCustomThemeEnabler ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0847 5532 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0847 5532 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0851 5532 KMService ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0851 5532 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0854 5532 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user

    19:45:46.0855 5532 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip

    19:45:46.0858 5532 sptd ( LockedFile.Multi.Generic ) - skipped by user

    19:45:46.0858 5532 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

    aswMBR

    aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

    Run date: 2012-07-14 19:52:00

    -----------------------------

    19:52:00.099 OS Version: Windows 6.1.7601 Service Pack 1

    19:52:00.099 Number of processors: 2 586 0x170A

    19:52:00.101 ComputerName: ACTEPUKC UserName: Shteryan

    19:52:01.177 Initialize success

    19:52:06.539 AVAST engine defs: 12071400

    19:52:14.664 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIAAStorageDevice-1

    19:52:14.668 Disk 0 Vendor: ST932032 0303 Size: 305245MB BusType: 3

    19:52:14.706 Disk 0 MBR read successfully

    19:52:14.710 Disk 0 MBR scan

    19:52:14.716 Disk 0 Windows 7 default MBR code

    19:52:14.729 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048

    19:52:14.756 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 146477 MB offset 25167872

    19:52:14.802 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142848 MB offset 325152768

    19:52:14.845 Disk 0 Partition 4 00 12 Compaq diag NTFS 3630 MB offset 617705472

    19:52:14.854 Disk 0 scanning sectors +625139712

    19:52:14.964 Disk 0 scanning C:Windowssystem32drivers

    19:52:41.189 Service scanning

    19:53:12.794 Service sptd C:WindowsSystem32Driverssptd.sys **LOCKED** 32

    19:53:24.042 Modules scanning

    19:54:09.968 Disk 0 trace - called modules:

    19:54:10.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys sptd.sys

    19:54:10.031 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x88b7b030]

    19:54:10.031 3 CLASSPNP.SYS[8beb059e] -> nt!IofCallDriver -> [0x87b38420]

    19:54:10.046 5 ACPI.sys[8bda13d4] -> nt!IofCallDriver -> DeviceIdeIAAStorageDevice-1[0x86c8b028]

    19:54:10.967 AVAST engine scan C:

    21:17:20.664 File: C:UsersShteryanDownloadsheroonline_p2p_v1300.exe **INFECTED** Win32:Malware-gen

    21:17:21.554 File: C:UsersShteryanDownloadsheroonline_p2p_v1310.exe **INFECTED** Win32:Malware-gen

    23:15:44.008 Scan finished successfully

    23:18:38.890 Disk 0 MBR has been saved successfully to "C:UsersShteryanDesktopMBR.dat"

    23:18:39.406 The log file has been saved successfully to "C:UsersShteryanDesktopaswMBR.txt"

    Предния път ме попита дали искам да запиша (или да възстанови началния запис на MBR на Windows, когато му дадох да и изписа, че е презаписало 601 .. нещо си :) ако нещо грешно съм направил може би за това ми е станал черен екрана (не е заспал).

    Редактирано от AcTePuKc (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Файлът:

    C:UsersShteryanDownloadsheroonline_p2p_v1300.exe
    

    ..изпратете на VirusTotal за анализ.Резултата публикувайте в следващия си пост.

    Всъщност мен друго ме притеснява по вашата система и затова:

    • Моля изтеглете Farbar Recovery Scan Tool и го запазете на вашата флашка.
    • Сложете вашата флашка в заразения компютър.
    • Рестартирайте компютъра натискайки F8 и изберете Repair Your Computer. (дано да е налично - иначе ще е необходим инсталационен диск с Windows 7 за достигане до това меню).
    • Изберете английски език и натиснете Next.
    • Изберете потребителския си акаунт и въведете администраторската си парола (ако имате такава) и натиснете ОK. (ако нямате просто натиснете OK).
    • Изберете Command Prompt категорията.

      Публикувано изображение

    • Когато се появи графата за команди въведете командата notepad и натиснете Enter
    • В notepad от менютo File => изберете Open => посочете My Computer => и намерете буквата на вашата флашка и затворете notepad-a.
    • От менюто за команди напишете e:frst64.exe (заменете буквата на e: с тази на вашата флашка).
    • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
    • Натиснете бутона SCAN
    • Ще се създаде лог файл с името - FRST.txt на флашката.
    • Копирайте текста в следващия си пост.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Вечерта ще го направя, че в момента съм на работа ... и тоя DansGuardian не мога да го премина ...

    https://www.virustot...sis/1342459479/

    нещо не се получава This version of FRST is not compattible with your windows ... и така нататък ... ужас ... защото сте ми дали версията за 64 битов, а моя е 32 битов :x

    Редактирано от AcTePuKc (преглед на промените)
    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Извинявам се. Ето ви линк за 32 битовата версия:

    http://www.bleepingc...can-tool/dl/81/

    Инсртукцията е същата като променяте този ред:

    От менюто за команди напишете e:frst32.exe (заменете буквата на e: с тази на вашата флашка).

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 16-07-2012 01

    Ran by SYSTEM at 18-07-2012 20:02:39

    Running from H:

    Windows 7 Ultimate (X86) OS Language: English(US)

    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM...Run: [DudeServer] C:Program FilesDudedude.exe [x]

    HKLM...Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)

    HKLM...Run: [unlockerAssistant] "C:Program FilesUnlockerUnlockerAssistant.exe" [17408 2010-07-04] ()

    HKLM...Run: [amd_dc_opt] C:Program FilesAMDDual-Core Optimizeramd_dc_opt.exe [77824 2008-07-22] (AMD)

    HKLM...Run: [PLFSetL] C:WindowsPLFSetL.exe [94208 2008-07-03] (sonix)

    HKLM...Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARtHDVCpl.exe -s [11430504 2011-10-17] (Realtek Semiconductor)

    HKLM...Run: [synTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe [2274600 2011-06-23] (Synaptics Incorporated)

    HKLM...Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)

    HKLM...Run: [bonus.SSR.FR10] "C:Program FilesABBYY FineReader 10Bonus.ScreenshotReader.exe" /autorun [941320 2011-06-08] (ABBYY.)

    HKLM...Run: [DivXUpdate] "C:Program FilesDivXDivX UpdateDivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()

    HKLM...Run: [startCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun [641664 2012-04-05] (Advanced Micro Devices, Inc.)

    HKLM...Run: [sunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)

    HKLM...Run: [LManager] C:Program FilesLaunch ManagerLManager.EXE [842248 2009-09-15] (Dritek System Inc.)

    HKUDefault...Run: [sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun [x]

    HKUShteryan...Run: [iSUSPM] "C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler [213936 2006-03-20] (Macrovision Corporation)

    HKUShteryan...Run: [AtiTrayTools] "C:Program FilesRay AdamsATI Tray Toolsatitray.exe" [929792 2011-04-16] (Ray Adams)

    HKUShteryan...Run: [uTorrent] "C:Program FilesuTorrentuTorrent.exe" /MINIMIZED [904080 2012-07-04] (BitTorrent, Inc.)

    HKUShteryan...Run: [skype] "C:Program FilesSkypePhoneSkype.exe" /minimized /regrun [17344176 2012-06-05] (Skype Technologies S.A.)

    HKUShteryan...Run: [RocketDock] "C:Program FilesRocketDockRocketDock.exe" [495616 2007-09-02] ()

    HKUShteryan...Run: [steam] "C:Program FilesSteamsteam.exe" -silent [1242448 2012-05-22] (Valve Corporation)

    HKUShteryan...Run: [Google Update] "C:UsersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe" /c [136176 2010-12-16] (Google Inc.)

    HKUShteryan...Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools LiteDTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)

    HKLM...RunOnce: [b Register C:Program FilesDivXDivX Plus DirectShow FiltersDirectShowDemuxFilter.dll] "C:Windowssystem32rundll32.exe" "C:Program FilesDivXDivX Plus DirectShow FiltersDirectShowDemuxFilter.dll",DllRegisterServer [1581056 2010-12-21] (DivX, Inc.)

    TcpipParameters: [DhcpNameServer] 192.168.1.1

    Tcpip..Interfaces{02C1951F-38D9-4B31-9F1C-7A3AC0D9AAA8}: [NameServer]212.39.90.42,212.39.90.43

    ================================ Services (Whitelisted) ==================

    2 appdrvrem01; C:WindowsSystem32appdrvrem01.exe svc [316888 2011-12-17] (Protection Technology)

    3 c2wts; C:Program FilesWindows Identity Foundationv3.5c2wtshost.exe [13080 2010-01-17] (Microsoft Corporation)

    2 Diskeeper; "C:Program FilesDiskeeper CorporationDiskeeperDkService.exe" [2153808 2011-04-01] (Diskeeper Corporation)

    2 ETService; C:Program FilesAcerEmpowering TechnologyServiceETService.exe [24576 2008-08-19] ()

    2 eventlog; C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)

    2 Hamachi2Svc; "C:Program FilesLogMeIn Hamachihamachi-2.exe" -s [1361288 2011-08-04] (LogMeIn Inc.)

    2 KMService; C:Windowssystem32srvany.exe [8192 2011-01-05] ()

    2 Live Updater Service; C:Program FilesAcerAcer UpdaterUpdaterService.exe [255376 2012-04-05] (Acer Incorporated)

    3 npggsvc; C:Windowssystem32GameMon.des -service [4756216 2011-05-03] (INCA Internet Co., Ltd.)

    2 OMSI download service; C:Program FilesSony EricssonSony Ericsson PC SuiteSupServ.exe [90112 2009-04-30] ()

    2 SkypeUpdate; "C:Program FilesSkypeUpdaterUpdater.exe" [160944 2012-06-05] (Skype Technologies)

    2 avast! Antivirus; "C:Program FilesAVAST SoftwareAvastAvastSvc.exe" [x]

    3 NSJCPVCBTKW; C:UsersShteryanAppDataLocalTempNSJCPVCBTKW.exe [x]

    2 PSI_SVC_2; "c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe" [x]

    ========================== Drivers (Whitelisted) =============

    3 AmdLLD; C:WindowsSystem32DRIVERSAmdLLD.sys [34304 2007-06-29] (AMD, Inc.)

    1 appdrv01; C:WindowsSystem32Driversappdrv01.sys [3332784 2011-12-17] (Protection Technology)

    2 aswMonFlt; ??C:Windowssystem32driversaswMonFlt.sys [57688 2012-03-02] (AVAST Software)

    1 AswRdr; C:WindowsSystem32DriversAswRdr.sys [35672 2012-03-02] (AVAST Software)

    1 aswSnx; C:WindowsSystem32DriversaswSnx.sys [611672 2012-03-02] (AVAST Software)

    3 AtiHdmiService; C:WindowsSystem32driversAtiHdmi.sys [100352 2010-01-28] (ATI Technologies, Inc.)

    1 ATITool; C:WindowsSystem32DRIVERSATITool.sys [24064 2006-11-10] ()

    1 atitray; ??C:Program FilesRay AdamsATI Tray Toolsatitray.sys [20384 2011-03-27] ()

    3 DKRtWrt; C:WindowsSystem32DRIVERSDKRtWrt.sys [38608 2011-02-13] (Diskeeper Corporation)

    0 flqf4nvb; C:WindowsSystem32Driversflqf4nvb.sys [35904 2010-10-15] (VirusBlokAda Ltd.)

    3 gdrv; ??C:Windowsgdrv.sys [17488 2011-02-05] (Windows ® 2000 DDK provider)

    0 giveio; C:WindowsSystem32giveio.sys [5248 1996-04-03] ()

    3 hamachi; C:WindowsSystem32DRIVERShamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

    2 HyperDeskCustomThemeEnabler; "C:WindowsInstallerMSI2CDD.tmp" -service [86016 2010-04-25] ()

    3 jrdusbser; C:WindowsSystem32DRIVERSjrdusbser.sys [105344 2009-11-16] (TCT International Mobile Ltd)

    3 KMWDFILTERx86; C:WindowsSystem32DRIVERSKMWDFILTER.sys [25088 2009-04-29] (Windows ® Codename Longhorn DDK provider)

    3 L1E; C:WindowsSystem32DRIVERSL1E62x86.sys [55848 2010-03-29] (Atheros Communications, Inc.)

    3 MonitorFunction; C:WindowsSystem32DRIVERSTVMonitor.sys [13304 2011-01-12] (TeamViewer GmbH)

    2 npf; C:WindowsSystem32driversnpf.sys [50704 2010-01-26] (CACE Technologies, Inc.)

    3 nuvotoncir; C:WindowsSystem32DRIVERSnuvotoncir.sys [44544 2009-06-24] (Nuvoton Technology Corporation)

    3 pcouffin; C:WindowsSystem32Driverspcouffin.sys [47360 2010-06-23] (VSO Software)

    3 PsSdk40; ??C:Windowssystem32Driverspssdk40.sys [36928 2012-03-29] (microOLAP Technologies LTD)

    3 PsSdkLBF; ??C:Windowssystem32Driverspssdklbf.sys [53312 2012-03-29] (microOLAP Technologies LTD)

    3 RTHDMIAzAudService; C:WindowsSystem32driversRtHDMIV.sys [263464 2010-11-23] (Realtek Semiconductor Corp.)

    3 s1018bus; C:WindowsSystem32DRIVERSs1018bus.sys [86824 2009-03-25] (MCCI Corporation)

    3 s1018mdfl; C:WindowsSystem32DRIVERSs1018mdfl.sys [15016 2009-03-25] (MCCI Corporation)

    3 s1018mdm; C:WindowsSystem32DRIVERSs1018mdm.sys [114728 2009-03-25] (MCCI Corporation)

    3 s1018mgmt; C:WindowsSystem32DRIVERSs1018mgmt.sys [106208 2009-03-25] (MCCI Corporation)

    3 s1018nd5; C:WindowsSystem32DRIVERSs1018nd5.sys [26024 2009-03-25] (MCCI Corporation)

    3 s1018obex; C:WindowsSystem32DRIVERSs1018obex.sys [104744 2009-03-25] (MCCI Corporation)

    3 s1018unic; C:WindowsSystem32DRIVERSs1018unic.sys [109864 2009-03-25] (MCCI Corporation)

    3 SIVDRIVER; ??C:Windowssystem32DriversSIVX32.sys [65600 2010-06-13] (Ray Hinchliffe)

    3 SNP2UVC; C:WindowsSystem32DRIVERSsnp2uvc.sys [1769984 2007-10-01] ()

    0 speedfan; C:WindowsSystem32speedfan.sys [25240 2011-03-18] (Almico Software)

    0 sptd; C:WindowsSystem32Driverssptd.sys [428088 2011-12-13] (Duplex Secure Ltd.)

    3 tap0901; C:WindowsSystem32DRIVERStap0901.sys [25984 2009-12-11] (The OpenVPN Project)

    3 vpcbus; C:WindowsSystem32DRIVERSvpchbus.sys [172416 2010-11-20] (Microsoft Corporation)

    1 vpcnfltr; C:WindowsSystem32DRIVERSvpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)

    3 vpcusb; C:WindowsSystem32DRIVERSvpcusb.sys [78336 2010-11-20] (Microsoft Corporation)

    1 vpcvmm; C:WindowsSystem32driversvpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)

    3 winbondcir; C:WindowsSystem32DRIVERSwinbondcir.sys [43008 2007-03-27] (Winbond Electronics Corporation)

    3 catchme; ??C:UsersShteryanAppDataLocalTempcatchme.sys [x]

    3 cpuz130; ??C:UsersShteryanAppDataLocalTempcpuz130cpuz_x32.sys [x]

    3 EagleNT; ??C:Windowssystem32driversEagleNT.sys [x]

    3 ewusbnet; C:WindowsSystem32DRIVERSewusbnet.sys [x]

    3 ew_hwusbdev; C:WindowsSystem32DRIVERSew_hwusbdev.sys [x]

    3 FreshIO; ??C:Program FilesFreshDevicesFreshDiagnoseFreshIO.sys [x]

    3 GarenaPEngine; ??C:UsersShteryanAppDataLocalTempMJJ2536.tmp [x]

    3 GGSAFERDriver; ??C:Program FilesGarena PlusRoomsafedrv.sys [x]

    3 huawei_enumerator; C:WindowsSystem32DRIVERSew_jubusenum.sys [x]

    3 hwdatacard; C:WindowsSystem32DRIVERSewusbmdm.sys [x]

    3 ManyCam; C:WindowsSystem32DRIVERSManyCam.sys [x]

    2 mdmxsdk; C:WindowsSystem32DRIVERSmdmxsdk.sys [x]

    1 ntiomin; [x]

    3 PCANDIS4_RETWIFI; ??C:PROGRA~1eEye Digital SecurityRetina Wireless ScannerPCANDIS4_RETWIFI.SYS [x]

    3 PCANDIS5_WIFISCAN.SYS; ??C:Program FileseEye Digital SecurityRetina Wireless ScannerPCANDIS5_WIFISCAN.SYS [x]

    3 SANDRA; ??C:Program FilesSiSoftwareSiSoftware Sandra Lite 2009.SP4WNt500x86Sandra.sys [x]

    3 Synth3dVsc; C:WindowsSystem32driverssynth3dvsc.sys [x]

    3 tsusbhub; C:WindowsSystem32driverstsusbhub.sys [x]

    3 VGPU; C:WindowsSystem32driversrdvgkmd.sys [x]

    3 XDva348; ??C:Windowssystem32XDva348.sys [x]

    3 XDva375; ??C:Windowssystem32XDva375.sys [x]

    3 XDva398; ??C:Windowssystem32XDva398.sys [x]

    3 ZTEusbmdm6k; C:WindowsSystem32DRIVERSZTEusbmdm6k.sys [x]

    3 ZTEusbnmea; C:WindowsSystem32DRIVERSZTEusbnmea.sys [x]

    3 ZTEusbser6k; C:WindowsSystem32DRIVERSZTEusbser6k.sys [x]

    ========================== NetSvcs (Whitelisted) ===========

    ============ One Month Created Files and Folders ==============

    2012-07-17 16:55 - 2012-07-17 16:55 - 00015006 ____A C:UsersShteryanDownloads%5BIceFanSubs%5D Chrome Shelled Regios - 01 %5Bon%5D.torrent

    2012-07-16 09:49 - 2012-07-16 09:49 - 00000000 ____D C:Program FilesDAEMON Tools Lite

    2012-07-15 03:47 - 2012-07-16 09:46 - 00000112 ____A C:Windowssetupact.log

    2012-07-15 03:47 - 2012-07-15 03:47 - 00000000 ____A C:Windowssetuperr.log

    2012-07-14 19:07 - 2012-07-14 19:07 - 00703533 ____A C:UsersShteryanDownloadshldsupdatetool.exe

    2012-07-14 19:07 - 2012-07-14 19:07 - 00000000 ____D C:Program FilesValve

    2012-07-14 19:04 - 2012-07-14 19:04 - 00000000 ____D C:UsersShteryanAppDataRoamingPrism

    2012-07-14 19:04 - 2012-07-14 19:04 - 00000000 ____D C:UsersShteryanAppDataLocalPrism

    2012-07-14 19:03 - 2012-07-14 19:03 - 00000215 ____A C:UsersShteryanDesktopIron Grip Marauders.url

    2012-07-14 12:18 - 2012-07-14 12:18 - 00002209 ____A C:UsersShteryanDesktopaswMBR.txt

    2012-07-14 12:18 - 2012-07-14 12:18 - 00000512 ____A C:UsersShteryanDesktopMBR.dat

    2012-07-14 08:38 - 2012-07-14 08:38 - 02135640 ____A (Kaspersky Lab ZAO) C:UsersShteryanDesktoptdsskiller.exe

    2012-07-14 05:23 - 2012-07-18 08:28 - 00000986 ____A C:WindowsTasksGoogleUpdateTaskMachineUA.job

    2012-07-14 03:11 - 2012-07-14 03:11 - 04731392 ____A (AVAST Software) C:UsersShteryanDesktopaswMBR.exe

    2012-07-14 01:21 - 2012-07-18 08:26 - 00001020 ____A C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001UA.job

    2012-07-13 15:39 - 2012-07-13 15:39 - 00016867 ____A C:UsersShteryanDownloadsLibO_3.5.5_Win_x86_install_multi.msi.torrent

    2012-07-13 15:34 - 2012-07-13 15:34 - 00012421 ____A C:UsersShteryanDownloads[ATF] New Fist of the North Star OVA [c] [480p].torrent

    2012-07-13 14:10 - 2012-07-13 14:10 - 00019143 ____A C:UsersShteryanDownloads[EROBEAT] Masaru Ashita no Yukinojou 2 [c][unc].torrent

    2012-07-13 14:08 - 2012-07-13 14:08 - 00013380 ____A C:UsersShteryanDownloads[TerrorFanSubs] Asa Made Jugyou Chu! [bD 720p 480p] [c] [unc] (1).torrent

    2012-07-13 12:44 - 2012-07-13 12:45 - 03329297 ____A C:Qoobox.zip

    2012-07-13 12:38 - 2012-07-13 12:38 - 00023956 ____A C:ComboFix.txt

    2012-07-13 12:11 - 2011-06-25 22:45 - 00256000 ____A C:WindowsPEV.exe

    2012-07-13 12:11 - 2010-11-07 09:20 - 00208896 ____A C:WindowsMBR.exe

    2012-07-13 12:11 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:WindowsNIRCMD.exe

    2012-07-13 12:11 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:WindowsSWREG.exe

    2012-07-13 12:11 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:WindowsSWSC.exe

    2012-07-13 12:11 - 2000-08-30 16:00 - 00098816 ____A C:Windowssed.exe

    2012-07-13 12:11 - 2000-08-30 16:00 - 00080412 ____A C:Windowsgrep.exe

    2012-07-13 12:11 - 2000-08-30 16:00 - 00068096 ____A C:Windowszip.exe

    2012-07-13 12:10 - 2012-07-13 12:38 - 00000000 ____D C:Qoobox

    2012-07-13 12:09 - 2012-07-13 12:35 - 00000000 ____D C:Windowserdnt

    2012-07-13 11:09 - 2012-07-13 11:09 - 04577833 ____R (Swearware) C:UsersShteryanDesktopComboFix.exe

    2012-07-13 09:36 - 2012-07-13 09:36 - 00023946 ____A C:UsersShteryanDesktopdds.txt

    2012-07-13 09:36 - 2012-07-13 09:36 - 00009431 ____A C:UsersShteryanDesktopattach.txt

    2012-07-13 09:33 - 2012-07-13 09:33 - 00492146 ____R (Swearware) C:UsersShteryanDesktopdds.exe

    2012-07-13 09:21 - 2005-10-19 23:49 - 00000555 ____A C:UsersShteryanDesktopLangBar.reg

    2012-07-13 09:20 - 2012-07-13 09:20 - 00000393 ____A C:UsersShteryanDownloadsLangBar.zip

    2012-07-10 15:54 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll

    2012-07-10 15:54 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll

    2012-07-10 15:54 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:WindowsSystem32url.dll

    2012-07-10 15:54 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll

    2012-07-10 15:54 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe

    2012-07-10 15:54 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll

    2012-07-10 15:54 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll

    2012-07-10 15:54 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll

    2012-07-10 15:54 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb

    2012-07-10 15:54 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll

    2012-07-10 15:53 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll

    2012-07-10 15:53 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll

    2012-07-10 15:53 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll

    2012-07-10 15:53 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl

    2012-07-10 15:47 - 2012-06-11 18:40 - 02345984 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys

    2012-07-10 15:44 - 2012-06-01 20:45 - 00134000 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

    2012-07-10 15:44 - 2012-06-01 20:45 - 00067440 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecdd.sys

    2012-07-10 15:44 - 2012-06-01 20:40 - 00369336 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

    2012-07-10 15:44 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

    2012-07-10 15:44 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

    2012-07-10 15:44 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

    2012-07-10 15:43 - 2012-07-10 15:43 - 00015528 ____A C:UsersShteryanDownloads[TokiSubs] Gunslinger Girl Il Teatrino [bD 1280x720 x264 AC-3 5.1ch][c].torrent

    2012-07-10 15:10 - 2012-07-10 15:10 - 00016494 ____A C:UsersShteryanDownloads[MushiSubs] La storia della Arcana Famiglia - 02 [720p, 10b, 1280x720][bG].torrent

    2012-07-10 11:27 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:WindowsSystem32shell32.dll

    2012-07-10 11:27 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:WindowsSystem32msxml6.dll

    2012-07-10 11:27 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:WindowsSystem32msxml3.dll

    2012-07-10 11:27 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:WindowsSystem32cdosys.dll

    2012-07-10 11:27 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:WindowsSystem32msxml3r.dll

    2012-07-08 16:48 - 2012-07-08 16:48 - 00020178 ____A C:UsersShteryanDownloads[RyuKo] Haiyore! Nyaruko-san - 1-3 [720p] [on].torrent

    2012-07-08 16:03 - 2012-07-08 16:03 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 38 [1280x720 x264 AAC][bG].torrent

    2012-07-06 17:40 - 2012-07-06 17:40 - 00011433 ____A C:UsersShteryanDownloads[shinigami Subs] Detroit Metal City - 02v2 [720p] [bG].torrent

    2012-07-06 14:07 - 2012-05-13 22:12 - 00086656 ____A (Advanced Micro Devices) C:WindowsSystem32DriversAtihdW73.sys

    2012-07-06 13:59 - 2012-07-06 13:59 - 00976040 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_32-bit_util (1).exe

    2012-07-06 13:57 - 2012-07-06 13:57 - 01174104 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_64-bit_util (1).exe

    2012-07-05 11:11 - 2012-07-05 11:12 - 15126342 ____A C:UsersShteryanDownloadsPotPlayer1.5.33573.EXE

    2012-07-05 11:10 - 2012-07-05 11:12 - 28926728 ____A C:UsersShteryanDownloadsKMPlayer_EN_3.3.0.30.exe

    2012-07-05 09:40 - 2012-07-05 09:40 - 00018251 ____A C:UsersShteryanDownloads[TerrorFanSubs] Kore wa Zombie Desuka - Of the Dead (MX 1280x720 x264 AAC) [c].torrent

    2012-07-04 16:26 - 2012-07-04 16:26 - 00016372 ____A C:UsersShteryanDownloads[shinigami Subs] Detroit Metal City - 01 [720p] [bG].torrent

    2012-07-04 11:09 - 2012-07-04 11:10 - 00000000 ____D C:UsersShteryanDocumentsDungeons and Dragons Online

    2012-07-02 14:28 - 2012-07-02 14:28 - 00011494 ____A C:UsersShteryanDownloads[MushiSubs] La storia della Arcana Famiglia - 01 [720p, 10b, 1280x720][bG].torrent

    2012-07-02 13:20 - 2012-07-02 13:20 - 00035849 ____A C:UsersShteryanDownloadsfalling.skies.s02e04.hdtv.x264-2hd(subsunacs.net).rar

    2012-07-02 13:16 - 2012-07-02 13:16 - 00014516 ____A C:UsersShteryanDownloadsFalling.Skies.S02E04.HDTV.XviD-D3L.torrent

    2012-07-02 09:55 - 2012-07-02 09:55 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 37 [1280x720 x264 AAC][bG].torrent

    2012-07-01 18:30 - 2012-07-01 18:30 - 00008448 ____A C:UsersShteryanDownloadsThe Listener - S03E04.DVBRip-Zamunda.NET.torrent

    2012-07-01 18:29 - 2012-07-01 18:29 - 00053663 ____A C:UsersShteryanDownloadslockout(subsunacs.net).rar

    2012-07-01 18:29 - 2012-07-01 18:29 - 00008448 ____A C:UsersShteryanDownloadsThe Listener - S03E03.DVBRip-Zamunda.NET.torrent

    2012-07-01 18:28 - 2012-07-01 18:29 - 00014419 ____A C:UsersShteryanDownloadsLockout.UNRATED.BDRip.XviD-COCAIN.torrent

    2012-07-01 14:29 - 2012-07-01 14:29 - 00008944 ____A C:WindowsDPINST.LOG

    2012-07-01 14:23 - 2012-07-01 14:23 - 00000000 ____A C:WindowsSetup.INI

    2012-07-01 12:27 - 2012-07-01 12:27 - 00002370 ____A C:UsersShteryanDownloadsRemoveWAT v2.2.6.torrent

    2012-07-01 12:10 - 2012-07-01 12:10 - 01673027 ____A C:UsersShteryanDownloadsWindows Loader v2.1.5.zip

    2012-07-01 11:51 - 2012-07-01 11:51 - 00174064 ____A (Oracle Corporation) C:WindowsSystem32javaw.exe

    2012-07-01 11:51 - 2012-07-01 11:51 - 00174064 ____A (Oracle Corporation) C:WindowsSystem32java.exe

    2012-07-01 11:51 - 2012-05-04 08:29 - 00227720 ____A (Oracle Corporation) C:WindowsSystem32javaws.exe

    2012-07-01 03:11 - 2012-07-01 03:21 - 00009548 ____A C:UsersShteryanDownloadsautoexec.cfg

    2012-06-30 16:33 - 2012-06-30 16:33 - 00009896 ____A C:UsersShteryanDownloadstu_1x05_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00025496 ____A C:UsersShteryanDownloadstu_1x04_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00024388 ____A C:UsersShteryanDownloadstu_1x02_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00020156 ____A C:UsersShteryanDownloadstu_1x03_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00019612 ____A C:UsersShteryanDownloadstu_1x01_e_tle(subsunacs.net).rar

    2012-06-30 16:28 - 2012-06-30 16:28 - 00054842 ____A C:UsersShteryanDownloadsTron.Uprising.S01E05.Identity.720p.WEB-DL.DD5.1.H264-NTb.mkv.torrent

    2012-06-30 16:28 - 2012-06-30 16:28 - 00020883 ____A C:UsersShteryanDownloadstron.uprising.s01e04.blackout.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00020936 ____A C:UsersShteryanDownloadstron.uprising.s01e02.the.renegade.part.1.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00011077 ____A C:UsersShteryanDownloadstron.uprising.s01e03.the.renegade.part.2.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00010926 ____A C:UsersShteryanDownloadsTron.Uprising.S01E01.Becks.Beginning.720p.WEB.DL.DD5.1.H264.torrent

    2012-06-30 15:57 - 2012-06-30 15:57 - 00013182 ____A C:UsersShteryanDownloadsNight Shift Nurses 2 [c][unc].torrent

    2012-06-30 15:43 - 2012-04-30 20:44 - 00164352 ____A (Microsoft Corporation) C:WindowsSystem32profsvc.dll

    2012-06-30 15:42 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:WindowsSystem32crypt32.dll

    2012-06-30 15:42 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:WindowsSystem32cryptsvc.dll

    2012-06-30 15:42 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:WindowsSystem32cryptnet.dll

    2012-06-30 13:07 - 2012-06-30 13:07 - 00039317 ____A C:UsersShteryanDownloadsfalling.skies.s02e01(subsunacs.net).rar

    2012-06-30 13:06 - 2012-06-30 13:06 - 00044270 ____A C:UsersShteryanDownloadsfalling.skies.s02e03(subsunacs.net).rar

    2012-06-30 13:04 - 2012-06-30 13:04 - 00041243 ____A C:UsersShteryanDownloadsfalling_skies_s02e02(subsunacs.net).rar

    2012-06-30 13:04 - 2012-06-30 13:04 - 00029198 ____A C:UsersShteryanDownloadsFalling.Skies.S02E02.HDTV.XviD-AFG.avi.torrent

    2012-06-30 13:04 - 2012-06-30 13:04 - 00014496 ____A C:UsersShteryanDownloadsFalling.Skies.S02E03.HDTV.XviD-D3L.torrent

    2012-06-30 12:57 - 2012-06-30 12:57 - 00027817 ____A C:UsersShteryanDownloadsFalling.Skies.S02E01.HDTV.XviD-AFG.avi.torrent

    2012-06-30 10:47 - 2012-06-30 10:51 - 00000000 ____D C:UsersShteryanAppDataRoamingDarkBlood ServiceNa

    2012-06-30 07:44 - 2012-06-30 07:44 - 00000713 ____A C:UsersPublicDesktopDarkBlood Online.lnk

    2012-06-30 07:37 - 2012-06-30 07:37 - 00235221 ____A C:UsersShteryanDownloadsCustomKeys (1).txt

    2012-06-30 07:26 - 2012-06-30 07:27 - 49663816 ____A C:UsersShteryanDownloadsGarenaPlus_Install (1).exe

    2012-06-30 07:00 - 2012-06-30 07:31 - 1866118597 ____A (Acresso Software Inc.) C:UsersShteryanDownloadsDarkBloodSetup_120626.exe

    2012-06-27 12:23 - 2012-06-27 12:23 - 00111846 ____A C:UsersShteryanDownloadsFallingSkies_S01_HDTV.(subs.sab.bz).rar

    2012-06-27 12:21 - 2012-06-27 12:21 - 00019839 ____A C:UsersShteryanDownloadsFalling.Skies.S01.HDTV.XviD-Zamunda.torrent

    2012-06-27 12:17 - 2012-06-27 12:17 - 00047682 ____A C:UsersShteryanDownloadseureka.s05e10(subsunacs.net).rar

    2012-06-27 12:16 - 2012-06-27 12:16 - 00103546 ____A C:UsersShteryanDownloadseureka.s05e08(subsunacs.net).rar

    2012-06-27 12:16 - 2012-06-27 12:16 - 00027175 ____A C:UsersShteryanDownloadsEureka.S05E10.HDTV.x264-ASAP.mp4.torrent

    2012-06-27 12:16 - 2012-06-27 12:16 - 00014494 ____A C:UsersShteryanDownloadsEureka.S05E08.HDTV.XviD-D3L.torrent

    2012-06-27 10:15 - 2012-06-27 10:15 - 00013962 ____A C:UsersShteryanDownloads[TokiSubs] Hidan no Aria 13 [bDrip 1280x720 x264 AAC][c].torrent

    2012-06-26 15:59 - 2012-06-26 15:59 - 00015498 ____A C:UsersShteryanDownloadsKaydara 2011 BRRIP.XVID-WBZ.torrent

    2012-06-26 13:44 - 2012-06-26 13:44 - 00043854 ____A C:UsersShteryanDownloadscontinuum.s01e05(subsunacs.net).rar

    2012-06-26 13:43 - 2012-06-26 13:43 - 00015062 ____A C:UsersShteryanDownloadsContinuum.S01E05.RERip.HDTV.XviD-D3L.torrent

    2012-06-26 13:04 - 2012-06-26 13:04 - 00048807 ____A C:UsersShteryanDownloadscontinuum.s01e04(subsunacs.net).rar

    2012-06-26 12:17 - 2012-06-26 12:17 - 00086033 ____A C:UsersShteryanDownloadscontinuum.s01e03(subsunacs.net).rar

    2012-06-26 12:17 - 2012-06-26 12:17 - 00029227 ____A C:UsersShteryanDownloadsContinuum.S01E03.REPACK.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:17 - 2012-06-26 12:17 - 00029175 ____A C:UsersShteryanDownloadsContinuum.S01E04.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:02 - 2012-06-26 12:02 - 00080269 ____A C:UsersShteryanDownloadscontinuum.s01e02(subsunacs.net).rar

    2012-06-26 12:01 - 2012-06-26 12:01 - 00029199 ____A C:UsersShteryanDownloadsContinuum.S01E02.REPACK.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:01 - 2012-06-26 12:01 - 00027013 ____A C:UsersShteryanDownloadsc_1x01_e_tlepandora(subsunacs.net).rar

    2012-06-26 12:01 - 2012-06-26 12:01 - 00014943 ____A C:UsersShteryanDownloadsContinuum.S01E01.HDTV.XviD-D3L.torrent

    2012-06-26 09:35 - 2012-06-26 09:35 - 00084780 ____A C:UsersShteryanDesktopsystav2.cdr

    2012-06-25 13:57 - 2012-06-25 13:57 - 00008000 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___109___Out_of_the_Past__C_P_.(subs.sab.bz).7z

    2012-06-25 13:57 - 2012-06-25 13:57 - 00007323 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E10.Turning.The.Tides.720p.HDTV.h264-OOO.srt.zip

    2012-06-25 12:52 - 2012-06-25 12:52 - 00017156 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___01x08._subs.sab.bz_.(subs.sab.bz).rar

    2012-06-25 12:52 - 2012-06-25 12:52 - 00016837 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___107___The_Aftermath.(subs.sab.bz).rar

    2012-06-25 12:45 - 2012-06-25 12:45 - 00011210 ____A C:UsersShteryanDownloadsthe.legend.of.korra.s01e05.the.spirit.of.competition.720p.hdtv.h264-ooo(subsunacs.net).rar

    2012-06-25 12:45 - 2012-06-25 12:45 - 00009535 ____A C:UsersShteryanDownloadsthe_legend_of_korra_-_01x06(subsunacs.net).rar

    2012-06-25 12:27 - 2012-06-25 12:27 - 00009953 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra_S01E04.(subs.sab.bz).rar

    2012-06-25 12:16 - 2012-06-25 12:16 - 00010207 ____A C:UsersShteryanDownloadsthe.last.airbender.the.legend.of.korra.2012.bgsubs.1cd.4527548(subsunacs.net).rar

    2012-06-25 11:31 - 2012-06-25 11:31 - 00012624 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E11.Skeletons.in.the.Closet[720p][secludedly].torrent

    2012-06-25 11:31 - 2012-06-25 11:31 - 00012556 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E12.Endgame[720p][secludedly].torrent

    2012-06-25 11:30 - 2012-06-25 11:30 - 00017769 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E10.Turning.The.Tides.720p.HDTV.h264-OOO.torrent

    2012-06-25 11:28 - 2012-06-25 11:28 - 00014362 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E09.Out.of.the.Past.torrent

    2012-06-25 11:19 - 2012-06-25 11:19 - 00017272 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E08.When.Extremes.Meet.720p.HDTV.h264-OOO.torrent

    2012-06-25 11:19 - 2012-06-25 11:19 - 00013896 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E07.The.Aftermath.torrent

    2012-06-25 11:00 - 2012-06-25 11:00 - 00019634 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E06.720p.HDTV.x264-HWE.torrent

    2012-06-25 10:44 - 2012-06-25 10:44 - 00017353 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E05.The.Spirit.Of.Competition.720p.HDTV.h264-OOO.torrent

    2012-06-25 10:26 - 2012-06-25 10:26 - 00014988 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E04.720p.WEB-DL.AAC2.0.H264-SLOMO.torrent

    2012-06-25 10:25 - 2012-06-25 10:25 - 00018360 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E03.The.Revelation.720p.HDTV.h264.torrent

    2012-06-25 09:34 - 2012-06-25 09:34 - 00018338 ____A C:UsersShteryanDownloads[sugoiFanSubs] Avatar The Legend of Korra - 01+02 [1280x720 x264 AAC].mkv.torrent

    2012-06-24 17:54 - 2012-06-24 17:54 - 00013209 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 36 [1280x720 x264 AAC][bG].torrent

    2012-06-23 02:48 - 2012-06-23 02:48 - 00028908 ____A C:UsersShteryanDownloadsChronicle.2012.DC.480p.BRRip.XviD.AC3-AsA.torrent

    2012-06-23 02:48 - 2012-06-23 02:48 - 00026511 ____A C:UsersShteryanDownloadschronicle.2012.dc.720p.bluray.x264-refined(subsunacs.net).rar

    2012-06-23 02:38 - 2012-06-23 02:38 - 00057055 ____A C:UsersShteryanDownloadseureka.s05e09(subsunacs.net).rar

    2012-06-23 02:38 - 2012-06-23 02:38 - 00055633 ____A C:UsersShteryanDownloadsEureka.S05E09.PROPER.720p.HDTV.x264-IMMERSE.mkv.torrent

    2012-06-22 14:45 - 2012-06-22 14:45 - 00014396 ____A C:UsersShteryanDownloadsPrometheus (2012) TS.torrent

    2012-06-22 14:42 - 2012-06-22 14:42 - 00036243 ____A C:UsersShteryanDownloadsthe_avengers.2012.r6.webscr.xvid.ac3-bravo(subsunacs.net).rar

    2012-06-22 14:35 - 2012-06-22 14:35 - 00014121 ____A C:UsersShteryanDownloadsThe.Avengers.2012.CROPPED.R6.WEBscr.Xvid.AC3-TODE.torrent

    2012-06-21 15:21 - 2012-06-21 15:21 - 00009722 ____A C:UsersShteryanDownloadsavengers-tlr1_h480p.mov.torrent

    2012-06-21 13:03 - 2012-06-21 13:03 - 00033435 ____A C:UsersShteryanDownloadstarget.catfa.xvid(subsunacs.net).rar

    2012-06-21 12:58 - 2012-06-21 12:58 - 00024651 ____A C:UsersShteryanDownloadscity.of.ember.2008.720p.bluray.x264-sinners(subsunacs.net).rar

    2012-06-21 12:57 - 2012-06-21 12:57 - 00028620 ____A C:UsersShteryanDownloadsCaptain.America.The.First.Avenger.DVDRip.XviD-TARGET.torrent

    2012-06-21 12:49 - 2012-06-21 12:49 - 00030251 ____A C:UsersShteryanDownloadsCity.of.Ember.2008.480p.BRRip.XviD.AC3-AsA.torrent

    2012-06-20 17:50 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:WindowsSystem32wuauclt.exe

    2012-06-20 17:50 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:WindowsSystem32wups2.dll

    2012-06-20 17:49 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:WindowsSystem32wuaueng.dll

    2012-06-20 17:49 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:WindowsSystem32wuapi.dll

    2012-06-20 17:49 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:WindowsSystem32wups.dll

    2012-06-20 17:49 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:WindowsSystem32wucltux.dll

    2012-06-20 17:49 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:WindowsSystem32wudriver.dll

    2012-06-20 17:49 - 2012-06-02 04:19 - 00171904 ____A (Microsoft Corporation) C:WindowsSystem32wuwebv.dll

    2012-06-20 17:49 - 2012-06-02 04:12 - 00033792 ____A (Microsoft Corporation) C:WindowsSystem32wuapp.exe

    ============ 3 Months Modified Files ========================

    2012-07-18 08:58 - 2010-09-30 06:32 - 01875562 ____A C:WindowsWindowsUpdate.log

    2012-07-18 08:35 - 2012-04-11 11:57 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job

    2012-07-18 08:28 - 2012-07-14 05:23 - 00000986 ____A C:WindowsTasksGoogleUpdateTaskMachineUA.job

    2012-07-18 08:26 - 2012-07-14 01:21 - 00001020 ____A C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001UA.job

    2012-07-18 05:28 - 2011-07-10 10:17 - 00000986 ____A C:WindowsTasksGoogleUpdateTaskMachineCore.job

    2012-07-18 01:26 - 2010-12-16 06:01 - 00000968 ____A C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001Core.job

    2012-07-17 16:55 - 2012-07-17 16:55 - 00015006 ____A C:UsersShteryanDownloads%5BIceFanSubs%5D Chrome Shelled Regios - 01 %5Bon%5D.torrent

    2012-07-16 09:46 - 2012-07-15 03:47 - 00000112 ____A C:Windowssetupact.log

    2012-07-16 09:46 - 2009-07-13 20:53 - 00000006 ___AH C:WindowsTasksSA.DAT

    2012-07-16 09:34 - 2009-07-13 20:34 - 00020112 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    2012-07-16 09:34 - 2009-07-13 20:34 - 00020112 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    2012-07-16 09:26 - 2010-04-15 04:28 - 00837312 ____A C:WindowsSystem32PerfStringBackup.INI

    2012-07-15 03:47 - 2012-07-15 03:47 - 00000000 ____A C:Windowssetuperr.log

    2012-07-14 19:07 - 2012-07-14 19:07 - 00703533 ____A C:UsersShteryanDownloadshldsupdatetool.exe

    2012-07-14 19:03 - 2012-07-14 19:03 - 00000215 ____A C:UsersShteryanDesktopIron Grip Marauders.url

    2012-07-14 12:18 - 2012-07-14 12:18 - 00002209 ____A C:UsersShteryanDesktopaswMBR.txt

    2012-07-14 12:18 - 2012-07-14 12:18 - 00000512 ____A C:UsersShteryanDesktopMBR.dat

    2012-07-14 08:38 - 2012-07-14 08:38 - 02135640 ____A (Kaspersky Lab ZAO) C:UsersShteryanDesktoptdsskiller.exe

    2012-07-14 08:27 - 2012-05-28 21:25 - 00026184 ____A C:WindowsPFRO.log

    2012-07-14 03:11 - 2012-07-14 03:11 - 04731392 ____A (AVAST Software) C:UsersShteryanDesktopaswMBR.exe

    2012-07-13 15:39 - 2012-07-13 15:39 - 00016867 ____A C:UsersShteryanDownloadsLibO_3.5.5_Win_x86_install_multi.msi.torrent

    2012-07-13 15:34 - 2012-07-13 15:34 - 00012421 ____A C:UsersShteryanDownloads[ATF] New Fist of the North Star OVA [c] [480p].torrent

    2012-07-13 14:10 - 2012-07-13 14:10 - 00019143 ____A C:UsersShteryanDownloads[EROBEAT] Masaru Ashita no Yukinojou 2 [c][unc].torrent

    2012-07-13 12:45 - 2012-07-13 12:44 - 03329297 ____A C:Qoobox.zip

    2012-07-13 12:38 - 2012-07-13 12:38 - 00023956 ____A C:ComboFix.txt

    2012-07-13 12:30 - 2009-07-13 18:04 - 00000215 ____A C:Windowssystem.ini

    2012-07-13 11:09 - 2012-07-13 11:09 - 04577833 ____R (Swearware) C:UsersShteryanDesktopComboFix.exe

    2012-07-13 10:14 - 2011-08-11 12:25 - 00000691 ____A C:dude.conf

    2012-07-13 09:36 - 2012-07-13 09:36 - 00023946 ____A C:UsersShteryanDesktopdds.txt

    2012-07-13 09:36 - 2012-07-13 09:36 - 00009431 ____A C:UsersShteryanDesktopattach.txt

    2012-07-13 09:33 - 2012-07-13 09:33 - 00492146 ____R (Swearware) C:UsersShteryanDesktopdds.exe

    2012-07-13 09:20 - 2012-07-13 09:20 - 00000393 ____A C:UsersShteryanDownloadsLangBar.zip

    2012-07-11 10:35 - 2012-04-11 11:56 - 00426184 ____A (Adobe Systems Incorporated) C:WindowsSystem32FlashPlayerApp.exe

    2012-07-11 10:35 - 2011-07-18 10:33 - 00070344 ____A (Adobe Systems Incorporated) C:WindowsSystem32FlashPlayerCPLApp.cpl

    2012-07-11 07:39 - 2009-07-13 20:33 - 00540640 ____A C:WindowsSystem32FNTCACHE.DAT

    2012-07-10 15:47 - 2010-10-24 11:06 - 57442464 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe

    2012-07-10 15:43 - 2012-07-10 15:43 - 00015528 ____A C:UsersShteryanDownloads[TokiSubs] Gunslinger Girl Il Teatrino [bD 1280x720 x264 AC-3 5.1ch][c].torrent

    2012-07-10 15:10 - 2012-07-10 15:10 - 00016494 ____A C:UsersShteryanDownloads[MushiSubs] La storia della Arcana Famiglia - 02 [720p, 10b, 1280x720][bG].torrent

    2012-07-08 16:48 - 2012-07-08 16:48 - 00020178 ____A C:UsersShteryanDownloads[RyuKo] Haiyore! Nyaruko-san - 1-3 [720p] [on].torrent

    2012-07-08 16:03 - 2012-07-08 16:03 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 38 [1280x720 x264 AAC][bG].torrent

    2012-07-06 17:40 - 2012-07-06 17:40 - 00011433 ____A C:UsersShteryanDownloads[shinigami Subs] Detroit Metal City - 02v2 [720p] [bG].torrent

    2012-07-06 13:59 - 2012-07-06 13:59 - 00976040 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_32-bit_util (1).exe

    2012-07-06 13:57 - 2012-07-06 13:57 - 01174104 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_64-bit_util (1).exe

    2012-07-05 11:12 - 2012-07-05 11:11 - 15126342 ____A C:UsersShteryanDownloadsPotPlayer1.5.33573.EXE

    2012-07-05 11:12 - 2012-07-05 11:10 - 28926728 ____A C:UsersShteryanDownloadsKMPlayer_EN_3.3.0.30.exe

    2012-07-05 09:40 - 2012-07-05 09:40 - 00018251 ____A C:UsersShteryanDownloads[TerrorFanSubs] Kore wa Zombie Desuka - Of the Dead (MX 1280x720 x264 AAC) [c].torrent

    2012-07-04 16:26 - 2012-07-04 16:26 - 00016372 ____A C:UsersShteryanDownloads[shinigami Subs] Detroit Metal City - 01 [720p] [bG].torrent

    2012-07-02 14:28 - 2012-07-02 14:28 - 00011494 ____A C:UsersShteryanDownloads[MushiSubs] La storia della Arcana Famiglia - 01 [720p, 10b, 1280x720][bG].torrent

    2012-07-02 13:20 - 2012-07-02 13:20 - 00035849 ____A C:UsersShteryanDownloadsfalling.skies.s02e04.hdtv.x264-2hd(subsunacs.net).rar

    2012-07-02 13:16 - 2012-07-02 13:16 - 00014516 ____A C:UsersShteryanDownloadsFalling.Skies.S02E04.HDTV.XviD-D3L.torrent

    2012-07-02 09:55 - 2012-07-02 09:55 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 37 [1280x720 x264 AAC][bG].torrent

    2012-07-01 18:30 - 2012-07-01 18:30 - 00008448 ____A C:UsersShteryanDownloadsThe Listener - S03E04.DVBRip-Zamunda.NET.torrent

    2012-07-01 18:29 - 2012-07-01 18:29 - 00053663 ____A C:UsersShteryanDownloadslockout(subsunacs.net).rar

    2012-07-01 18:29 - 2012-07-01 18:29 - 00008448 ____A C:UsersShteryanDownloadsThe Listener - S03E03.DVBRip-Zamunda.NET.torrent

    2012-07-01 18:29 - 2012-07-01 18:28 - 00014419 ____A C:UsersShteryanDownloadsLockout.UNRATED.BDRip.XviD-COCAIN.torrent

    2012-07-01 14:29 - 2012-07-01 14:29 - 00008944 ____A C:WindowsDPINST.LOG

    2012-07-01 14:23 - 2012-07-01 14:23 - 00000000 ____A C:WindowsSetup.INI

    2012-07-01 14:23 - 2010-04-15 05:09 - 00000083 ____A C:WindowsLManager.UNI

    2012-07-01 12:27 - 2012-07-01 12:27 - 00002370 ____A C:UsersShteryanDownloadsRemoveWAT v2.2.6.torrent

    2012-07-01 12:10 - 2012-07-01 12:10 - 01673027 ____A C:UsersShteryanDownloadsWindows Loader v2.1.5.zip

    2012-07-01 11:51 - 2012-07-01 11:51 - 00174064 ____A (Oracle Corporation) C:WindowsSystem32javaw.exe

    2012-07-01 11:51 - 2012-07-01 11:51 - 00174064 ____A (Oracle Corporation) C:WindowsSystem32java.exe

    2012-07-01 08:39 - 2012-06-01 08:39 - 00000211 ____A C:UsersAll Usersacer.zip

    2012-07-01 03:21 - 2012-07-01 03:11 - 00009548 ____A C:UsersShteryanDownloadsautoexec.cfg

    2012-06-30 16:33 - 2012-06-30 16:33 - 00009896 ____A C:UsersShteryanDownloadstu_1x05_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00025496 ____A C:UsersShteryanDownloadstu_1x04_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00024388 ____A C:UsersShteryanDownloadstu_1x02_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00020156 ____A C:UsersShteryanDownloadstu_1x03_e_tle(subsunacs.net).rar

    2012-06-30 16:32 - 2012-06-30 16:32 - 00019612 ____A C:UsersShteryanDownloadstu_1x01_e_tle(subsunacs.net).rar

    2012-06-30 16:28 - 2012-06-30 16:28 - 00054842 ____A C:UsersShteryanDownloadsTron.Uprising.S01E05.Identity.720p.WEB-DL.DD5.1.H264-NTb.mkv.torrent

    2012-06-30 16:28 - 2012-06-30 16:28 - 00020883 ____A C:UsersShteryanDownloadstron.uprising.s01e04.blackout.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00020936 ____A C:UsersShteryanDownloadstron.uprising.s01e02.the.renegade.part.1.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00011077 ____A C:UsersShteryanDownloadstron.uprising.s01e03.the.renegade.part.2.720p.hdtv.x264-2hd.torrent

    2012-06-30 16:27 - 2012-06-30 16:27 - 00010926 ____A C:UsersShteryanDownloadsTron.Uprising.S01E01.Becks.Beginning.720p.WEB.DL.DD5.1.H264.torrent

    2012-06-30 16:00 - 2012-05-27 00:50 - 00000810 ____A C:UsersAll UsersSYSTEM_CLEANER_HISTORY.xml

    2012-06-30 15:57 - 2012-06-30 15:57 - 00013182 ____A C:UsersShteryanDownloadsNight Shift Nurses 2 [c][unc].torrent

    2012-06-30 13:07 - 2012-06-30 13:07 - 00039317 ____A C:UsersShteryanDownloadsfalling.skies.s02e01(subsunacs.net).rar

    2012-06-30 13:06 - 2012-06-30 13:06 - 00044270 ____A C:UsersShteryanDownloadsfalling.skies.s02e03(subsunacs.net).rar

    2012-06-30 13:04 - 2012-06-30 13:04 - 00041243 ____A C:UsersShteryanDownloadsfalling_skies_s02e02(subsunacs.net).rar

    2012-06-30 13:04 - 2012-06-30 13:04 - 00029198 ____A C:UsersShteryanDownloadsFalling.Skies.S02E02.HDTV.XviD-AFG.avi.torrent

    2012-06-30 13:04 - 2012-06-30 13:04 - 00014496 ____A C:UsersShteryanDownloadsFalling.Skies.S02E03.HDTV.XviD-D3L.torrent

    2012-06-30 12:57 - 2012-06-30 12:57 - 00027817 ____A C:UsersShteryanDownloadsFalling.Skies.S02E01.HDTV.XviD-AFG.avi.torrent

    2012-06-30 10:46 - 2011-08-03 13:30 - 00045270 ____A C:UsersShteryanAppDataRoamingroom_v3.dat

    2012-06-30 07:44 - 2012-06-30 07:44 - 00000713 ____A C:UsersPublicDesktopDarkBlood Online.lnk

    2012-06-30 07:37 - 2012-06-30 07:37 - 00235221 ____A C:UsersShteryanDownloadsCustomKeys (1).txt

    2012-06-30 07:31 - 2012-06-30 07:00 - 1866118597 ____A (Acresso Software Inc.) C:UsersShteryanDownloadsDarkBloodSetup_120626.exe

    2012-06-30 07:27 - 2012-06-30 07:26 - 49663816 ____A C:UsersShteryanDownloadsGarenaPlus_Install (1).exe

    2012-06-30 07:27 - 2012-05-20 21:12 - 00000993 ____A C:UsersPublicDesktopGarena Plus.lnk

    2012-06-27 12:23 - 2012-06-27 12:23 - 00111846 ____A C:UsersShteryanDownloadsFallingSkies_S01_HDTV.(subs.sab.bz).rar

    2012-06-27 12:21 - 2012-06-27 12:21 - 00019839 ____A C:UsersShteryanDownloadsFalling.Skies.S01.HDTV.XviD-Zamunda.torrent

    2012-06-27 12:17 - 2012-06-27 12:17 - 00047682 ____A C:UsersShteryanDownloadseureka.s05e10(subsunacs.net).rar

    2012-06-27 12:16 - 2012-06-27 12:16 - 00103546 ____A C:UsersShteryanDownloadseureka.s05e08(subsunacs.net).rar

    2012-06-27 12:16 - 2012-06-27 12:16 - 00027175 ____A C:UsersShteryanDownloadsEureka.S05E10.HDTV.x264-ASAP.mp4.torrent

    2012-06-27 12:16 - 2012-06-27 12:16 - 00014494 ____A C:UsersShteryanDownloadsEureka.S05E08.HDTV.XviD-D3L.torrent

    2012-06-27 10:15 - 2012-06-27 10:15 - 00013962 ____A C:UsersShteryanDownloads[TokiSubs] Hidan no Aria 13 [bDrip 1280x720 x264 AAC][c].torrent

    2012-06-26 15:59 - 2012-06-26 15:59 - 00015498 ____A C:UsersShteryanDownloadsKaydara 2011 BRRIP.XVID-WBZ.torrent

    2012-06-26 13:44 - 2012-06-26 13:44 - 00043854 ____A C:UsersShteryanDownloadscontinuum.s01e05(subsunacs.net).rar

    2012-06-26 13:43 - 2012-06-26 13:43 - 00015062 ____A C:UsersShteryanDownloadsContinuum.S01E05.RERip.HDTV.XviD-D3L.torrent

    2012-06-26 13:04 - 2012-06-26 13:04 - 00048807 ____A C:UsersShteryanDownloadscontinuum.s01e04(subsunacs.net).rar

    2012-06-26 12:17 - 2012-06-26 12:17 - 00086033 ____A C:UsersShteryanDownloadscontinuum.s01e03(subsunacs.net).rar

    2012-06-26 12:17 - 2012-06-26 12:17 - 00029227 ____A C:UsersShteryanDownloadsContinuum.S01E03.REPACK.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:17 - 2012-06-26 12:17 - 00029175 ____A C:UsersShteryanDownloadsContinuum.S01E04.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:02 - 2012-06-26 12:02 - 00080269 ____A C:UsersShteryanDownloadscontinuum.s01e02(subsunacs.net).rar

    2012-06-26 12:01 - 2012-06-26 12:01 - 00029199 ____A C:UsersShteryanDownloadsContinuum.S01E02.REPACK.HDTV.XviD-AFG.avi.torrent

    2012-06-26 12:01 - 2012-06-26 12:01 - 00027013 ____A C:UsersShteryanDownloadsc_1x01_e_tlepandora(subsunacs.net).rar

    2012-06-26 12:01 - 2012-06-26 12:01 - 00014943 ____A C:UsersShteryanDownloadsContinuum.S01E01.HDTV.XviD-D3L.torrent

    2012-06-26 09:35 - 2012-06-26 09:35 - 00084780 ____A C:UsersShteryanDesktopsystav2.cdr

    2012-06-25 13:57 - 2012-06-25 13:57 - 00008000 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___109___Out_of_the_Past__C_P_.(subs.sab.bz).7z

    2012-06-25 13:57 - 2012-06-25 13:57 - 00007323 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E10.Turning.The.Tides.720p.HDTV.h264-OOO.srt.zip

    2012-06-25 12:52 - 2012-06-25 12:52 - 00017156 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___01x08._subs.sab.bz_.(subs.sab.bz).rar

    2012-06-25 12:52 - 2012-06-25 12:52 - 00016837 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra___107___The_Aftermath.(subs.sab.bz).rar

    2012-06-25 12:45 - 2012-06-25 12:45 - 00011210 ____A C:UsersShteryanDownloadsthe.legend.of.korra.s01e05.the.spirit.of.competition.720p.hdtv.h264-ooo(subsunacs.net).rar

    2012-06-25 12:45 - 2012-06-25 12:45 - 00009535 ____A C:UsersShteryanDownloadsthe_legend_of_korra_-_01x06(subsunacs.net).rar

    2012-06-25 12:27 - 2012-06-25 12:27 - 00009953 ____A C:UsersShteryanDownloadsThe_Legend_of_Korra_S01E04.(subs.sab.bz).rar

    2012-06-25 12:16 - 2012-06-25 12:16 - 00010207 ____A C:UsersShteryanDownloadsthe.last.airbender.the.legend.of.korra.2012.bgsubs.1cd.4527548(subsunacs.net).rar

    2012-06-25 11:31 - 2012-06-25 11:31 - 00012624 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E11.Skeletons.in.the.Closet[720p][secludedly].torrent

    2012-06-25 11:31 - 2012-06-25 11:31 - 00012556 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E12.Endgame[720p][secludedly].torrent

    2012-06-25 11:30 - 2012-06-25 11:30 - 00017769 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E10.Turning.The.Tides.720p.HDTV.h264-OOO.torrent

    2012-06-25 11:28 - 2012-06-25 11:28 - 00014362 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E09.Out.of.the.Past.torrent

    2012-06-25 11:19 - 2012-06-25 11:19 - 00017272 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E08.When.Extremes.Meet.720p.HDTV.h264-OOO.torrent

    2012-06-25 11:19 - 2012-06-25 11:19 - 00013896 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E07.The.Aftermath.torrent

    2012-06-25 11:00 - 2012-06-25 11:00 - 00019634 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E06.720p.HDTV.x264-HWE.torrent

    2012-06-25 10:44 - 2012-06-25 10:44 - 00017353 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E05.The.Spirit.Of.Competition.720p.HDTV.h264-OOO.torrent

    2012-06-25 10:26 - 2012-06-25 10:26 - 00014988 ____A C:UsersShteryanDownloadsThe.Legend.of.Korra.S01E04.720p.WEB-DL.AAC2.0.H264-SLOMO.torrent

    2012-06-25 10:25 - 2012-06-25 10:25 - 00018360 ____A C:UsersShteryanDownloadsThe.Legend.Of.Korra.S01E03.The.Revelation.720p.HDTV.h264.torrent

    2012-06-25 09:34 - 2012-06-25 09:34 - 00018338 ____A C:UsersShteryanDownloads[sugoiFanSubs] Avatar The Legend of Korra - 01+02 [1280x720 x264 AAC].mkv.torrent

    2012-06-24 17:54 - 2012-06-24 17:54 - 00013209 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 36 [1280x720 x264 AAC][bG].torrent

    2012-06-23 02:48 - 2012-06-23 02:48 - 00028908 ____A C:UsersShteryanDownloadsChronicle.2012.DC.480p.BRRip.XviD.AC3-AsA.torrent

    2012-06-23 02:48 - 2012-06-23 02:48 - 00026511 ____A C:UsersShteryanDownloadschronicle.2012.dc.720p.bluray.x264-refined(subsunacs.net).rar

    2012-06-23 02:38 - 2012-06-23 02:38 - 00057055 ____A C:UsersShteryanDownloadseureka.s05e09(subsunacs.net).rar

    2012-06-23 02:38 - 2012-06-23 02:38 - 00055633 ____A C:UsersShteryanDownloadsEureka.S05E09.PROPER.720p.HDTV.x264-IMMERSE.mkv.torrent

    2012-06-22 14:45 - 2012-06-22 14:45 - 00014396 ____A C:UsersShteryanDownloadsPrometheus (2012) TS.torrent

    2012-06-22 14:42 - 2012-06-22 14:42 - 00036243 ____A C:UsersShteryanDownloadsthe_avengers.2012.r6.webscr.xvid.ac3-bravo(subsunacs.net).rar

    2012-06-22 14:35 - 2012-06-22 14:35 - 00014121 ____A C:UsersShteryanDownloadsThe.Avengers.2012.CROPPED.R6.WEBscr.Xvid.AC3-TODE.torrent

    2012-06-21 15:21 - 2012-06-21 15:21 - 00009722 ____A C:UsersShteryanDownloadsavengers-tlr1_h480p.mov.torrent

    2012-06-21 13:03 - 2012-06-21 13:03 - 00033435 ____A C:UsersShteryanDownloadstarget.catfa.xvid(subsunacs.net).rar

    2012-06-21 12:58 - 2012-06-21 12:58 - 00024651 ____A C:UsersShteryanDownloadscity.of.ember.2008.720p.bluray.x264-sinners(subsunacs.net).rar

    2012-06-21 12:57 - 2012-06-21 12:57 - 00028620 ____A C:UsersShteryanDownloadsCaptain.America.The.First.Avenger.DVDRip.XviD-TARGET.torrent

    2012-06-21 12:49 - 2012-06-21 12:49 - 00030251 ____A C:UsersShteryanDownloadsCity.of.Ember.2008.480p.BRRip.XviD.AC3-AsA.torrent

    2012-06-17 13:57 - 2012-06-17 13:57 - 00016054 ____A C:UsersShteryanDownloads[sFS-.torrent

    2012-06-17 13:28 - 2012-06-17 13:27 - 00013209 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 35 [1280x720 x264 AAC][bG].torrent

    2012-06-12 09:02 - 2012-06-12 09:01 - 00025410 ____A C:UsersShteryanDownloads[GFotaku] Mouryou no Hako 1-14 [720p][c].torrent

    2012-06-11 18:40 - 2012-07-10 15:47 - 02345984 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys

    2012-06-11 02:50 - 2012-06-11 02:50 - 00159232 ____A C:WindowsSystem32clinfo.exe

    2012-06-11 02:50 - 2012-06-11 02:50 - 00065024 ____A (Advanced Micro Devices Inc.) C:WindowsSystem32OpenVideo.dll

    2012-06-11 02:50 - 2012-06-11 02:50 - 00056320 ____A (Advanced Micro Devices Inc.) C:WindowsSystem32OVDecode.dll

    2012-06-11 02:49 - 2012-06-11 02:49 - 13008896 ____A (Advanced Micro Devices Inc.) C:WindowsSystem32amdocl.dll

    2012-06-10 16:48 - 2012-06-10 16:48 - 00054793 ____A C:UsersShteryanDownloadseureka.s05e06(subsunacs.net).rar

    2012-06-10 16:48 - 2012-06-10 16:48 - 00054570 ____A C:UsersShteryanDownloadseureka.s05e07(subsunacs.net).rar

    2012-06-10 16:48 - 2012-06-10 16:48 - 00028542 ____A C:UsersShteryanDownloadsEureka.S05E07.HDTV.XviD-AFG.avi.torrent

    2012-06-10 16:47 - 2012-06-10 16:47 - 00027867 ____A C:UsersShteryanDownloadsEureka.S05E06.HDTV.XviD-AFG.avi.torrent

    2012-06-10 14:48 - 2012-06-10 14:48 - 00008068 ____A C:UsersShteryanDownloadsThe Listener - S03E01.DVBRip-Zamunda.NET.torrent

    2012-06-10 14:48 - 2012-06-10 14:48 - 00008048 ____A C:UsersShteryanDownloadsThe Listener - S03E02.DVBRip-Zamunda.NET.torrent

    2012-06-10 12:52 - 2012-06-10 12:52 - 00012399 ____A C:UsersShteryanDownloads[sFS] Zetman – 08 [848x480 x264 AAC][bG].torrent

    2012-06-10 10:20 - 2012-06-10 10:20 - 00336197 ____A C:UsersShteryanDownloadssingle_player_items_Kingpintz_Item_Pack_FINAL.zip

    2012-06-09 04:58 - 2012-06-09 04:58 - 00024582 ____A C:UsersShteryanDownloadsd2mr.rar

    2012-06-09 01:09 - 2012-06-09 01:09 - 00000165 ____A C:UsersShteryanDownloadsprepatch.log

    2012-06-09 01:09 - 2012-06-09 01:08 - 05454719 ____A (Blizzard Entertainment) C:UsersShteryanDownloadsLODPatch_113d.exe

    2012-06-08 20:41 - 2012-07-10 11:27 - 12873728 ____A (Microsoft Corporation) C:WindowsSystem32shell32.dll

    2012-06-08 16:29 - 2012-06-08 16:29 - 01821192 ____A (Microsoft Corporation) C:UsersShteryanDownloadsvcredist_x86.exe

    2012-06-08 16:27 - 2012-06-08 16:27 - 00040634 ____A C:UsersShteryanDownloadsphoenix_v2.zip

    2012-06-08 15:42 - 2012-06-08 15:42 - 00535038 ____A C:UsersShteryanDownloadsD2MultiRes-v102.zip

    2012-06-08 15:39 - 2012-06-08 08:11 - 00000695 ____A C:UsersShteryanDesktopDiablo II.lnk

    2012-06-08 15:25 - 2012-06-08 15:25 - 00535038 ____A C:UsersShteryanDownloadsGALAGOGAME_Diablo2Resolutions.zip

    2012-06-08 15:12 - 2012-06-08 15:11 - 14368768 ____A C:UsersShteryanDownloadsTortoiseSVN-1.7.7.22907-win32-svn-1.7.5.msi

    2012-06-08 15:03 - 2012-06-08 15:03 - 00058571 ____A C:UsersShteryanDownloads284uniques.zip

    2012-06-08 15:02 - 2012-06-08 15:02 - 00061433 ____A C:UsersShteryanDownloadsUD2X110_Lib.zip

    2012-06-08 15:01 - 2012-06-08 15:01 - 00277185 ____A C:UsersShteryanDownloads1.10_Item_Vault_Version_1.2.zip

    2012-06-08 14:58 - 2012-06-08 14:49 - 168387701 ____A C:UsersShteryanDownloadsMedian_XL_2012_v005.zip

    2012-06-08 14:54 - 2012-06-08 14:54 - 00249856 ____N (Microsoft Corporation) C:WindowsSetup1.exe

    2012-06-08 14:54 - 2012-06-08 14:54 - 00073216 ____A (Microsoft Corporation) C:WindowsST6UNST.EXE

    2012-06-08 14:53 - 2012-06-08 14:53 - 05772989 ____A C:UsersShteryanDownloadsHero Editor V104.zip

    2012-06-08 14:34 - 2012-06-08 14:34 - 00025076 ____A C:UsersShteryanDownloadsD2MapReveal-JingfluRepack.rar

    2012-06-08 09:17 - 2012-06-08 09:17 - 00128411 ____A C:UsersShteryanDownloadsAutoTele 1.2a.zip

    2012-06-08 09:14 - 2012-06-08 09:14 - 00036501 ____A C:UsersShteryanDownloadsd2me-11x.zip

    2012-06-08 07:55 - 2012-06-08 07:55 - 00078600 ____A C:UsersShteryanDownloadsDiablo II.exe.torrent

    2012-06-05 21:05 - 2012-07-10 11:27 - 01390080 ____A (Microsoft Corporation) C:WindowsSystem32msxml6.dll

    2012-06-05 21:05 - 2012-07-10 11:27 - 01236992 ____A (Microsoft Corporation) C:WindowsSystem32msxml3.dll

    2012-06-05 21:03 - 2012-07-10 11:27 - 00805376 ____A (Microsoft Corporation) C:WindowsSystem32cdosys.dll

    2012-06-04 20:58 - 2012-06-04 20:58 - 00012068 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 34 [848x480 x264 AAC][bG].torrent

    2012-06-04 11:16 - 2012-06-04 11:16 - 00020948 ____A C:UsersShteryanDownloads[sugoiFanSubs] Tokyo Underground [640x480 H264][c].torrent

    2012-06-03 13:13 - 2012-06-03 13:13 - 00032675 ____A C:UsersShteryanDownloads[izanagi-Subs] Sengoku Otome Momoiro Paradox - 01 [720p].torrent

    2012-06-03 12:37 - 2012-06-03 12:37 - 00251148 ____A C:UsersShteryanDownloadsCustomKeys.txt

    2012-06-03 09:00 - 2012-06-03 09:00 - 00011224 ____A C:UsersShteryanDownloads[HorribleSubs] Hunter X Hunter - 34 [1080p].mkv.torrent

    2012-06-02 14:19 - 2012-06-20 17:50 - 00053784 ____A (Microsoft Corporation) C:WindowsSystem32wuauclt.exe

    2012-06-02 14:19 - 2012-06-20 17:50 - 00045080 ____A (Microsoft Corporation) C:WindowsSystem32wups2.dll

    2012-06-02 14:19 - 2012-06-20 17:49 - 01933848 ____A (Microsoft Corporation) C:WindowsSystem32wuaueng.dll

    2012-06-02 14:19 - 2012-06-20 17:49 - 00577048 ____A (Microsoft Corporation) C:WindowsSystem32wuapi.dll

    2012-06-02 14:19 - 2012-06-20 17:49 - 00035864 ____A (Microsoft Corporation) C:WindowsSystem32wups.dll

    2012-06-02 14:12 - 2012-06-20 17:49 - 02422272 ____A (Microsoft Corporation) C:WindowsSystem32wucltux.dll

    2012-06-02 14:12 - 2012-06-20 17:49 - 00088576 ____A (Microsoft Corporation) C:WindowsSystem32wudriver.dll

    2012-06-02 04:19 - 2012-06-20 17:49 - 00171904 ____A (Microsoft Corporation) C:WindowsSystem32wuwebv.dll

    2012-06-02 04:12 - 2012-06-20 17:49 - 00033792 ____A (Microsoft Corporation) C:WindowsSystem32wuapp.exe

    2012-06-02 01:07 - 2012-07-10 15:53 - 12314624 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll

    2012-06-02 00:43 - 2012-07-10 15:53 - 09737728 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll

    2012-06-02 00:33 - 2012-07-10 15:54 - 01800192 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll

    2012-06-02 00:26 - 2012-07-10 15:53 - 01103872 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll

    2012-06-02 00:25 - 2012-07-10 15:54 - 01129472 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll

    2012-06-02 00:25 - 2012-07-10 15:53 - 01427968 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl

    2012-06-02 00:23 - 2012-07-10 15:54 - 00231936 ____A (Microsoft Corporation) C:WindowsSystem32url.dll

    2012-06-02 00:21 - 2012-07-10 15:54 - 00065024 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll

    2012-06-02 00:20 - 2012-07-10 15:54 - 00142848 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe

    2012-06-02 00:19 - 2012-07-10 15:54 - 01793024 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll

    2012-06-02 00:19 - 2012-07-10 15:54 - 00716800 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll

    2012-06-02 00:17 - 2012-07-10 15:54 - 00073216 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll

    2012-06-02 00:16 - 2012-07-10 15:54 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb

    2012-06-02 00:14 - 2012-07-10 15:54 - 00176640 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll

    2012-06-01 20:45 - 2012-07-10 15:44 - 00134000 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

    2012-06-01 20:45 - 2012-07-10 15:44 - 00067440 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecdd.sys

    2012-06-01 20:40 - 2012-07-10 15:44 - 00369336 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

    2012-06-01 20:40 - 2012-07-10 15:44 - 00225280 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

    2012-06-01 20:39 - 2012-07-10 15:44 - 00219136 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

    2012-06-01 15:06 - 2012-06-01 15:06 - 00029108 ____A C:UsersShteryanDownloadsLost.Girl.s01e01.(subs.sab.bz).rar

    2012-05-31 18:42 - 2012-05-31 18:42 - 00093468 ____A C:UsersShteryanDownloadsLost.Girl.S01.HDTV.XviD-2HD.torrent

    2012-05-31 17:36 - 2012-05-31 17:36 - 00023595 ____A C:UsersShteryanDownloadsDirk_Gently_01x03.(subs.sab.bz).rar

    2012-05-31 17:35 - 2012-05-31 17:35 - 00018847 ____A C:UsersShteryanDownloadsdirk.gently.S01E03.real.720p.hdtv.x264-fov.mkv.torrent

    2012-05-31 17:34 - 2012-05-31 17:34 - 00020321 ____A C:UsersShteryanDownloadsdirk_gently.1x03.720p_hdtv_x264-fov.mkv.torrent

    2012-05-31 08:16 - 2012-05-31 08:16 - 00019268 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 33 [848x480 x264 AAC][bG].torrent

    2012-05-30 11:47 - 2012-05-30 11:47 - 00017888 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 32 [848x480 x264 AAC][bG].torrent

    2012-05-30 04:02 - 2012-05-30 04:02 - 00352267 ____A C:UsersShteryanDesktopPresentation1.pptx

    2012-05-29 13:28 - 2012-05-29 13:28 - 00063257 ____A C:UsersShteryanDownloadsis_2012(subsunacs.net).rar

    2012-05-29 13:19 - 2012-05-29 13:19 - 00021913 ____A C:UsersShteryanDownloadsdirk.gently.s01e01.720p.hdtv.x264-bia(subsunacs.net).rar

    2012-05-29 13:19 - 2012-05-29 13:19 - 00020584 ____A C:UsersShteryanDownloadsDirk_Gently_01x01_2012_(www.subs.to).rar

    2012-05-29 13:17 - 2012-05-29 13:17 - 00145808 ____A C:UsersShteryanDownloadsDirk_Gently___Season_1._subs.sab.bz_.(subs.sab.bz).rar

    2012-05-29 13:16 - 2012-05-29 13:16 - 00013905 ____A C:UsersShteryanDownloadsdirk.gently.s01e01.720p.hdtv.x264-bia.mkv.torrent

    2012-05-29 13:10 - 2012-05-29 13:10 - 00028762 ____A C:UsersShteryanDownloadsIron.Sky.2012.DVDRip.XviD.AC3-AsA.torrent

    2012-05-28 13:27 - 2012-05-28 13:27 - 00029097 ____A C:UsersShteryanDownloadsjohn.carter.2012.dvdrip.xvid-deprived_2(subsunacs.net).rar

    2012-05-28 13:13 - 2012-05-28 13:13 - 00005112 ____A C:UsersShteryanDownloadsWindows Loader v2.1.3.torrent

    2012-05-28 13:10 - 2012-05-28 13:10 - 00009738 ____A C:UsersShteryanDownloadsGenuine Registry Doctor v2.5.4.8 + CracK.torrent

    2012-05-28 13:07 - 2012-05-28 13:07 - 00028994 ____A C:UsersShteryanDownloadsJohn.Carter.2012.DVDRip.XviD-DEPRiVED.torrent

    2012-05-28 12:22 - 2012-05-28 12:22 - 00057139 ____A C:UsersShteryanDownloadsGoT_02x09_EDITED._subs.sab.bz_._subs.sab.bz_.(subs.sab.bz).rar

    2012-05-28 12:21 - 2012-05-28 12:21 - 00003170 ____A C:UsersShteryanDownloadsGame.of.Thrones.S02E09.HDTV.XviD-MGD.avi.torrent

    2012-05-28 08:37 - 2012-05-28 08:37 - 08163862 ____A C:UsersShteryanDownloadsApplication_Acer_1.02.3502_W7x86W7x64_A.zip

    2012-05-28 08:19 - 2012-05-28 08:19 - 01173832 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_64-bit_util.exe

    2012-05-28 08:19 - 2012-05-28 08:19 - 00975792 ____A (AMD Inc.) C:UsersShteryanDownloadscatalyst_mobility_32-bit_util.exe

    2012-05-27 00:55 - 2012-05-27 00:55 - 00001479 ____A C:UsersAll UsersSERVICES_HISTORY.xml

    2012-05-27 00:51 - 2012-05-27 00:51 - 00183510 ____A C:WindowsSystem32RW_AppData.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00068336 ____A C:WindowsSystem32RW_FileType.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00002000 ____A C:WindowsSystem32EvGr_Data{58EF8D50-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000612 ____A C:WindowsSystem32RW_FileFlag.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000056 ____A C:WindowsSystem32RW_{58EF8D51-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000056 ____A C:WindowsSystem32RW_{58EF8D50-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000056 ____A C:WindowsSystem32RW_{58EF8D4F-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000012 ____A C:WindowsSystem32EvGr_Data{58EF8D51-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:51 - 2012-05-27 00:51 - 00000012 ____A C:WindowsSystem32EvGr_Data{58EF8D4F-4886-11DF-B74F-806E6F6E6963}.dat

    2012-05-27 00:35 - 2012-05-27 00:35 - 00001478 ____A C:UsersShteryanDownloadsRegInOut_System_Utilities_V3_0_0_2_Precracked_blaze69__x-Demonoid.me-x_6976131.8002.torrent

    2012-05-27 00:34 - 2012-05-27 00:34 - 00229320 ____A C:UsersShteryanDownloadsRegInOut_System_Utilities_V3.0.0.exe

    2012-05-27 00:19 - 2012-05-27 00:19 - 01791112 ____A C:UsersShteryanDownloadsreginout_setup.exe

    2012-05-27 00:18 - 2012-05-27 00:18 - 00463080 ____A (CNET Download.com) C:UsersShteryanDownloadscnet2_reginout_setup_exe.exe

    2012-05-26 07:15 - 2012-05-26 07:11 - 74761776 ____A C:UsersShteryanDownloadsavast_free_antivirus_setup (1).exe

    2012-05-25 12:23 - 2012-05-25 12:23 - 00014879 ____A C:UsersShteryanDownloads[sFS] Zetman – 07 [848x480 x264 AAC][bG].torrent

    2012-05-24 07:08 - 2012-05-24 07:08 - 07254647 ____A C:UsersShteryanDownloadsmonopoly.zip

    2012-05-24 02:54 - 2012-05-24 02:54 - 00038198 ____A C:UsersShteryanDesktopsystav.cdr

    2012-05-22 13:32 - 2012-05-22 12:57 - 00000213 ____A C:UsersShteryanDesktopDota 2.url

    2012-05-22 12:46 - 2012-05-22 12:46 - 00000839 ____A C:UsersPublicDesktopSteam.lnk

    2012-05-22 12:42 - 2012-05-22 12:42 - 01606656 ____A C:UsersShteryanDownloadsSteamInstall.msi

    2012-05-21 10:51 - 2012-05-21 10:51 - 07738572 ____A C:UsersShteryanDownloadswebplugins-0.7.61-win32.exe

    2012-05-20 21:11 - 2012-05-20 21:11 - 41918912 ____A C:UsersShteryanDownloadsGarenaPlus_Install.exe

    2012-05-20 11:07 - 2012-05-20 11:07 - 10463427 ____A C:UsersShteryanDownloadspicpick_inst (1).exe

    2012-05-19 11:09 - 2012-05-19 11:09 - 00090802 ____A C:UsersShteryanDownloads[Ryuko]Monster 01-74.torrent

    2012-05-18 17:52 - 2012-05-18 17:52 - 00036627 ____A C:UsersShteryanDownloadsUtawarerumono 720?480 x264 AAC.torrent

    2012-05-17 13:36 - 2012-05-17 13:36 - 00019086 ____A C:UsersShteryanDownloads[GotSpeed]_Mirai_Nikki_©.torrent

    2012-05-17 12:34 - 2012-05-17 12:34 - 00020595 ____A C:UsersShteryanDownloads[GotSpeed]_Mirai_Nikki_-_26_[8D394816].torrent

    2012-05-17 12:34 - 2012-05-17 12:34 - 00017820 ____A C:UsersShteryanDownloads[GotSpeed] Mirai Nikki - 24 [720p].torrent

    2012-05-17 12:34 - 2012-05-17 12:34 - 00012375 ____A C:UsersShteryanDownloads[GotSpeed]_Mirai_Nikki_-_25_[838C99D0].torrent

    2012-05-17 12:25 - 2012-05-17 12:25 - 00017235 ____A C:UsersShteryanDownloads[GotSpeed]_Mirai_Nikki_-_23_[8BEF4292].torrent

    2012-05-17 08:11 - 2012-05-17 08:11 - 00014516 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 22 [on].torrent

    2012-05-16 11:53 - 2012-05-16 11:53 - 00019903 ____A C:UsersShteryanDownloads[sugoiFanSubs] Fairy Tail - 127 - 129 (TX 1280x720 x264 AAC).torrent

    2012-05-16 08:32 - 2012-05-16 08:32 - 00053098 ____A C:UsersShteryanDownloadseureka.s05e05(subsunacs.net).rar

    2012-05-15 09:21 - 2012-05-15 09:21 - 00011656 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 21 [on].torrent

    2012-05-15 07:59 - 2012-05-15 07:59 - 00080940 ____A C:UsersShteryanDownloadsgame.of.thrones.s02e07(subsunacs.net).rar

    2012-05-14 13:43 - 2012-05-14 13:43 - 00011936 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 20 [on].torrent

    2012-05-13 22:12 - 2012-07-06 14:07 - 00086656 ____A (Advanced Micro Devices) C:WindowsSystem32DriversAtihdW73.sys

    2012-05-13 14:08 - 2012-05-13 14:08 - 00060930 ____A C:UsersShteryanDownloadscastle_-_04x23(subsunacs.net).rar

    2012-05-13 14:00 - 2012-05-13 14:00 - 00048818 ____A C:UsersShteryanDownloadseureka.s05e04(subsunacs.net).rar

    2012-05-13 13:59 - 2012-05-13 13:59 - 00028524 ____A C:UsersShteryanDownloadsEureka.S05E04.HDTV.XviD-AFG.avi.torrent

    2012-05-13 02:07 - 2012-05-13 02:07 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 31 [1280x720 x264 AAC][bG].torrent

    2012-05-13 00:51 - 2012-05-13 00:51 - 00944264 ____A (Skype Technologies S.A.) C:UsersShteryanDownloadsSkypeSetup (2).exe

    2012-05-12 15:44 - 2012-05-12 15:44 - 00016446 ____A C:UsersShteryanDownloads[samuraiFanSubs] Fairy Tail 127 (TX 1280x720 x264 AAC) [7E6553CA][on].torrent

    2012-05-12 04:19 - 2012-05-12 04:19 - 00013376 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 19 [on].torrent

    2012-05-12 04:09 - 2009-07-13 18:04 - 00002577 ____A C:WindowsSystem32config.nt

    2012-05-12 03:10 - 2012-05-12 03:05 - 74469760 ____A C:UsersShteryanDownloadsavast_free_antivirus_setup.exe

    2012-05-11 09:18 - 2012-05-11 09:18 - 00018322 ____A C:UsersShteryanDownloads[MushiSubs] Ozma [480p] [c].torrent

    2012-05-10 08:33 - 2012-05-10 08:33 - 00017641 ____A C:UsersShteryanDownloads[MushiSubs] Saint Seiya Omega - 01-06 [480p].torrent

    2012-05-09 21:34 - 2012-05-09 21:34 - 00019700 ____A C:UsersShteryanDownloads[sFS] Zetman - 06 [1280x720 x264 AAC][bG].torrent

    2012-05-09 07:43 - 2012-05-09 07:43 - 00969582 ____A C:UsersShteryanDownloadsGmail.zip

    2012-05-08 13:33 - 2012-05-08 13:33 - 00015267 ____A C:UsersShteryanDownloadsCuties Galore - Vania.torrent

    2012-05-08 13:31 - 2012-05-08 13:31 - 00010986 ____A C:UsersShteryanDownloadsButtmans.Stretch.Class.10.XXX.DVDRip.XviD-VBT.torrent

    2012-05-08 13:29 - 2012-05-08 13:29 - 00028796 ____A C:UsersShteryanDownloadsLysXtreme.torrent

    2012-05-08 13:24 - 2012-05-08 13:24 - 00021492 ____A C:UsersShteryanDownloadsProlapseQueen.com full siterip.torrent

    2012-05-08 13:23 - 2012-05-08 13:23 - 00015256 ____A C:UsersShteryanDownloadsbubdzia.torrent

    2012-05-08 13:12 - 2012-05-08 13:12 - 00014422 ____A C:UsersShteryanDownloadsTitten Praxis (1).torrent

    2012-05-08 13:10 - 2012-05-08 13:10 - 00019629 ____A C:UsersShteryanDownloadsFirstAnalDate - Inna (First Anal Date with Gorgeous Teen Model).torrent

    2012-05-08 09:41 - 2012-05-08 09:41 - 11766024 ____A (EASEUS ) C:UsersShteryanDownloadsepm.exe

    2012-05-08 08:31 - 2012-05-08 08:31 - 00013216 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 18 [on].torrent

    2012-05-07 13:03 - 2012-05-07 13:01 - 36588936 ____A (Enfold Systems, Inc. ) C:UsersShteryanDownloadssetup-plone41-4.1.4-5293-win32.exe

    2012-05-07 11:12 - 2012-05-07 11:12 - 00013916 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 17 [on].torrent

    2012-05-06 13:28 - 2012-05-06 13:28 - 00000819 ____A C:UsersShteryanDesktopMonument Builders - Titanic.lnk

    2012-05-06 11:46 - 2012-05-06 11:46 - 00013229 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 30 [1280x720 x264 AAC][bG].torrent

    2012-05-06 05:30 - 2012-05-06 05:30 - 00036092 ____A C:UsersShteryanDownloadsCounter-Strike_1.6_Professional_Edition_Portable.torrent

    2012-05-05 16:52 - 2012-05-05 16:52 - 00011916 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 16 [on] (1).torrent

    2012-05-05 10:26 - 2012-05-05 10:26 - 00011916 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 16 [on].torrent

    2012-05-05 00:02 - 2012-05-05 00:02 - 00019734 ____A C:UsersShteryanDownloads[sugoiFanSubs] Fairy Tail - 124 - 126 (TX 1280x720 x264 AAC) (1).torrent

    2012-05-04 08:29 - 2012-07-01 11:51 - 00227720 ____A (Oracle Corporation) C:WindowsSystem32javaws.exe

    2012-05-04 08:29 - 2012-02-28 10:01 - 00772504 ____A (Oracle Corporation) C:WindowsSystem32npdeployJava1.dll

    2012-05-04 08:29 - 2010-04-15 23:02 - 00687504 ____A (Oracle Corporation) C:WindowsSystem32deployJava1.dll

    2012-05-04 01:59 - 2012-07-10 15:44 - 00514560 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

    2012-05-03 14:25 - 2012-05-03 14:25 - 00051862 ____A C:UsersShteryanDownloadseureka.s05e02(subsunacs.net).rar

    2012-05-03 14:25 - 2012-05-03 14:25 - 00046457 ____A C:UsersShteryanDownloadseureka.s05e03(subsunacs.net).rar

    2012-05-03 14:25 - 2012-05-03 14:25 - 00018874 ____A C:UsersShteryanDownloadsEureka.S05E03.HDTV.x264-ASAP.mp4.torrent

    2012-05-03 14:24 - 2012-05-03 14:24 - 00007381 ____A C:UsersShteryanDownloadseureka.s05e02.hdtv.xvid-fqm.avi.torrent

    2012-05-03 14:23 - 2012-05-03 14:23 - 00080803 ____A C:UsersShteryanDownloadscastle_-_04x21(subsunacs.net).zip

    2012-05-03 14:23 - 2012-05-03 14:23 - 00077261 ____A C:UsersShteryanDownloadscastle_-_04x22(subsunacs.net).rar

    2012-05-03 14:23 - 2012-05-03 14:23 - 00020459 ____A C:UsersShteryanDownloadsCastle.2009.S04E22.HDTV.x264-LOL.mp4.torrent

    2012-05-03 14:22 - 2012-05-03 14:22 - 00014366 ____A C:UsersShteryanDownloadscastle.2009.s04e21.hdtv.xvid-2hd.avi.torrent

    2012-05-03 12:23 - 2012-05-03 12:23 - 00092033 ____A C:UsersShteryanDownloadsGoT_02x05_EDITED._subs.sab.bz_.(subs.sab.bz).rar

    2012-05-03 12:22 - 2012-05-03 12:22 - 00011414 ____A C:UsersShteryanDownloadsgame.of.thrones.s02e05.the.ghost.of.harrenhal.hdtv.xvid-2hd.avi.torrent

    2012-05-03 09:34 - 2012-05-03 09:34 - 00014302 ____A C:UsersShteryanDownloads[sugoiFanSubs] Itsuka Tenma no Kuro Usagi [720p] [c].torrent

    2012-05-03 09:25 - 2012-05-03 09:25 - 00011700 ____A C:UsersShteryanDownloads[sFS] Zetman - 05 [1280x720 x264 AAC][bG].torrent

    2012-05-02 13:49 - 2012-05-02 13:49 - 00020917 ____A C:UsersShteryanDownloadsHot And Means - Summer Brielle, Kirsten Price , Brett Rossi.torrent

    2012-05-02 13:48 - 2012-05-02 13:48 - 00014423 ____A C:UsersShteryanDownloadsExtreme Girls.torrent

    2012-05-02 13:47 - 2012-05-02 13:47 - 00014422 ____A C:UsersShteryanDownloadsTitten Praxis.torrent

    2012-05-02 13:45 - 2012-05-02 13:45 - 00010714 ____A C:UsersShteryanDownloadsDiffusion Chargo Le Retour De Charly and Paquita.mpg.torrent

    2012-05-01 14:19 - 2012-05-01 14:19 - 00013189 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 29 [1280x720 x264 AAC][bG].torrent

    2012-05-01 14:15 - 2012-05-01 14:15 - 00012108 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 29 [848x480 x264 AAC][bG].torrent

    2012-05-01 14:11 - 2012-05-01 14:11 - 00012916 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 15 [on].torrent

    2012-05-01 04:32 - 2012-05-01 04:32 - 06420694 ____A C:UsersShteryanDownloadspicpick_inst.exe

    2012-05-01 01:51 - 2012-05-01 01:51 - 00001903 ____A C:UsersPublicDesktopHDD Regenerator.lnk

    2012-05-01 01:45 - 2012-05-01 01:45 - 00004029 ____A C:UsersShteryanDownloadsHDD Regenerator 2011.torrent

    2012-04-30 20:44 - 2012-06-30 15:43 - 00164352 ____A (Microsoft Corporation) C:WindowsSystem32profsvc.dll

    2012-04-29 09:45 - 2012-04-29 09:45 - 00011516 ____A C:UsersShteryanDownloads[iceFanSubs] Mirai Nikki - 14 [on].torrent

    2012-04-29 08:12 - 2012-04-29 08:12 - 00258949 ____A C:UsersShteryanDownloadsbootsect.zip

    2012-04-29 08:12 - 2012-04-29 08:12 - 00100917 ____A C:UsersShteryanDownloadsPeToUSB_3.0.0.7.zip

    2012-04-29 08:11 - 2012-04-29 08:11 - 00148502 ____A C:UsersShteryanDownloadsusb_prep8.zip

    2012-04-29 05:57 - 2012-04-29 05:57 - 00020275 ____A C:UsersShteryanDownloadsHirens' BootCD 15.1.torrent

    2012-04-29 05:52 - 2012-04-29 05:52 - 00183544 ____A C:UsersShteryanDownloadsgrub4dos.zip

    2012-04-29 05:49 - 2012-04-29 05:49 - 00035228 ____A C:UsersShteryanDownloadsUSBFormat.zip

    2012-04-29 02:13 - 2012-04-29 02:13 - 07689254 ____A (AIMP DevTeam) C:UsersShteryanDownloadsaimp_3.10.1034_beta_2.exe

    2012-04-29 02:05 - 2012-04-29 02:05 - 00013028 ____A C:UsersShteryanDownloadsCrispersound_TOP_100 (1).m3u

    2012-04-28 13:41 - 2012-04-28 13:41 - 00018156 ____A C:UsersShteryanDownloads[TerrorFanSubs] Sankarea 01-03 [1280x720 H264 AAC][on].torrent

    2012-04-27 20:41 - 2012-06-12 12:31 - 00919040 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

    2012-04-27 19:17 - 2012-06-12 12:31 - 00183808 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpwd.sys

    2012-04-25 20:45 - 2012-06-12 12:31 - 00129536 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorekmts.dll

    2012-04-25 20:45 - 2012-06-12 12:31 - 00058880 ____A (Microsoft Corporation) C:WindowsSystem32rdpwsx.dll

    2012-04-25 20:41 - 2012-06-12 12:31 - 00008192 ____A (Microsoft Corporation) C:WindowsSystem32rdrmemptylst.exe

    2012-04-24 12:24 - 2012-04-24 12:24 - 00014292 ____A C:UsersShteryanDownloadspsych.s06e15.hdtv.xvid-fqm.avi.torrent

    2012-04-24 12:22 - 2012-04-24 12:22 - 00014293 ____A C:UsersShteryanDownloadsPsych.S06E16.HDTV.X264-P0W4.avi.torrent

    2012-04-24 10:24 - 2012-04-24 10:24 - 00019131 ____A C:UsersShteryanDownloads[]www.Demonoid.me[]-Monument_Builders_-_Titanic_-_Full_PreCracked_-_Foxy_Games_7347421.5.torrent

    2012-04-24 10:06 - 2012-04-24 10:06 - 00011116 ____A C:UsersShteryanDownloadsMonument_Builder_-_Eiffel_Tower_-_Full_PreCracked_-_Foxy_Games-[[www.Demonoid.me]]_7347421.5.torrent

    2012-04-23 20:36 - 2012-06-30 15:42 - 01158656 ____A (Microsoft Corporation) C:WindowsSystem32crypt32.dll

    2012-04-23 20:36 - 2012-06-30 15:42 - 00140288 ____A (Microsoft Corporation) C:WindowsSystem32cryptsvc.dll

    2012-04-23 20:36 - 2012-06-30 15:42 - 00103936 ____A (Microsoft Corporation) C:WindowsSystem32cryptnet.dll

    2012-04-23 17:32 - 2011-04-28 05:35 - 00283016 ___AH C:WindowsSystem32mlfcache.dat

    2012-04-23 13:40 - 2012-04-23 13:40 - 00065923 ____A C:UsersShteryanDownloads[iceFanSubs] Eureka 7 [480p][bG][c].torrent

    2012-04-23 13:16 - 2012-04-23 13:16 - 00065806 ____A C:UsersShteryanDownloads[iceFanSubs] Eureka 7 [480p x264][bG][c].torrent

    2012-04-23 13:16 - 2012-04-23 13:16 - 00014225 ____A C:UsersShteryanDownloads[Hadena] Eureka Seven AO - 02 [720p][bBC5EE87].torrent

    2012-04-23 12:38 - 2012-04-23 12:38 - 00067986 ____A C:UsersShteryanDownloadsgame.of.thrones.s02e04(subsunacs.net).rar

    2012-04-23 12:37 - 2012-04-23 12:37 - 00011283 ____A C:UsersShteryanDownloadsgame.of.thrones.s02e04.hdtv.xvid-fqm.avi.torrent

    2012-04-23 09:48 - 2012-04-23 09:48 - 00001187 ____A C:UsersShteryanDownloadsmIRC 7.22 Final.torrent

    2012-04-23 09:02 - 2012-04-23 09:02 - 00493512 ____A (Facebook Inc.) C:UsersShteryanDownloadsFacebookMessengerSetup.exe

    2012-04-22 07:15 - 2012-04-22 07:15 - 00002863 ____A C:UsersPublicDesktopWindows7 Tweaker 3.8.lnk

    2012-04-22 07:13 - 2012-04-22 07:13 - 04269756 ____A C:UsersShteryanDownloadsWindows7Tweaker3.8_Setup.zip

    2012-04-22 07:11 - 2012-04-22 07:11 - 00014021 ____A C:UsersShteryanDownloadsTime_Management_Game_Pack_-_Letters_M__N__O_and_P-[]www.Demonoid.me[]_7347421.5.torrent

    2012-04-22 06:56 - 2012-04-22 06:56 - 00173540 ____A C:UsersShteryanDownloadsCasual_Games_Collection__Letters_L-N_+-www.Demonoid.me-+_7347421.5.torrent

    2012-04-22 06:41 - 2012-04-22 06:41 - 00025047 ____A C:UsersShteryanDownloads[www.Demonoid.me]-BigFishGames_-_Time_Management_Game_-_My_Kingdom_for_the_Princess__Big_Fish_Games__7347421.5.torrent

    2012-04-22 06:41 - 2012-04-22 06:41 - 00016692 ____A C:UsersShteryanDownloadsMy_Kingdom_For_The_Princess_3_-_Full_PreCracked_-_Foxy_Games-_www.Demonoid.me_-_7347421.5.torrent

    2012-04-22 06:41 - 2012-04-22 06:41 - 00016241 ____A C:UsersShteryanDownloadsMy_Kingdom_for_the_Princess_II-((www.Demonoid.me))_7347421.5.torrent

    2012-04-22 06:34 - 2012-04-22 06:34 - 00012108 ____A C:UsersShteryanDownloads[sFS] Hunter x Hunter – 28 [848x480 x264 AAC][bG].torrent

    2012-04-21 12:36 - 2012-04-21 12:36 - 00012858 ____A C:UsersShteryanDownloads(www.Demonoid.me)-Hidden_World_-_Full_PreCracked_-_Foxy_Games_7347421.5.torrent

    2012-04-20 12:04 - 2012-04-20 12:04 - 00046334 ____A C:UsersShteryanDownloadseureka.s05e01(subsunacs.net).rar

    2012-04-20 12:00 - 2012-04-20 12:00 - 00014293 ____A C:UsersShteryanDownloadseureka.s05e01.hdtv.xvid-fqm.avi.torrent

    2012-04-20 11:58 - 2012-04-20 11:58 - 00016545 ____A C:UsersShteryanDownloadsAll.My.Gods.eng.rus.torrent

    2012-04-20 11:54 - 2012-04-20 11:54 - 00053679 ____A C:UsersShteryanDownloadsEureka.S05E01.Lost.720p.WEB-DL.DD5.1.H.264-ECI.mkv.torrent

    ========================= Known DLLs (Whitelisted) ============

    ========================= Bamital & volsnap Check ============

    C:Windowsexplorer.exe => MD5 is legit

    C:WindowsSystem32winlogon.exe => MD5 is legit

    C:WindowsSystem32wininit.exe => MD5 is legit

    C:WindowsSystem32svchost.exe => MD5 is legit

    C:WindowsSystem32services.exe => MD5 is legit

    C:WindowsSystem32User32.dll => MD5 is legit

    C:WindowsSystem32userinit.exe => MD5 is legit

    C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM....exe: exefile => OK

    HKLM...exefileDefaultIcon: %1 => OK

    HKLM...exefileopencommand: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 12%

    Total physical RAM: 4060.87 MB

    Available physical RAM: 3540.26 MB

    Total Pagefile: 4059.14 MB

    Available Pagefile: 3555.93 MB

    Total Virtual: 2047.88 MB

    Available Virtual: 1962.3 MB

    ======================= Partitions =========================

    1 Drive c: (ACER) (Fixed) (Total:143.04 GB) (Free:17.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

    2 Drive d: (DATA) (Fixed) (Total:139.5 GB) (Free:17.14 GB) NTFS

    3 Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:1.18 GB) NTFS

    6 Drive h: (ADATA UFD) (Removable) (Total:3.76 GB) (Free:3.47 GB) FAT32

    7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    Disk ### Status Size Free Dyn Gpt

    -------- ------------- ------- ------- --- ---

    Disk 0 Online 298 GB 0 B

    Disk 1 No Media 0 B 0 B

    Disk 2 Online 3854 MB 0 B

    Partitions of Disk 0:

    ===============

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Recovery 12 GB 1024 KB

    Partition 2 Primary 143 GB 12 GB

    Partition 3 Primary 139 GB 155 GB

    Partition 4 OEM 3630 MB 294 GB

    ==================================================================================

    Disk: 0

    Partition 1

    Type : 27

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 3 E PQSERVICE NTFS Partition 12 GB Healthy Hidden

    ==================================================================================

    Disk: 0

    Partition 2

    Type : 07

    Hidden: No

    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 1 C ACER NTFS Partition 143 GB Healthy

    ==================================================================================

    Disk: 0

    Partition 3

    Type : 07

    Hidden: No

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 2 D DATA NTFS Partition 139 GB Healthy

    ==================================================================================

    Disk: 0

    Partition 4

    Type : 12

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 6 NTFS Partition 3630 MB Healthy Hidden

    ==================================================================================

    Partitions of Disk 2:

    ===============

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Primary 3853 MB 31 KB

    ==================================================================================

    Disk: 2

    Partition 1

    Type : 0B

    Hidden: No

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 5 H ADATA UFD FAT32 Removable 3853 MB Healthy

    ==================================================================================

    ==========================================================

    Last Boot: 2010-05-09 14:38

    ======================= End Of Log ==========================

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Изтеглете прикачения файл => и го копирайте в свободната директория на флашката (където се намира и файла frst.exe)

    Заредете отново в тази програма (от която изготвихте лог файла) и натиснете бутона Fix (веднъж!!!) и изчакайте.

    Ще се създаде лог файла на флашката с името - Fixlog.txt

    Публикувайте го в следващия си пост..!

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 16-07-2012 01 Ran by SYSTEM at 2012-07-20 20:19:58 Run:1 Running from H: ============================================== NSJCPVCBTKW service deleted successfully. C:UsersShteryanAppDataLocalTempNSJCPVCBTKW.exe not found. ==== End of Fixlog ====

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте..!Първо да се извиня че доста бавно отговарям..но в последните дни съм доста ангажиран служебно...! :)

    Така..до тук изтрихме повечето зарази..!Остана само още нещо..но с риск да ви се срине интернета ще бараме по внимателно..!

    Изтеглете LSPFix и я разархивирайте.

    Стартирайте файла LSPFix.еxe и направете снимка.

    Публикувайте я в следващия си коментар.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Спокойно, работата и личния живот са по - важни !

    Публикувано изображение

    Редактирано от AcTePuKc (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Сложете отметка пред I know what i'm doing => след това посочете файла dynujwo.dll (от лявата страна и със стрелкичките го вкарайте вдясно)...Изберете Finish...Рестартирайте системата..!

    Публикувано изображение Изтрийте вашето копие на Комбофикс (като изтриете иконата Публикувано изображение от вашия десктоп)...изтеглете ново свежо копие от тук и го запазете на десктопа си.Направете нова проверка по инструкцията в пост 2..!

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    ComboFix 12-07-21.01 - Shteryan 07.2012 г. 14:56:47.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.3037.1972 [GMT 3:00] Running from: c:usersShteryanDesktopComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-06-21 to 2012-07-21 ))))))))))))))))))))))))))))))) . . 2012-07-21 12:10 . 2012-07-21 12:10 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingSwitchBoard 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataLocalOOBE 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataLocalColor 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:programdataSLStore 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:programdataAdobe PDF 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingColor 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingExtension Manager CS6 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingExtendScript Toolkit 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingCS6ServiceManager 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingAdobe QT32 Server 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:usersShteryanAppDataRoamingAdobe Photoshop CS6 2012-07-19 16:32 . 2012-07-19 16:32 -------- d-----w- c:programdataExtension Manager CS6 2012-07-19 04:02 . 2012-07-19 04:02 -------- d-----w- C:FRST 2012-07-18 16:51 . 2012-07-18 16:51 -------- d-----w- c:usersShteryantemp 2012-07-16 17:49 . 2012-07-16 17:49 -------- d-----w- c:program filesDAEMON Tools Lite 2012-07-15 03:07 . 2012-07-15 03:07 -------- d-----w- c:program filesValve 2012-07-15 03:04 . 2012-07-15 03:04 -------- d-----w- c:usersShteryanAppDataRoamingPrism 2012-07-15 03:04 . 2012-07-15 03:04 -------- d-----w- c:usersShteryanAppDataLocalPrism 2012-07-10 23:53 . 2012-06-02 08:25 1427968 ----a-w- c:windowssystem32inetcpl.cpl 2012-07-10 23:47 . 2012-06-12 02:40 2345984 ----a-w- c:windowssystem32win32k.sys 2012-07-10 23:44 . 2012-05-04 09:59 514560 ----a-w- c:windowssystem32qdvd.dll 2012-07-10 23:44 . 2012-06-02 04:45 67440 ----a-w- c:windowssystem32driversksecdd.sys 2012-07-10 23:44 . 2012-06-02 04:45 134000 ----a-w- c:windowssystem32driversksecpkg.sys 2012-07-10 23:44 . 2012-06-02 04:40 369336 ----a-w- c:windowssystem32driverscng.sys 2012-07-10 23:44 . 2012-06-02 04:40 225280 ----a-w- c:windowssystem32schannel.dll 2012-07-10 23:44 . 2012-06-02 04:39 219136 ----a-w- c:windowssystem32ncrypt.dll 2012-07-10 19:27 . 2012-06-06 05:05 1390080 ----a-w- c:windowssystem32msxml6.dll 2012-07-10 19:27 . 2012-06-06 05:05 1236992 ----a-w- c:windowssystem32msxml3.dll 2012-07-10 19:27 . 2010-06-26 03:24 2048 ----a-w- c:windowssystem32msxml3r.dll 2012-07-10 19:27 . 2012-06-06 05:05 1019904 ----a-w- c:program filesCommon FilesSystemadomsado15.dll 2012-07-10 19:27 . 2012-06-06 05:03 805376 ----a-w- c:windowssystem32cdosys.dll 2012-07-10 19:27 . 2012-06-06 05:05 57344 ----a-w- c:program filesCommon FilesSystemadomsador15.dll 2012-07-10 19:27 . 2012-06-06 05:05 352256 ----a-w- c:program filesCommon FilesSystemadomsadomd.dll 2012-07-10 19:27 . 2012-06-06 05:05 212992 ----a-w- c:program filesCommon FilesSystemmsadcmsadco.dll 2012-07-10 19:27 . 2012-06-06 05:05 143360 ----a-w- c:program filesCommon FilesSystemadomsjro.dll 2012-07-10 19:27 . 2012-06-06 05:05 372736 ----a-w- c:program filesCommon FilesSystemadomsadox.dll 2012-07-06 22:07 . 2012-05-14 06:12 86656 ----a-w- c:windowssystem32driversAtihdW73.sys 2012-06-30 23:43 . 2012-05-01 04:44 164352 ----a-w- c:windowssystem32profsvc.dll 2012-06-30 23:42 . 2012-04-24 04:36 140288 ----a-w- c:windowssystem32cryptsvc.dll 2012-06-30 23:42 . 2012-04-24 04:36 1158656 ----a-w- c:windowssystem32crypt32.dll 2012-06-30 23:42 . 2012-04-24 04:36 103936 ----a-w- c:windowssystem32cryptnet.dll 2012-06-30 18:47 . 2012-06-30 18:51 -------- d-----w- c:usersShteryanAppDataRoamingDarkBlood ServiceNa . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-13 20:45 . 2012-07-13 20:44 3329297 ----a-w- C:Qoobox.zip 2012-07-11 18:35 . 2012-04-11 19:56 426184 ----a-w- c:windowssystem32FlashPlayerApp.exe 2012-07-11 18:35 . 2011-07-18 18:33 70344 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2012-06-11 10:50 . 2012-06-11 10:50 159232 ----a-w- c:windowssystem32clinfo.exe 2012-06-11 10:50 . 2012-06-11 10:50 65024 ----a-w- c:windowssystem32OpenVideo.dll 2012-06-11 10:50 . 2012-06-11 10:50 56320 ----a-w- c:windowssystem32OVDecode.dll 2012-06-11 10:49 . 2012-06-11 10:49 13008896 ----a-w- c:windowssystem32amdocl.dll 2012-06-08 22:54 . 2012-06-08 22:54 249856 ------w- c:windowsSetup1.exe 2012-06-08 22:54 . 2012-06-08 22:54 73216 ----a-w- c:windowsST6UNST.EXE 2012-06-02 22:19 . 2012-06-21 01:50 53784 ----a-w- c:windowssystem32wuauclt.exe 2012-06-02 22:19 . 2012-06-21 01:50 45080 ----a-w- c:windowssystem32wups2.dll 2012-06-02 22:19 . 2012-06-21 01:49 35864 ----a-w- c:windowssystem32wups.dll 2012-06-02 22:19 . 2012-06-21 01:49 577048 ----a-w- c:windowssystem32wuapi.dll 2012-06-02 22:19 . 2012-06-21 01:49 1933848 ----a-w- c:windowssystem32wuaueng.dll 2012-06-02 22:12 . 2012-06-21 01:49 2422272 ----a-w- c:windowssystem32wucltux.dll 2012-06-02 22:12 . 2012-06-21 01:49 88576 ----a-w- c:windowssystem32wudriver.dll 2012-06-02 12:19 . 2012-06-21 01:49 171904 ----a-w- c:windowssystem32wuwebv.dll 2012-06-02 12:12 . 2012-06-21 01:49 33792 ----a-w- c:windowssystem32wuapp.exe 2012-05-04 16:29 . 2012-02-28 18:01 772504 ----a-w- c:windowssystem32npdeployJava1.dll 2012-05-04 16:29 . 2010-04-16 07:02 687504 ----a-w- c:windowssystem32deployJava1.dll 2012-04-28 04:41 . 2012-06-12 20:31 919040 ----a-w- c:windowssystem32rdpcorets.dll 2012-04-28 03:17 . 2012-06-12 20:31 183808 ----a-w- c:windowssystem32driversrdpwd.sys 2012-04-26 04:45 . 2012-06-12 20:31 58880 ----a-w- c:windowssystem32rdpwsx.dll 2012-04-26 04:45 . 2012-06-12 20:31 129536 ----a-w- c:windowssystem32rdpcorekmts.dll 2012-04-26 04:41 . 2012-06-12 20:31 8192 ----a-w- c:windowssystem32rdrmemptylst.exe 2010-01-26 08:11 . 2011-07-14 20:09 444283 ----a-w- c:program filesCommon FilesWinPcapNmap.exe 2012-05-20 20:02 . 2011-06-23 17:55 97208 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll 2006-05-03 08:06 163328 --sha-r- c:windowsSystem32flvDX.dll 2007-02-21 09:47 31232 --sha-r- c:windowsSystem32msfDX.dll 2008-03-16 11:30 216064 --sha-r- c:windowsSystem32nbDX.dll 2010-01-06 21:00 107520 --sha-r- c:windowsSystem32TAKDSDecoder.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-13_20.30.20 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-25 23:32 . 2012-07-21 11:45 57566 c:windowsSystem32wdiShutdownPerformanceDiagnostics_SystemData.bin + 2010-06-24 09:16 . 2012-07-21 11:45 53736 c:windowsSystem32wdiBootPerformanceDiagnostics_SystemData.bin + 2010-06-24 09:16 . 2012-07-21 11:45 17732 c:windowsSystem32wdi{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-406150165-4229933280-2932400274-1001_UserData.bin - 2010-04-15 12:20 . 2012-07-13 18:15 16384 c:windowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat + 2010-04-15 12:20 . 2012-07-21 11:46 16384 c:windowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsCookiesindex.dat - 2010-04-15 12:20 . 2012-07-13 18:15 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat + 2010-04-15 12:20 . 2012-07-21 11:46 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat + 2012-07-16 18:57 . 2012-07-16 18:57 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012012071620120717index.dat + 2012-07-16 18:57 . 2012-07-16 18:57 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5MSHist012012070920120716index.dat - 2009-07-14 04:41 . 2012-07-13 18:15 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat + 2009-07-14 04:41 . 2012-07-21 11:46 32768 c:windowsSystem32configsystemprofileAppDataLocalMicrosoftWindowsHistoryHistory.IE5index.dat + 2009-07-14 04:34 . 2012-07-15 23:06 97752 c:windowsServiceProfilesNetworkServiceAppDataRoamingMicrosoftSoftwareProtectionPlatformCachecache.dat + 2012-07-14 13:23 . 2012-07-14 13:23 25600 c:windowsInstaller422b40f.msi + 2012-07-21 11:42 . 2012-07-21 11:42 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat - 2012-07-11 15:38 . 2012-07-13 18:12 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat + 2012-07-21 11:42 . 2012-07-21 11:42 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat - 2012-07-11 15:38 . 2012-07-13 18:12 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat + 2009-07-14 02:05 . 2012-07-19 16:55 693404 c:windowsSystem32perfh009.dat - 2009-07-14 02:05 . 2012-06-13 00:13 693404 c:windowsSystem32perfh009.dat - 2009-07-14 02:05 . 2012-06-13 00:13 137804 c:windowsSystem32perfc009.dat + 2009-07-14 02:05 . 2012-07-19 16:55 137804 c:windowsSystem32perfc009.dat + 2010-04-15 12:25 . 2012-07-16 18:57 262144 c:windowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsIETldCacheindex.dat - 2010-04-15 12:25 . 2012-07-09 18:33 262144 c:windowsSystem32configsystemprofileAppDataRoamingMicrosoftWindowsIETldCacheindex.dat - 2012-05-29 05:24 . 2012-07-11 15:34 298976 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache3.0.0.0.dat + 2012-05-29 05:24 . 2012-07-21 11:41 298976 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache3.0.0.0.dat + 2009-07-14 04:47 . 2012-07-18 16:59 466080 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-System.dat - 2009-07-14 04:47 . 2012-07-11 15:34 466080 c:windowsServiceProfilesLocalServiceAppDataLocalFontCache-System.dat + 2012-02-25 16:54 . 2012-07-21 11:46 371272 c:windowsInstaller{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}SkypeIcon.exe - 2012-02-25 16:54 . 2012-06-21 17:28 371272 c:windowsInstaller{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}SkypeIcon.exe + 2009-07-14 04:34 . 2012-07-15 22:35 5973661 c:windowsServiceProfilesNetworkServiceAppDataRoamingMicrosoftSoftwareProtectionPlatformtokens.dat - 2009-07-14 04:34 . 2012-07-01 22:32 5973661 c:windowsServiceProfilesNetworkServiceAppDataRoamingMicrosoftSoftwareProtectionPlatformtokens.dat + 2012-07-21 11:46 . 2012-07-21 11:46 19337216 c:windowsInstaller4113b.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOTCLSID{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 07:20 64792 ----a-w- c:program filesCommon FilesTortoiseOverlaysTortoiseOverlays.dll . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "ISUSPM"="c:program filesCommon FilesInstallShieldUpdateServiceISUSPM.exe" [2006-03-20 213936] "AtiTrayTools"="c:program filesRay AdamsATI Tray Toolsatitray.exe" [2011-04-16 929792] "uTorrent"="c:program filesuTorrentuTorrent.exe" [2012-07-18 956304] "Skype"="c:program filesSkypePhoneSkype.exe" [2012-07-13 17418928] "RocketDock"="c:program filesRocketDockRocketDock.exe" [2007-09-02 495616] "Steam"="c:program filesSteamsteam.exe" [2012-07-18 1353080] "DAEMON Tools Lite"="c:program filesDAEMON Tools LiteDTLite.exe" [2012-04-17 3671872] "HydraVisionDesktopManager"="c:program filesATI TechnologiesHydraVisionHydraDM.exe" [2011-05-04 393216] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "QuickTime Task"="c:program filesQuickTimeQTTask.exe" [2011-07-05 421888] "UnlockerAssistant"="c:program filesUnlockerUnlockerAssistant.exe" [2010-07-04 17408] "amd_dc_opt"="c:program filesAMDDual-Core Optimizeramd_dc_opt.exe" [2008-07-22 77824] "PLFSetL"="c:windowsPLFSetL.exe" [2008-07-03 94208] "RTHDVCPL"="c:program filesRealtekAudioHDARtHDVCpl.exe" [2011-10-17 11430504] "SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2011-06-23 2274600] "Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2012-01-03 843712] "Bonus.SSR.FR10"="c:program filesABBYY FineReader 10Bonus.ScreenshotReader.exe" [2011-06-08 941320] "DivXUpdate"="c:program filesDivXDivX UpdateDivXUpdate.exe" [2011-07-28 1259376] "StartCCC"="c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2012-04-05 641664] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2012-01-17 252296] "LManager"="c:program filesLaunch ManagerLManager.EXE" [2009-09-15 842248] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "NoVirtMemPage"= 0 (0x0) "DisplayLastLogonInfo"= 1 (0x1) . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoCustomizeThisFolder"= 0 (0x0) . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "TaskbarNoNotification"= 0 (0x0) "NoAutorun"= 1 (0x1) "DontSetAutoplayCheckbox"= 0 (0x0) . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ 0 . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGoogle Update] 2010-12-16 14:01 136176 ----atw- c:usersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSalem Secrets OLR] 2009-12-17 11:27 79104 ------w- c:progra~1Avanquest Software Publishing LtdOLRSalem SecretsBVRPOLR.exe . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "Sony Ericsson PC Companion"="c:program filesSony EricssonSony Ericsson PC CompanionPCCompanion.exe" /systray /nologon . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-] "PLFSetI"=c:windowsPLFSetI.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center] "AntiSpyWareDisableNotify"=dword:00000001 . R0 flqf4nvb;Vba32 Armour Driver;c:windowsSystem32Driversflqf4nvb.sys [x] R1 aswSnx;aswSnx; [x] R1 ntiomin;ntiomin; [x] R2 appdrvrem01;Application Driver Auto Removal Service (01);c:windowsSystem32appdrvrem01.exe svc [x] R2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [x] R2 KMService;KMService;c:windowssystem32srvany.exe [x] R2 OMSI download service;Sony Ericsson OMSI download service;c:program filesSony EricssonSony Ericsson PC SuiteSupServ.exe [x] R2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [x] R3 c2wts;Claims to Windows Token Service;c:program filesWindows Identity Foundationv3.5c2wtshost.exe [x] R3 cpuz130;cpuz130;c:usersShteryanAppDataLocalTempcpuz130cpuz_x32.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:windowssystem32DRIVERSew_hwusbdev.sys [x] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:windowssystem32DRIVERSewusbnet.sys [x] R3 GarenaPEngine;GarenaPEngine;c:usersShteryanAppDataLocalTempMJJ2536.tmp [x] R3 GGSAFERDriver;GGSAFER Driver;c:program filesGarena PlusRoomsafedrv.sys [x] R3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [x] R3 huawei_enumerator;huawei_enumerator;c:windowssystem32DRIVERSew_jubusenum.sys [x] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:windowssystem32DRIVERSjrdusbser.sys [x] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:windowssystem32DRIVERSManyCam.sys [x] R3 MonitorFunction;Driver for Monitor;c:windowssystem32DRIVERSTVMonitor.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesMozilla Maintenance Servicemaintenanceservice.exe [x] R3 npggsvc;nProtect GameGuard Service;c:windowssystem32GameMon.des [x] R3 osppsvc;Office Software Protection Platform;c:program filesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [x] R3 PCANDIS4_RETWIFI;PCANDIS4_RETWIFI Protocol Driver;c:progra~1eEye Digital SecurityRetina Wireless ScannerPCANDIS4_RETWIFI.SYS [x] R3 PCANDIS5_WIFISCAN.SYS;PCANDIS5_WIFISCAN.SYS;c:program fileseEye Digital SecurityRetina Wireless ScannerPCANDIS5_WIFISCAN.SYS [x] R3 pcouffin;VSO Software pcouffin;c:windowssystem32Driverspcouffin.sys [x] R3 PsSdk40;PsSdk40;c:windowssystem32Driverspssdk40.sys [x] R3 PsSdkLBF;PsSdkLBF;c:windowssystem32Driverspssdklbf.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [x] R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:windowssystem32DRIVERSs1018bus.sys [x] R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:windowssystem32DRIVERSs1018mdfl.sys [x] R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:windowssystem32DRIVERSs1018mdm.sys [x] R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:windowssystem32DRIVERSs1018mgmt.sys [x] R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:windowssystem32DRIVERSs1018nd5.sys [x] R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:windowssystem32DRIVERSs1018obex.sys [x] R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:windowssystem32DRIVERSs1018unic.sys [x] R3 SIVDRIVER;SIV Kernel Driver;c:windowssystem32DriversSIVX32.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:windowssystem32DRIVERSVSTAZL3.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:windowssystem32DRIVERSVSTDPV3.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:windowssystem32DRIVERSVSTCNXT3.SYS [x] R3 Synth3dVsc;Synth3dVsc;c:windowssystem32driverssynth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:windowssystem32driverstsusbhub.sys [x] R3 VGPU;VGPU;c:windowssystem32driversrdvgkmd.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32DRIVERSvwifimp.sys [x] R3 WatAdminSvc;Услуга на технологиите за активиране на Windows;c:windowssystem32WatWatAdminSvc.exe [x] R3 winbondcir;Winbond IR Transceiver;c:windowssystem32DRIVERSwinbondcir.sys [x] R3 XDva348;XDva348;c:windowssystem32XDva348.sys [x] R3 XDva375;XDva375;c:windowssystem32XDva375.sys [x] R3 XDva398;XDva398;c:windowssystem32XDva398.sys [x] S0 sptd;sptd;c:windowsSystemRootSystem32Driverssptd.sys [x] S1 appdrv01;Application Driver (01);c:windowssystem32Driversappdrv01.sys [x] S1 atitray;atitray;c:program filesRay AdamsATI Tray Toolsatitray.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:program filesCommon FilesAdobeARM1.0armsvc.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [x] S2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [x] S2 ETService;Empowering Technology Service;c:program filesAcerEmpowering TechnologyServiceETService.exe [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:program filesLogMeIn Hamachihamachi-2.exe [x] S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:windowsInstallerMSI2CDD.tmp [x] S2 Live Updater Service;Live Updater Service;c:program filesAcerAcer UpdaterUpdaterService.exe [x] S2 npf;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [x] S2 TeamViewer7;TeamViewer 7;c:program filesTeamViewerVersion7TeamViewer_Service.exe [x] S3 amdkmdag;amdkmdag;c:windowssystem32DRIVERSatikmdag.sys [x] S3 amdkmdap;amdkmdap;c:windowssystem32DRIVERSatikmpag.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [x] S3 DKRtWrt;DKRtWrt;c:windowssystem32DRIVERSDKRtWrt.sys [x] S3 KMWDFILTERx86;HIDServiceDesc;c:windowssystem32DRIVERSKMWDFILTER.sys [x] S3 nuvotoncir;Nuvoton IR Transceiver;c:windowssystem32DRIVERSnuvotoncir.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-21 c:windowsTasksAdobe Flash Player Updater.job - c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2012-04-11 18:35] . 2012-07-21 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2011-07-10 18:17] . 2012-07-21 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2011-07-10 18:17] . 2012-07-21 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001Core.job - c:usersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-16 14:01] . 2012-07-21 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-406150165-4229933280-2932400274-1001UA.job - c:usersShteryanAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-16 14:01] . . ------- Supplementary Scan ------- . uStart Page = about:blank uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s IE: Add to Google Photos Screensa&ver - c:windowssystem32GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:progra~1MIF5BA~1Office14EXCEL.EXE/3000 IE: Se&nd to OneNote - c:progra~1MIF5BA~1Office14ONBttnIE.dll/105 IE: Свали видеото с Free Download Manager - file://c:program filesFree Download Managerdlfvideo.htm IE: Свали всички с Free Download Manager - file://c:program filesFree Download Managerdlall.htm IE: Свали избраните с Free Download Manager - file://c:program filesFree Download Managerdlselected.htm IE: Свали с Free Download Manager - file://c:program filesFree Download Managerdllink.htm IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:program filesICQ7.7ICQ.exe TCP: Interfaces{02C1951F-38D9-4B31-9F1C-7A3AC0D9AAA8}: NameServer = 212.39.90.42,212.39.90.43 FF - ProfilePath - c:usersShteryanAppDataRoamingMozillaFirefoxProfilesz5v5mp3d.default FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . HKLM-Run-DudeServer - c:program filesDudedude.exe AddRemove-UnityWebPlayer - c:usersShteryanAppDataLocalUnityWebPlayerUninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesGarenaPEngine] "ImagePath"="??c:usersShteryanAppDataLocalTempMJJ2536.tmp" . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesHyperDeskCustomThemeEnabler] "ImagePath"=""c:windowsInstallerMSI2CDD.tmp" -service" . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesnpggsvc] "ImagePath"="c:windowssystem32GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{645FF040-5081-101B-9F08-00AA002F954E}shellB20@O=5 *=0 *C*C*l*e*a*n*e*r*& command] @="c:Program FilesCCleanerccleaner.exe" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0000AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0001AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0002AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0006AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0007AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(1932) c:program filesATI TechnologiesHydraVisionHydraDMH.dll c:program filesRay AdamsATI Tray Toolsraphook.dll . Completion time: 2012-07-21 15:20:14 ComboFix-quarantined-files.txt 2012-07-21 12:20 ComboFix2.txt 2012-07-13 20:38 . Pre-Run: 15 711 825 920 bytes free Post-Run: 15 757 172 736 bytes free . - - End Of File - - E7C273584113B2563478CD507B54936B

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Добре...!:)

    Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук

    * Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

    * Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

    * Ако има намерени обновявания, тя ще ги изтегли и инсталира.

    * Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

    * Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

    * Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

    * Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

    * Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

    Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Malwarebytes Anti-Malware (Пробна версия) 1.62.0.1300 www.malwarebytes.org Версия на базата от данни: v2012.07.21.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Shteryan :: ACTEPUKC [администратор] Защита: включена 21.7.2012 г. 17:55:05 mbam-log-2012-07-21 (17-55-05).txt Тип сканиране: Пълно сканиране (C:|D:|) Включени опции за сканиране: Памет | Автоматично зареждане | Системен регистър | Файлова система | Евристики/Допълнителни | Евристики/Shuriken | PUP | PUM Изключени опции за сканиране: P2P Сканирани обекти: 429954 Изминало време: 3 час(а), 53 минута(и), 1 секунда(и) Открити процеси в паметта: 0 (Не бяха открити зловредни обекти) Открити модули в паметта: 0 (Не бяха открити зловредни обекти) Открити ключове в системния регистър: 0 (Не бяха открити зловредни обекти) Открити стойности в системния регистър: 0 (Не бяха открити зловредни обекти) Открити информационни обекти в системния регистър: 0 (Не бяха открити зловредни обекти) Открити папки: 0 (Не бяха открити зловредни обекти) Открити файлове: 15 C:DownloadsПрактичен десктоп (2012)AddgadgetsSystemMonitorIIcoretemp_1236.exe (PUP.BundleOffers.IIQ) -> Не беше предприето действие. C:DownloadsmIRC 7.22 Finalmirc.7.1x-patch.exe (PUP.Hacktool.Patcher) -> Поставен под карантина и изтрит успешно. C:DownloadsMicrosoft Windows Genuine Advantage (WGA) 1.9.42 + Office Genuine Advantage (OGA) 2.0.48MGA6crack.exe (Backdoor.Agent.H) -> Поставен под карантина и изтрит успешно. C:Program FilesmIRCmirc.7.1x-patch.exe (PUP.Hacktool.Patcher) -> Поставен под карантина и изтрит успешно. C:QooboxQuarantineCUsersShteryanAppDataLocalTempDIRBetterInstaller.exe.vir (PUP.BundleInstaller.Somoto) -> Поставен под карантина и изтрит успешно. C:UsersShteryanAppDataLocalXenocodeSandboxMicroinvest Validator1.12011.06.08T07.26NativeSTUBEXE8.0.1112@WINDIR@Microsoft.NETFrameworkv4.0.30319csc.exe (Trojan.Agent) -> Поставен под карантина и изтрит успешно. C:UsersShteryanAppDataLocalXenocodeSandboxMicroinvest Validator1.12011.06.08T07.26NativeSTUBEXE8.0.1112@WINDIR@Microsoft.NETFrameworkv4.0.30319cvtres.exe (Trojan.Agent) -> Поставен под карантина и изтрит успешно. C:UsersShteryanAppDataLocalXenocodeSandboxMicroinvest Validator1.12011.06.08T07.26VirtualSTUBEXE8.0.1112@PROGRAMFILES@MicroinvestValidatorMicroinvest Validator.exe (Trojan.Agent) -> Поставен под карантина и изтрит успешно. C:UsersShteryanDesktop1usb_format.exe (Packer.ModifiedUPX) -> Поставен под карантина и изтрит успешно. D:DownloadsRemoveWAT v2.2.6RemoveWAT.exe (HackTool.Wpakill) -> Поставен под карантина и изтрит успешно. D:GamesCS 1.5Half-Life_cdkeygen.exe (RiskWare.Tool.CK) -> Поставен под карантина и изтрит успешно. D:GamesGovernor of Poker 2 - Premium EditionUninstall.exe (Malware.Packer.Krunchy) -> Поставен под карантина и изтрит успешно. D:GamesInsanely Twisted Shadow PlanetTDU3k.exe (Packer.ModifiedUPX) -> Поставен под карантина и изтрит успешно. D:GamesL2Controll2dllr.dll (Malware.Packer.Gen) -> Поставен под карантина и изтрит успешно. D:GamesIbizagame_ru.ex_ (Trojan.Agent.Gen) -> Поставен под карантина и изтрит успешно. (край)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Какво е сега положението със системата ви..? Наблюдавате ли някъкви проблеми..?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    започна да загрява супер много :) не знам дали е от това, но до сега нямаше такива проблеми мисля, че нещо се околи :D

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ееее...каква връзка има почистването от вируси и загряването на компютъра...!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    аз ако знаех ... Благодаря за всичко, да затворя темата, като решена ? или ти ще го направиш ?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Деинсталирайте Комбофикс така:

    1.Натиснете Start ==> Run ==> въведете командата Combofix /Uninstall ==> OK

    Публикувано изображение

    2.Изтеглете Публикувано изображениеOTCleanIt или от тук,стартирайте и натиснете Публикувано изображение

    Ще последва рестарт на компютъра ви..! Изтриете всичко което използвахме в процедурата,както и всички генерирани логове...всички програмки и фиксове.Пожелавам безопасен интренет и лек ден..!:)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    • Подобни теми

      • от tany
        От известно време 3-4 пъти месечно "Актуализация" ми иска съгласието да го инсталирам.Аз отказвам но след 6-7 дни пак опит 
        и така вече няколко месеца.Нямам представа дали е вирус,нямам проблеми с компютъра,няма забивания или забавяне.
        Ето за това става въпрос
         
         
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2017
        Ran by Стоянчо (administrator) on DESKTOP-HV76MO6 (24-09-2017 23:11:02)
        Running from C:\Users\Стоянчо\Downloads
        Loaded Profiles: Стоянчо (Available Profiles: Стоянчо)
        Platform: Windows 10 Pro Version 1703 (X64) Language: Български (България)
        Internet Explorer Version 11 (Default browser: Chrome)
        Boot Mode: Normal
        Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
        ==================== Processes (Whitelisted) =================
        (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
        (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
        (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
        (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
        (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
        (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
        (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
        (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
        (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
        () C:\Program Files\Gramblr\gramblr.exe
        (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
        (Intel Corporation) C:\Windows\System32\igfxEM.exe
        (Intel Corporation) C:\Windows\System32\igfxHK.exe
        () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
        (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
        (Microsoft Corporation) C:\Windows\System32\dllhost.exe
        (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
        (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
        (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
        () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        ==================== Registry (Whitelisted) ===========================
        (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
        HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
        HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
        Winlogon\Notify\igfxcui: igfxdev.dll [X]
        HKU\S-1-5-21-3274723310-3931731729-1199849900-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
        HKU\S-1-5-21-3274723310-3931731729-1199849900-1001\...\Run: [GoogleChromeAutoLaunch_7AC76D272A3C9865EEE36FF327D0728E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
        Startup: C:\Users\Стоянчо\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2016-12-26]
        ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Стоянчо\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
        ==================== Internet (Whitelisted) ====================
        (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
        Hosts: 127.0.0.1    localhost
        Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
        Tcpip\..\Interfaces\{2b43ead3-416b-49fc-acb0-4ea078b43530}: [DhcpNameServer] 192.168.42.129
        Tcpip\..\Interfaces\{9146b479-0d48-411c-83c0-18542761f0fe}: [DhcpNameServer] 95.87.194.4 192.168.0.1
        Tcpip\..\Interfaces\{a5340c57-e453-40ab-bfb5-c36cda227066}: [DhcpNameServer] 192.168.1.1
        Internet Explorer:
        ==================
        BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
        BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
        BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
        BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
        Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
        Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
        Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
        Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
        FireFox:
        ========
        FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
        FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
        FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
        FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
        FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-19] (Microsoft Corporation)
        FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-19] (Microsoft Corporation)
        FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
        FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
        Chrome: 
        =======
        CHR DefaultProfile: Default
        CHR Profile: C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
        CHR Extension: (Google Презентации) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
        CHR Extension: (Google Документи) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
        CHR Extension: (Google Диск) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
        CHR Extension: (YouTube) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
        CHR Extension: (Video Downloader professional) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-04]
        CHR Extension: (Електронни таблици от Google) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
        CHR Extension: (Farmville 2 Beacon) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkkmnngogaccacpomdhdiahljbjihoc [2017-05-08]
        CHR Extension: (Google Документи офлайн) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
        CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
        CHR Extension: (Gmail) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
        CHR Extension: (Chrome Media Router) - C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
        CHR Extension: (JobBoxPro) - C:\Users\Стоянчо\Downloads\Нова папка (6)\jobboxpro [2017-01-25]
        CHR Profile: C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-14]
        CHR Profile: C:\Users\Стоянчо\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-11]
        ==================== Services (Whitelisted) ====================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
        R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
        R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11867216 2017-09-23] () [File not signed]
        R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
        S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
        S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-05-04] (Enigma Software Group USA, LLC.)
        R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated)
        R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
        R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-30] (Microsoft Corporation)
        ===================== Drivers (Whitelisted) ======================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
        S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-05-04] ()
        R1 MpKsl1045740a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1018B7D-39B5-48CE-97D7-3CAF92792300}\MpKsl1045740a.sys [44928 2017-09-24] (Microsoft Corporation)
        R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
        R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895224 2016-02-17] (Realtek )
        R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-09-13] (Ralink Technology, Corp.)
        S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
        S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
        S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-03-18] (Microsoft Corporation)
        S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
        R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
        R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
        R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
        ==================== NetSvcs (Whitelisted) ===================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        ==================== One Month Created files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-09-24 23:11 - 2017-09-24 23:12 - 000012716 _____ C:\Users\Стоянчо\Downloads\FRST.txt
        2017-09-24 23:10 - 2017-09-24 23:11 - 000000000 ____D C:\FRST
        2017-09-24 23:10 - 2017-09-24 23:10 - 002399744 _____ (Farbar) C:\Users\Стоянчо\Downloads\FRST64.exe
        2017-09-20 22:41 - 2017-09-20 22:43 - 000000000 ____D C:\Users\Стоянчо\Desktop\други
        2017-09-15 23:41 - 2017-09-15 23:41 - 017675071 _____ C:\Users\Стоянчо\Downloads\Milk and Honey- Didi(DVD Quality).mp4
        2017-09-13 07:05 - 2017-09-05 08:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
        2017-09-13 07:05 - 2017-09-05 08:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
        2017-09-13 07:05 - 2017-09-05 08:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
        2017-09-13 07:05 - 2017-09-05 08:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
        2017-09-13 07:05 - 2017-09-05 08:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
        2017-09-13 07:05 - 2017-09-05 08:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
        2017-09-13 07:05 - 2017-09-05 07:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
        2017-09-13 07:05 - 2017-09-05 07:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
        2017-09-13 07:05 - 2017-09-05 07:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
        2017-09-13 07:05 - 2017-09-05 07:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
        2017-09-13 07:05 - 2017-09-05 07:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
        2017-09-13 07:05 - 2017-09-05 07:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
        2017-09-13 07:05 - 2017-09-05 07:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
        2017-09-13 07:05 - 2017-09-05 07:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
        2017-09-13 07:05 - 2017-09-05 07:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
        2017-09-13 07:05 - 2017-09-05 07:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
        2017-09-13 07:05 - 2017-09-05 07:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
        2017-09-13 07:05 - 2017-09-05 07:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
        2017-09-13 07:05 - 2017-09-05 07:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
        2017-09-13 07:05 - 2017-09-05 07:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
        2017-09-13 07:05 - 2017-09-05 07:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
        2017-09-13 07:05 - 2017-09-05 07:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
        2017-09-13 07:05 - 2017-09-05 07:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
        2017-09-13 07:05 - 2017-09-05 07:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
        2017-09-13 07:05 - 2017-09-05 07:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
        2017-09-13 07:05 - 2017-09-05 07:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
        2017-09-13 07:05 - 2017-09-05 07:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
        2017-09-13 07:05 - 2017-09-05 07:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
        2017-09-13 07:05 - 2017-09-05 07:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
        2017-09-13 07:05 - 2017-09-05 07:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
        2017-09-13 07:05 - 2017-09-05 07:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
        2017-09-13 07:05 - 2017-09-05 07:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
        2017-09-13 07:05 - 2017-09-05 07:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
        2017-09-13 07:05 - 2017-09-05 07:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
        2017-09-13 07:05 - 2017-09-05 07:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
        2017-09-13 07:05 - 2017-09-05 07:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
        2017-09-13 07:05 - 2017-09-05 07:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
        2017-09-13 07:05 - 2017-09-05 07:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
        2017-09-13 07:05 - 2017-09-05 07:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
        2017-09-13 07:05 - 2017-09-05 07:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
        2017-09-13 07:05 - 2017-09-05 07:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
        2017-09-13 07:05 - 2017-09-05 07:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
        2017-09-13 07:05 - 2017-09-05 07:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
        2017-09-13 07:05 - 2017-09-05 07:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
        2017-09-13 07:05 - 2017-09-05 07:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
        2017-09-13 07:05 - 2017-09-05 07:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
        2017-09-13 07:05 - 2017-09-05 07:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
        2017-09-13 07:05 - 2017-09-05 07:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
        2017-09-13 07:05 - 2017-09-05 07:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
        2017-09-13 07:05 - 2017-09-05 07:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
        2017-09-13 07:05 - 2017-09-05 07:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
        2017-09-13 07:05 - 2017-09-05 07:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
        2017-09-13 07:05 - 2017-09-05 07:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
        2017-09-13 07:05 - 2017-09-05 07:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
        2017-09-13 07:05 - 2017-09-05 07:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
        2017-09-13 07:05 - 2017-09-05 07:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
        2017-09-13 07:05 - 2017-09-05 07:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
        2017-09-13 07:05 - 2017-09-05 07:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
        2017-09-13 07:05 - 2017-09-05 07:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
        2017-09-13 07:05 - 2017-09-05 07:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
        2017-09-13 07:05 - 2017-09-05 07:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
        2017-09-13 07:05 - 2017-09-05 07:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
        2017-09-13 07:05 - 2017-09-05 07:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
        2017-09-13 07:05 - 2017-09-05 07:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
        2017-09-13 07:05 - 2017-09-05 07:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
        2017-09-13 07:05 - 2017-09-05 07:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
        2017-09-13 07:05 - 2017-09-05 07:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
        2017-09-13 07:05 - 2017-09-05 07:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
        2017-09-13 07:05 - 2017-09-05 07:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
        2017-09-13 07:05 - 2017-09-05 07:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
        2017-09-13 07:05 - 2017-09-05 07:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
        2017-09-13 07:05 - 2017-09-05 07:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
        2017-09-13 07:05 - 2017-09-05 07:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
        2017-09-13 07:05 - 2017-09-05 07:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
        2017-09-13 07:05 - 2017-09-05 07:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
        2017-09-13 07:05 - 2017-09-05 07:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
        2017-09-13 07:05 - 2017-09-05 07:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
        2017-09-13 07:05 - 2017-09-05 07:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
        2017-09-13 07:05 - 2017-09-05 07:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
        2017-09-13 07:05 - 2017-09-05 07:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
        2017-09-13 07:05 - 2017-09-05 07:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
        2017-09-13 07:05 - 2017-09-05 07:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
        2017-09-13 07:05 - 2017-09-05 07:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
        2017-09-13 07:05 - 2017-09-05 07:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
        2017-09-13 07:05 - 2017-09-05 07:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
        2017-09-13 07:05 - 2017-09-05 07:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
        2017-09-13 07:05 - 2017-09-05 07:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
        2017-09-13 07:05 - 2017-09-05 07:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
        2017-09-13 07:05 - 2017-09-05 07:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
        2017-09-13 07:05 - 2017-09-05 07:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
        2017-09-13 07:05 - 2017-09-05 07:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
        2017-09-13 07:05 - 2017-09-05 07:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
        2017-09-13 07:05 - 2017-09-05 07:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
        2017-09-13 07:05 - 2017-09-05 07:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
        2017-09-13 07:05 - 2017-09-05 07:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
        2017-09-13 07:05 - 2017-09-05 07:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
        2017-09-13 07:05 - 2017-09-05 07:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
        2017-09-13 07:04 - 2017-09-05 08:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
        2017-09-13 07:04 - 2017-09-05 08:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
        2017-09-13 07:04 - 2017-09-05 08:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
        2017-09-13 07:04 - 2017-09-05 08:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
        2017-09-13 07:04 - 2017-09-05 08:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
        2017-09-13 07:04 - 2017-09-05 08:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
        2017-09-13 07:04 - 2017-09-05 08:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
        2017-09-13 07:04 - 2017-09-05 08:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
        2017-09-13 07:04 - 2017-09-05 08:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
        2017-09-13 07:04 - 2017-09-05 08:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
        2017-09-13 07:04 - 2017-09-05 08:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
        2017-09-13 07:04 - 2017-09-05 08:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
        2017-09-13 07:04 - 2017-09-05 08:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
        2017-09-13 07:04 - 2017-09-05 08:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
        2017-09-13 07:04 - 2017-09-05 08:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
        2017-09-13 07:04 - 2017-09-05 08:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
        2017-09-13 07:04 - 2017-09-05 08:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
        2017-09-13 07:04 - 2017-09-05 08:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
        2017-09-13 07:04 - 2017-09-05 08:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
        2017-09-13 07:04 - 2017-09-05 07:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
        2017-09-13 07:04 - 2017-09-05 07:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
        2017-09-13 07:04 - 2017-09-05 07:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
        2017-09-13 07:04 - 2017-09-05 07:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
        2017-09-13 07:04 - 2017-09-05 07:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
        2017-09-13 07:04 - 2017-09-05 07:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
        2017-09-13 07:04 - 2017-09-05 07:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
        2017-09-13 07:04 - 2017-09-05 07:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
        2017-09-13 07:04 - 2017-09-05 07:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
        2017-09-13 07:04 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
        2017-09-13 07:04 - 2017-09-05 07:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
        2017-09-13 07:04 - 2017-09-05 07:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
        2017-09-13 07:04 - 2017-09-05 07:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
        2017-09-13 07:04 - 2017-09-05 07:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
        2017-09-13 07:04 - 2017-09-05 07:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
        2017-09-13 07:04 - 2017-09-05 07:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
        2017-09-13 07:04 - 2017-09-05 07:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
        2017-09-13 07:04 - 2017-09-05 07:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
        2017-09-13 07:04 - 2017-09-05 07:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
        2017-09-13 07:04 - 2017-09-05 07:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
        2017-09-13 07:04 - 2017-09-05 07:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
        2017-09-13 07:04 - 2017-09-05 07:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
        2017-09-13 07:04 - 2017-09-05 07:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
        2017-09-13 07:04 - 2017-09-05 07:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
        2017-09-13 07:04 - 2017-09-05 07:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
        2017-09-13 07:04 - 2017-09-05 07:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
        2017-09-13 07:04 - 2017-09-05 07:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
        2017-09-13 07:04 - 2017-09-05 07:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
        2017-09-13 07:04 - 2017-09-05 07:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
        2017-09-13 07:04 - 2017-09-05 07:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
        2017-09-13 07:04 - 2017-09-05 07:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
        2017-09-13 07:04 - 2017-09-05 07:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
        2017-09-13 07:04 - 2017-09-05 07:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
        2017-09-13 07:04 - 2017-09-05 07:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
        2017-09-13 07:04 - 2017-09-05 07:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
        2017-09-13 07:04 - 2017-09-05 07:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
        2017-09-13 07:04 - 2017-09-05 07:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
        2017-09-13 07:04 - 2017-09-05 07:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
        2017-09-13 07:04 - 2017-09-05 07:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
        2017-09-13 07:04 - 2017-09-05 07:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
        2017-09-13 07:04 - 2017-09-05 07:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
        2017-09-13 07:04 - 2017-09-05 07:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
        2017-09-13 07:04 - 2017-09-05 07:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
        2017-09-13 07:03 - 2017-09-05 08:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
        2017-09-13 07:03 - 2017-09-05 08:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
        2017-09-13 07:03 - 2017-09-05 08:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
        2017-09-13 07:03 - 2017-09-05 08:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
        2017-09-13 07:03 - 2017-09-05 08:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
        2017-09-13 07:03 - 2017-09-05 08:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
        2017-09-13 07:03 - 2017-09-05 08:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
        2017-09-13 07:03 - 2017-09-05 08:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
        2017-09-13 07:03 - 2017-09-05 08:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
        2017-09-13 07:03 - 2017-09-05 08:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
        2017-09-13 07:03 - 2017-09-05 08:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
        2017-09-13 07:03 - 2017-09-05 08:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
        2017-09-13 07:03 - 2017-09-05 08:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
        2017-09-13 07:03 - 2017-09-05 08:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
        2017-09-13 07:03 - 2017-09-05 08:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
        2017-09-13 07:03 - 2017-09-05 08:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
        2017-09-13 07:03 - 2017-09-05 08:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
        2017-09-13 07:03 - 2017-09-05 08:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
        2017-09-13 07:03 - 2017-09-05 08:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
        2017-09-13 07:03 - 2017-09-05 08:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
        2017-09-13 07:03 - 2017-09-05 08:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
        2017-09-13 07:03 - 2017-09-05 08:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
        2017-09-13 07:03 - 2017-09-05 08:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
        2017-09-13 07:03 - 2017-09-05 08:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
        2017-09-13 07:03 - 2017-09-05 08:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
        2017-09-13 07:03 - 2017-09-05 08:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
        2017-09-13 07:03 - 2017-09-05 08:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
        2017-09-13 07:03 - 2017-09-05 08:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
        2017-09-13 07:03 - 2017-09-05 08:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
        2017-09-13 07:03 - 2017-09-05 08:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
        2017-09-13 07:03 - 2017-09-05 08:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
        2017-09-13 07:03 - 2017-09-05 08:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
        2017-09-13 07:03 - 2017-09-05 08:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
        2017-09-13 07:03 - 2017-09-05 08:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
        2017-09-13 07:03 - 2017-09-05 08:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
        2017-09-13 07:03 - 2017-09-05 07:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
        2017-09-13 07:03 - 2017-09-05 07:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
        2017-09-13 07:03 - 2017-09-05 07:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
        2017-09-13 07:03 - 2017-09-05 07:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
        2017-09-13 07:03 - 2017-09-05 07:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
        2017-09-13 07:03 - 2017-09-05 07:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
        2017-09-13 07:03 - 2017-09-05 07:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
        2017-09-13 07:03 - 2017-09-05 07:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
        2017-09-13 07:03 - 2017-09-05 07:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
        2017-09-13 07:03 - 2017-09-05 07:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
        2017-09-13 07:03 - 2017-09-05 07:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
        2017-09-13 07:03 - 2017-09-05 07:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
        2017-09-13 07:03 - 2017-09-05 07:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
        2017-09-13 07:03 - 2017-09-05 07:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
        2017-09-13 07:03 - 2017-09-05 07:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
        2017-09-13 07:03 - 2017-09-05 07:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
        2017-09-13 07:03 - 2017-09-05 07:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
        2017-09-13 07:03 - 2017-09-05 07:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
        2017-09-13 07:03 - 2017-09-05 07:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
        2017-09-13 07:03 - 2017-09-05 07:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
        2017-09-13 07:03 - 2017-09-05 07:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
        2017-09-13 07:03 - 2017-09-05 07:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
        2017-09-13 07:03 - 2017-09-05 07:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
        2017-09-13 07:03 - 2017-09-05 07:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
        2017-09-13 07:03 - 2017-09-05 07:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
        2017-09-13 07:03 - 2017-09-05 07:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
        2017-09-13 07:03 - 2017-09-05 07:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
        2017-09-13 07:03 - 2017-09-05 07:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
        2017-09-13 07:03 - 2017-09-05 07:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
        2017-09-13 07:03 - 2017-09-05 07:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
        2017-09-13 07:03 - 2017-09-05 07:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
        2017-09-13 07:03 - 2017-09-05 07:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
        2017-09-13 07:03 - 2017-09-05 07:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
        2017-09-13 07:03 - 2017-09-05 07:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
        2017-09-13 07:03 - 2017-09-05 07:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
        2017-09-13 07:03 - 2017-09-05 07:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
        2017-09-13 07:03 - 2017-09-05 07:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
        2017-09-13 07:03 - 2017-09-05 07:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
        2017-09-13 07:03 - 2017-09-05 07:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
        2017-09-13 07:03 - 2017-09-05 07:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
        2017-09-13 07:03 - 2017-09-05 07:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
        2017-09-13 07:03 - 2017-09-05 07:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
        2017-09-13 07:03 - 2017-09-05 07:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
        2017-09-13 07:03 - 2017-09-05 07:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
        2017-09-13 07:03 - 2017-09-05 07:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
        2017-09-13 07:03 - 2017-09-05 07:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
        2017-09-13 07:03 - 2017-09-05 07:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
        2017-09-13 07:03 - 2017-09-05 07:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
        2017-09-13 07:03 - 2017-09-05 07:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
        2017-09-13 07:03 - 2017-09-05 07:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
        2017-09-13 07:03 - 2017-09-05 07:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
        2017-09-13 07:03 - 2017-09-05 07:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
        2017-09-13 07:03 - 2017-09-05 07:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
        2017-09-13 07:03 - 2017-09-05 07:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
        2017-09-13 07:03 - 2017-09-05 07:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
        2017-09-13 07:03 - 2017-09-05 07:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
        2017-09-13 07:03 - 2017-09-05 07:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
        2017-09-13 07:03 - 2017-09-05 07:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
        2017-09-13 07:03 - 2017-09-05 07:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
        2017-09-13 07:03 - 2017-09-05 07:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
        2017-09-13 07:03 - 2017-09-05 07:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
        2017-09-13 07:03 - 2017-09-05 07:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
        2017-09-13 07:03 - 2017-09-05 07:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
        2017-09-13 07:03 - 2017-09-05 07:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
        2017-09-13 07:03 - 2017-09-05 07:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
        2017-09-13 07:03 - 2017-09-05 07:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
        2017-09-13 07:03 - 2017-09-01 08:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
        2017-08-25 23:36 - 2017-09-13 21:06 - 000000000 ____D C:\Users\Стоянчо\Desktop\red
        ==================== One Month Modified files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-09-24 23:13 - 2017-02-05 23:56 - 000000000 ____D C:\ProgramData\Gramblr
        2017-09-24 22:54 - 2017-06-18 07:23 - 000000000 ____D C:\Users\Стоянчо\Desktop\яяь
        2017-09-24 20:10 - 2017-06-30 01:05 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33349A0F-B0C0-4DB3-AFE6-0F51132F45D5}
        2017-09-24 19:38 - 2017-06-30 00:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
        2017-09-24 17:36 - 2017-06-30 01:05 - 000004276 _____ C:\WINDOWS\System32\Tasks\Software Updater
        2017-09-24 13:12 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\AppReadiness
        2017-09-24 13:06 - 2015-09-13 15:31 - 000000000 __SHD C:\Users\Стоянчо\IntelGraphicsProfiles
        2017-09-23 19:06 - 2015-09-13 15:01 - 000000000 ____D C:\Users\Стоянчо\AppData\Local\Packages
        2017-09-23 19:04 - 2015-09-25 17:35 - 000000000 ____D C:\Users\Стоянчо\AppData\Roaming\uTorrent
        2017-09-23 18:02 - 2017-07-18 10:48 - 000001085 _____ C:\Users\Стоянчо\Desktop\Нов текстов документ.txt
        2017-09-23 15:14 - 2017-02-05 23:57 - 000000000 ____D C:\Program Files\Gramblr
        2017-09-23 13:05 - 2017-06-30 01:03 - 002547028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
        2017-09-23 13:05 - 2015-12-04 21:09 - 001132696 _____ C:\WINDOWS\system32\perfh002.dat
        2017-09-23 13:05 - 2015-12-04 21:09 - 000334978 _____ C:\WINDOWS\system32\perfc002.dat
        2017-09-23 13:00 - 2017-06-30 01:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
        2017-09-23 13:00 - 2017-03-18 14:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
        2017-09-23 07:37 - 2017-03-19 00:03 - 000000000 ___HD C:\Program Files\WindowsApps
        2017-09-22 07:46 - 2017-06-30 00:48 - 000000000 ____D C:\Users\Стоянчо
        2017-09-22 06:18 - 2017-07-27 20:57 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3274723310-3931731729-1199849900-1001
        2017-09-22 06:17 - 2015-09-13 15:03 - 000002401 _____ C:\Users\Стоянчо\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
        2017-09-22 06:17 - 2015-09-13 15:03 - 000000000 ___RD C:\Users\Стоянчо\OneDrive
        2017-09-19 06:55 - 2015-10-09 22:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
        2017-09-18 21:49 - 2017-03-19 00:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
        2017-09-14 02:24 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\rescache
        2017-09-14 02:16 - 2017-03-19 00:01 - 000000000 ____D C:\WINDOWS\INF
        2017-09-13 18:18 - 2015-09-13 15:01 - 000000000 __RHD C:\Users\Public\AccountPictures
        2017-09-13 18:15 - 2017-06-30 00:42 - 000381448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
        2017-09-13 07:44 - 2017-03-20 06:21 - 000000000 ____D C:\WINDOWS\system32\bg
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ___SD C:\WINDOWS\system32\F12
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\system32\setup
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
        2017-09-13 07:44 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
        2017-09-13 07:20 - 2015-09-13 17:14 - 000000000 ____D C:\WINDOWS\system32\MRT
        2017-09-13 07:16 - 2017-03-18 23:51 - 000000000 ____D C:\WINDOWS\CbsTemp
        2017-09-13 07:16 - 2015-09-13 17:14 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
        2017-09-02 18:15 - 2017-03-19 00:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
        2017-09-02 18:15 - 2017-03-19 00:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
        2017-08-29 06:58 - 2016-09-11 19:33 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
        2017-08-26 15:34 - 2017-08-05 17:48 - 000000000 ____D C:\Users\Стоянчо\Desktop\;[;.[plpl
        2017-08-25 07:37 - 2017-07-28 23:11 - 000000000 ____D C:\Users\Стоянчо\Desktop\dfere
        ==================== Files in the root of some directories =======
        2016-01-17 08:06 - 2017-07-17 07:19 - 000009216 _____ () C:\Users\Стоянчо\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
        2016-07-17 20:30 - 2016-07-17 20:30 - 000000036 _____ () C:\Users\Стоянчо\AppData\Local\housecall.guid.cache
        2015-09-13 15:16 - 2015-09-13 15:16 - 000000003 _____ () C:\Users\Стоянчо\AppData\Local\updater.log
        2015-09-13 15:16 - 2017-05-06 19:17 - 000000425 _____ () C:\Users\Стоянчо\AppData\Local\UserProducts.xml
        ==================== Bamital & volsnap ======================
        (There is no automatic fix for files that do not pass verification.)
        C:\WINDOWS\system32\winlogon.exe => File is digitally signed
        C:\WINDOWS\system32\wininit.exe => File is digitally signed
        C:\WINDOWS\explorer.exe => File is digitally signed
        C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
        C:\WINDOWS\system32\svchost.exe => File is digitally signed
        C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
        C:\WINDOWS\system32\services.exe => File is digitally signed
        C:\WINDOWS\system32\User32.dll => File is digitally signed
        C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
        C:\WINDOWS\system32\userinit.exe => File is digitally signed
        C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
        C:\WINDOWS\system32\rpcss.dll => File is digitally signed
        C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
        C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
        C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
        LastRegBack: 2017-09-19 19:38
        ==================== End of FRST.txt ============================
         
        Addition.txt
         
        Благодаря предварително.
      • от doktorkartar
        Здравейте, мина доста време от както ползвах услугите ви и съм изключително доволен от това. Проблема е че възстанових един стар backup (от преди години) на системата и загубих защитата си. Като цяло системата ми работи добре и не мисля че има кой знае какво притеснително в нея но за всеки случай да я проверим.
        Не съм сигурен но мисля че тук ми дадохте един файл (по скоро съдържание на host) в който бяха добавени много сайтове който да се блокирват при опит за посещение.
        Примерно: 0.0.0.0 www.google.com
         
        Другото за което също не съм сигурен е дали вие ми дадохте филтър на adblock за Мозила . От него също бях много доволен.
        И последното което ме притеснява проблем със самата Мозила. Не знам дали е от вирус или от самата програма. Проблема се изразява в това че като натисна на падащото меню в адресната лента то не се отваря. Всъщност се отваря но не се вижда абсолютно нищо. Цялото е чисто бяло и не се виждат сайтовете. Същото е при всички падащи менюта от Мозила: Падащото меню за търсачките (какво сме търсили) както и падащото меню на запазените регистрации.
         
        Общо взето това са ми притесненията а останалото те първа ще излезе на яве след сканиранията
         
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017 01 Ran by eclips (administrator) on ECLIPS-PC (19-10-2017 21:33:45) Running from C:\Users\eclips\Desktop Loaded Profiles: eclips (Available Profiles: eclips & Guest) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 10 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe () D:\- MOI NE6TA\DLNA\Serviio\bin\ServiioService.exe () D:\- MOI NE6TA\DLNA\Serviio\bin\ServiioService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Transaction Software, D 81829 Munich) H:\TECDOC_CD\1_2014\db\tbmux32.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKU\S-1-5-21-1144684173-3877916052-1330907298-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{1E0F611B-DAE1-48B6-8208-5A38B3F56DB9}: [DhcpNameServer] 62.221.132.211 85.130.60.11 Tcpip\..\Interfaces\{5A334197-46EE-4622-AD06-D1F2AE57959E}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1144684173-3877916052-1330907298-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1144684173-3877916052-1330907298-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1360_171019__yaie HKU\S-1-5-21-1144684173-3877916052-1330907298-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-1144684173-3877916052-1330907298-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1360_171019__yaie&p={searchTerms} BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-10-14] (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-10-14] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-17] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2017-10-14] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-17] (Oracle Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2017-10-14] (Kaspersky Lab ZAO) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated) BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.11.9.dll [2010-11-09] (BitComet) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-10-14] (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-10-14] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-17] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2017-10-14] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-17] (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2017-10-14] (Kaspersky Lab ZAO) FireFox: ======== FF DefaultProfile: 7lwtatk8.default-1507842258539 FF ProfilePath: C:\Users\eclips\AppData\Roaming\Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539 [2017-10-19] FF NewTab: Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1360_171019__yaff FF DefaultSearchEngine: Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539 -> Yahoo® FF SelectedSearchEngine: Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539 -> Yahoo® FF Homepage: Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539 -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1360_171019__yaff FF Extension: (Search Shield Study) - C:\Users\eclips\AppData\Roaming\Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539\Extensions\@unified-urlbar-shield-study-opt-out-new-users.xpi [2017-10-13] FF Extension: (AdBlock) - C:\Users\eclips\AppData\Roaming\Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-10-14] FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\eclips\AppData\Roaming\Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13] FF Extension: (Adblock Plus) - C:\Users\eclips\AppData\Roaming\Mozilla\Firefox\Profiles\7lwtatk8.default-1507842258539\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-19] FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2017-10-14] [not signed] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2017-10-14] [not signed] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2017-10-14] [not signed] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2017-10-14] [not signed] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2017-10-14] [not signed] FF HKU\S-1-5-21-1144684173-3877916052-1330907298-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-18] () FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2013-12-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-17] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-18] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [No File] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2010-08-24] (BitComet) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2013-04-09] (Nullsoft, Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17] CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-06-17] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-06-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-06-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-06-17] CHR crx: C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\default_apps\search.crx [2014-03-15] CHR crx: C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\default_apps\search.crx [2014-02-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed] R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2017-10-14] (Kaspersky Lab ZAO) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com) S4 CyberLink PowerDVD 13 Media Server Monitor Service; D:\PROGRAMKI\Power DVD\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-05-03] (CyberLink) S4 CyberLink PowerDVD 13 Media Server Service; D:\PROGRAMKI\Power DVD\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-05-03] (CyberLink) R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] () R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S4 Samsung Link Service; D:\- MOI NE6TA\Samsung Link\Samsung Link.exe [604512 2014-05-19] (Copyright 2013 SAMSUNG) R2 Serviio; D:\- MOI NE6TA\DLNA\Serviio\bin\ServiioService.exe [413696 2016-10-17] () [File not signed] S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed] R2 Transbase TECDOC CD 1_2014 Service; H:\TECDOC_CD\1_2014\db\tbmux32.exe [360448 2013-02-25] (Transaction Software, D 81829 Munich) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-16] (Microsoft Corporation) S2 Hamachi2Svc; H:\Programki\Hamachi\hamachi-2.exe -s [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2012-11-06] (Advanced Micro Devices) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-20] (DT Soft Ltd) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-19] () R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2017-10-14] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2017-10-14] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2017-10-14] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2017-10-14] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2017-10-14] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2017-10-14] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2017-10-14] (Kaspersky Lab ZAO) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-19] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-10-19] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-10-19] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-19] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-10-19] (Malwarebytes) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [60416 2013-10-16] (Microsoft Corporation) R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; D:\PROGRAMKI\Power DVD\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-05-03] (CyberLink Corp.) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-19 21:33 - 2017-10-19 21:34 - 000021252 _____ C:\Users\eclips\Desktop\FRST.txt 2017-10-19 21:30 - 2017-10-19 21:30 - 002402816 _____ (Farbar) C:\Users\eclips\Desktop\FRST64.exe 2017-10-19 21:25 - 2017-10-19 21:25 - 019012622 _____ C:\Users\eclips\Desktop\unhackme.zip 2017-10-19 20:51 - 2017-10-19 20:51 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2017-10-19 20:51 - 2017-10-19 20:51 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2017-10-19 20:51 - 2017-10-19 20:51 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-10-19 20:50 - 2017-10-19 20:50 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-10-19 20:07 - 2017-10-19 20:51 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-10-19 20:07 - 2017-10-19 20:50 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-10-19 20:07 - 2017-10-19 20:07 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-19 20:07 - 2017-10-19 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-19 20:05 - 2017-10-19 20:05 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP 2017-10-19 16:27 - 2017-10-19 20:41 - 000000000 ____D C:\Users\eclips\Desktop\bsplayer_pro271.1081 2017-10-19 16:20 - 2017-10-19 16:20 - 000003164 _____ C:\Windows\System32\Tasks\klcp_update 2017-10-19 16:20 - 2017-10-19 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2017-10-19 16:20 - 2017-10-19 16:20 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2017-10-19 16:20 - 2017-07-30 13:50 - 003850240 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll 2017-10-19 16:20 - 2017-07-30 13:50 - 003799552 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll 2017-10-19 16:20 - 2015-12-18 12:00 - 000755200 _____ C:\Windows\system32\xvidcore.dll 2017-10-19 16:20 - 2015-12-18 12:00 - 000309248 _____ C:\Windows\system32\xvidvfw.dll 2017-10-19 16:20 - 2015-12-18 12:00 - 000282112 _____ C:\Windows\SysWOW64\xvidvfw.dll 2017-10-19 16:20 - 2015-10-24 19:00 - 000126976 _____ C:\Windows\system32\ff_vfw.dll 2017-10-19 16:20 - 2015-10-24 19:00 - 000112128 _____ C:\Windows\SysWOW64\ff_vfw.dll 2017-10-19 16:20 - 2012-07-21 13:55 - 000180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2017-10-19 16:20 - 2012-07-21 13:54 - 000122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm 2017-10-19 16:20 - 2011-12-07 20:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll 2017-10-19 16:20 - 2011-12-07 20:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll 2017-10-19 16:16 - 2017-10-19 16:18 - 052381992 _____ (KLCP ) C:\Users\eclips\Desktop\K-Lite_Codec_Pack_1359_Mega.exe 2017-10-19 15:58 - 2017-10-19 15:58 - 010563576 _____ C:\Users\eclips\Desktop\bsplayer271.setup.exe 2017-10-19 15:54 - 2017-10-19 15:58 - 000000000 ____D C:\Users\eclips\AppData\Roaming\Lavasoft 2017-10-19 15:54 - 2017-10-19 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2017-10-19 15:54 - 2017-10-19 15:58 - 000000000 ____D C:\Program Files (x86)\Lavasoft 2017-10-19 15:54 - 2017-10-19 15:54 - 000000000 ____D C:\Users\eclips\AppData\Local\Lavasoft 2017-10-19 15:53 - 2017-10-19 15:58 - 000000000 ____D C:\ProgramData\Lavasoft 2017-10-19 15:44 - 2017-10-19 16:29 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk 2017-10-19 15:44 - 2017-10-19 16:29 - 000001147 _____ C:\Users\Public\Desktop\BS.Player PRO.lnk 2017-10-19 15:44 - 2017-10-19 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh 2017-10-19 15:37 - 2017-10-19 15:39 - 053285758 _____ (KLCP ) C:\Users\eclips\Desktop\K-Lite_Codec_Pack_1360_Mega.exe 2017-10-19 14:57 - 2017-10-19 14:57 - 000091280 _____ C:\Users\eclips\Desktop\WAR_2017.(subs.sab.bz).rar 2017-10-17 23:41 - 2013-12-10 14:50 - 000955888 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2017-10-17 23:41 - 2013-12-10 14:50 - 000839152 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2017-10-17 23:40 - 2017-10-17 23:40 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2017-10-17 23:39 - 2017-10-17 23:39 - 000000000 ____D C:\Users\eclips\AppData\Roaming\Sun 2017-10-17 23:38 - 2017-10-17 23:38 - 000000000 ____D C:\Users\eclips\AppData\LocalLow\Oracle 2017-10-14 20:33 - 2017-10-14 20:33 - 000032774 _____ C:\Users\eclips\Desktop\IT_2017_NEW_HD_TS_60FPS_x264_HQ_CPG.(subs.sab.bz).rar 2017-10-14 19:44 - 2017-10-17 23:33 - 000000000 ____D C:\Program Files\Common Files\AV 2017-10-14 19:44 - 2017-10-14 19:44 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2017-10-14 19:16 - 2017-10-14 19:16 - 008250832 _____ (Malwarebytes) C:\Users\eclips\Downloads\adwcleaner_7.0.3.1.exe 2017-10-14 19:12 - 2017-10-17 23:33 - 000002334 _____ C:\Users\eclips\Desktop\Safe Money.lnk 2017-10-14 19:12 - 2017-10-14 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2017-10-14 19:12 - 2017-10-14 19:11 - 000001124 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2017-10-14 19:11 - 2017-10-14 19:43 - 000625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2017-10-14 19:11 - 2017-10-14 19:43 - 000115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2017-10-14 19:11 - 2017-10-14 19:11 - 000000000 ____D C:\Windows\ELAMBKUP 2017-10-14 19:11 - 2017-10-14 19:11 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2017-10-14 19:11 - 2013-05-06 09:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2017-10-14 16:17 - 2017-10-19 20:41 - 000000000 ____D C:\ProgramData\NVIDIA 2017-10-14 16:17 - 2017-10-14 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-10-14 16:16 - 2009-07-10 07:01 - 000539168 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE 2017-10-14 16:15 - 2009-12-03 18:43 - 000000000 ____D C:\Users\eclips\Downloads\VGA_Win7-64(190.38)e 2017-10-14 16:15 - 2009-07-14 11:54 - 015005696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 011327776 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-10-14 16:15 - 2009-07-14 11:54 - 010854400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 009375232 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 007565824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 002617856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 002258976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 002169376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 001983488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 001723424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 001706528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 001291776 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 001044992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 000930272 _____ (Microsoft Corporation) C:\Windows\system32\dpinst.exe 2017-10-14 16:15 - 2009-07-14 11:54 - 000539168 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe 2017-10-14 16:15 - 2009-07-14 11:54 - 000167936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod157.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 000167936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll 2017-10-14 16:15 - 2009-07-14 11:54 - 000011168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd 2017-10-14 16:15 - 2009-07-14 11:54 - 000010161 _____ C:\Windows\system32\nvdisp.nvu 2017-10-14 16:14 - 2017-10-14 16:15 - 153992488 _____ C:\Users\eclips\Downloads\VGA_Win7-64(190.38)e.zip 2017-10-14 16:13 - 2017-10-19 21:13 - 000000000 ____D C:\Users\eclips\AppData\LocalLow\Mozilla 2017-10-13 22:03 - 2017-10-13 22:03 - 000033952 _____ C:\Users\eclips\Downloads\the.flash.2014.s04e01.hdtv.x264(subsunacs.net).rar 2017-10-13 01:17 - 2017-10-13 01:17 - 000000000 ____D C:\ProgramData\MB2Migration 2017-10-13 01:17 - 2017-10-13 01:17 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-13 01:12 - 2017-10-14 15:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-10-13 00:34 - 2017-10-18 00:30 - 005818880 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2017-10-13 00:04 - 2017-10-13 00:04 - 000000000 ____D C:\Users\eclips\Desktop\Стари данни Firefox 2017-10-13 00:01 - 2017-10-13 01:17 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2017-10-12 23:30 - 2017-10-13 00:35 - 000000000 ____D C:\Users\eclips\AppData\Local\Dropbox 2017-10-12 23:30 - 2017-10-12 23:30 - 000000000 ____D C:\ProgramData\Dropbox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-19 21:33 - 2014-07-01 19:48 - 000000000 ____D C:\FRST 2017-10-19 21:15 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\tracing 2017-10-19 20:49 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-10-19 20:49 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-10-19 20:43 - 2014-02-12 12:17 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-10-19 20:41 - 2013-11-19 23:28 - 000065536 _____ C:\Windows\system32\Ikeext.etl 2017-10-19 20:41 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-10-19 20:40 - 2013-11-19 19:37 - 000000000 ____D C:\Users\eclips\AppData\Roaming\BitComet 2017-10-19 20:06 - 2013-12-07 21:43 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-19 19:14 - 2014-05-28 13:04 - 000000000 ____D C:\AdwCleaner 2017-10-19 16:28 - 2013-11-19 23:49 - 000000000 ____D C:\Users\eclips\AppData\Roaming\BSplayer Pro 2017-10-19 16:27 - 2013-11-19 23:49 - 000000000 ____D C:\Program Files (x86)\Webteh 2017-10-19 16:23 - 2013-11-19 23:49 - 000000000 ____D C:\Users\eclips\AppData\Roaming\BSplayer 2017-10-18 19:40 - 2014-02-13 20:08 - 000000000 ____D C:\ADCDA2 2017-10-18 11:24 - 2013-12-18 22:51 - 000000000 ____D C:\Users\eclips\AppData\Roaming\Skype 2017-10-18 00:30 - 2013-12-10 11:19 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-10-18 00:30 - 2013-11-20 11:44 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-10-18 00:30 - 2013-11-20 11:44 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-18 00:30 - 2013-11-20 11:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-10-18 00:30 - 2013-11-20 11:44 - 000000000 ____D C:\Windows\system32\Macromed 2017-10-17 23:42 - 2014-01-21 17:33 - 000000000 ____D C:\Program Files (x86)\Java 2017-10-17 23:41 - 2014-01-21 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-10-17 23:41 - 2013-12-10 14:50 - 000000000 ____D C:\Program Files\Java 2017-10-17 23:40 - 2013-12-10 14:50 - 000319552 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2017-10-17 23:40 - 2013-12-10 14:50 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2017-10-17 23:40 - 2013-12-10 14:50 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2017-10-17 23:39 - 2014-09-01 14:38 - 000270912 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2017-10-17 23:39 - 2014-09-01 14:38 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-10-17 23:39 - 2014-01-21 17:34 - 000000000 ____D C:\ProgramData\Oracle 2017-10-14 21:22 - 2013-12-04 16:02 - 000000000 ____D C:\Users\eclips\AppData\Roaming\vlc 2017-10-14 19:43 - 2013-06-10 12:27 - 000029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys 2017-10-14 19:43 - 2013-06-06 17:38 - 000178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys 2017-10-14 19:43 - 2013-05-06 09:22 - 000458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2017-10-14 19:43 - 2013-05-05 22:42 - 000029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys 2017-10-14 19:43 - 2013-05-05 22:42 - 000029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2017-10-14 19:28 - 2013-11-20 17:22 - 000000000 ____D C:\Windows\pss 2017-10-14 19:11 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2017-10-14 18:40 - 2014-01-05 21:34 - 000000000 ____D C:\Users\eclips\AppData\Roaming\Dropbox 2017-10-14 16:24 - 2009-07-14 08:13 - 000785366 _____ C:\Windows\system32\PerfStringBackup.INI 2017-10-14 16:17 - 2014-05-12 23:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-10-14 16:17 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\Help 2017-10-14 15:37 - 2013-12-10 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-13 22:40 - 2013-11-19 23:41 - 000000000 ____D C:\ProgramData\AMD 2017-10-13 00:01 - 2013-12-07 21:44 - 000000000 ____D C:\Users\eclips\AppData\Roaming\Malwarebytes 2017-10-13 00:01 - 2013-12-07 21:43 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2017-10-13 00:00 - 2013-11-19 21:24 - 000000000 ____D C:\ProgramData\TuneUp Software ==================== Files in the root of some directories ======= 2014-01-04 21:14 - 2014-01-04 21:14 - 001615904 ____R () C:\Users\eclips\AppData\Local\ASbs.ac 2014-05-12 11:02 - 2014-05-12 11:02 - 000585728 _____ () C:\Users\eclips\AppData\Local\file__0.localstorage 2013-11-19 22:07 - 2013-11-19 22:07 - 000000017 ____R () C:\Users\eclips\AppData\Local\resmon.resmoncfg 2014-09-14 20:59 - 2014-09-15 21:08 - 010807116 _____ () C:\ProgramData\OfflineCatalogue_1_2014_TECDOC_CD.log 2014-09-14 21:05 - 2014-09-14 21:05 - 000006106 _____ () C:\ProgramData\UninstallOfflineCatalogue.log Some files in TEMP: ==================== 2014-09-15 19:44 - 2011-02-11 18:36 - 023454528 ____N ( ) C:\Users\eclips\AppData\Local\Temp\AdbeRdr_en_US.exe 2014-09-07 14:19 - 2014-09-07 14:19 - 007850088 _____ (Microsoft Corporation) C:\Users\eclips\AppData\Local\Temp\BingBarSetup-Partner.exe 2017-10-13 22:07 - 2017-10-13 22:07 - 016739360 _____ () C:\Users\eclips\AppData\Local\Temp\BitBEFB.tmp.exe 2017-10-14 18:40 - 2017-10-14 18:40 - 000043008 _____ () C:\Users\eclips\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprkbc9q.dll 2014-01-31 06:29 - 2014-01-31 06:29 - 000341120 _____ (Gretech Corporation) C:\Users\eclips\AppData\Local\Temp\ExPromo.exe 2014-07-01 12:48 - 2014-09-29 20:15 - 000035224 _____ () C:\Users\eclips\AppData\Local\Temp\i4jdel0.exe 2014-07-28 08:15 - 2014-07-28 08:15 - 000918440 _____ (Oracle Corporation) C:\Users\eclips\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe 2017-09-08 19:04 - 2017-09-08 19:04 - 001856576 _____ (Oracle Corporation) C:\Users\eclips\AppData\Local\Temp\jre-8u151-windows-au.exe 2014-07-29 18:48 - 2014-07-29 18:48 - 000021888 _____ () C:\Users\eclips\AppData\Local\Temp\ochelper.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-10-18 20:24 ==================== End of FRST.txt ============================  
        Addition.txt
      • от Rada Beliata
        Здравейте, тази сутрин, отваряйки си компа установих, че се е самонастанила непоискана от мен търсачка Bing мястото на стандартния ми Google. Не зная да не би проблема да е по-голям и за това не пробвам да я чистя , а директно пускам тук файловете от сканирането:
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
        Ran by User (administrator) on USER-PC (06-11-2017 14:32:42)
        Running from C:\Users\User\Desktop
        Loaded Profiles: User (Available Profiles: User & Guest)
        Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
        Internet Explorer Version 11 (Default browser: Chrome)
        Boot Mode: Normal
        Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
        ==================== Processes (Whitelisted) =================
        (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
        (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
        (AMD) C:\Windows\System32\atiesrxx.exe
        (AMD) C:\Windows\System32\atieclxx.exe
        (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
        (Microsoft Corporation) C:\Windows\System32\wlanext.exe
        (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
        (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
        () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
        (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
        (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
        (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
        (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
        (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
        (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
        (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
        (Viber Media S.à r.l.) C:\Users\User\AppData\Local\Viber\Viber.exe
        (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
        (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe
        (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
        (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
        (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
        (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
        () C:\Program Files (x86)\SoundTouch\SoundTouchHelper\SoundTouchHelper.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\System32\dllhost.exe
        ==================== Registry (Whitelisted) ===========================
        (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
        HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2009-12-16] (Dell Inc.)
        HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
        HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
        HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
        HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
        HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
        HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)
        HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
        HKLM-x32\...\Run: [SoundTouchHelper] => C:\Program Files (x86)\SoundTouch\SoundTouchHelper\SoundTouchHelper.exe [952832 2017-09-18] ()
        HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2172 2017-09-26] ()
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [googletalk] => C:\Users\User\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-30] (Google Inc.)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\User\AppData\Local\Akamai\netsession_win.exe"
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [Viber] => C:\Users\User\AppData\Local\Viber\Viber.exe [38871120 2017-10-24] (Viber Media S.à r.l.)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\Policies\Explorer: [] 
        HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\...\MountPoints2: {b89e904f-c580-11e0-ae91-806e6f6e6963} - E:\setup.exe
        ==================== Internet (Whitelisted) ====================
        (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
        Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
        Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
        Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
        Tcpip\..\Interfaces\{61285D62-0825-4C6A-8F7B-F187EF6B7C4E}: [DhcpNameServer] 192.168.0.1
        Tcpip\..\Interfaces\{BEC2B3B5-8A62-4C8D-947B-942060F59681}: [NameServer] 10.250.238.3 10.250.238.4
        Tcpip\..\Interfaces\{E2C5FBF5-BC9E-4F83-8514-C9EC7DB41090}: [DhcpNameServer] 192.168.1.1
        Internet Explorer:
        ==================
        HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
        HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
        SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
        SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
        SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
        SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
        SearchScopes: HKU\S-1-5-21-2108872990-2365937994-3429966836-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ADFA_en
        SearchScopes: HKU\S-1-5-21-2108872990-2365937994-3429966836-1000 -> {01331362-9AB4-4EF8-B80F-17A753AABA26} URL = hxxps://www.google.com/search?q={searchTerms}
        SearchScopes: HKU\S-1-5-21-2108872990-2365937994-3429966836-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ADFA_en
        BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
        BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
        BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-19] (Oracle Corporation)
        Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
        DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://e-fibank.bg/EBank/CAPICOM/capicom.cab
        DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
        Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
        FireFox:
        ========
        FF DefaultProfile: 0nh7i0xu.default-1396792165575
        FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 [2017-10-19]
        FF DefaultSearchEngine: Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 -> Bing 
        FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 -> Bing 
        FF SelectedSearchEngine: Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 -> Bing 
        FF Homepage: Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-us
        hxxps://www.malwarebytes.org/restorebrowser//?u=10b253f49536d7c82625e2601c9d32eb&c=1000_2&src=hp&inst=1471229042
        FF Keyword.URL: Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575 -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
        FF Extension: (Bing Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575\Extensions\bingsearch.full@microsoft.com.xpi [2017-09-10]
        FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575\searchplugins\bing-.xml [2017-09-10]
        FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0nh7i0xu.default-1396792165575\searchplugins\google-.xml [2016-05-02]
        FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
        FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
        FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-19] (Oracle Corporation)
        FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\new_plugin\npjp2.dll [No File]
        FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-19] (Oracle Corporation)
        FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
        FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
        FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
        FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
        FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
        FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
        FF Plugin HKU\S-1-5-21-2108872990-2365937994-3429966836-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
        FF Plugin HKU\S-1-5-21-2108872990-2365937994-3429966836-1000: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
        FF Plugin HKU\S-1-5-21-2108872990-2365937994-3429966836-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
        FF Plugin HKU\S-1-5-21-2108872990-2365937994-3429966836-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
        FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
        FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
        FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
        FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
        Chrome: 
        =======
        CHR DefaultProfile: Profile 1
        CHR HomePage: Profile 1 -> msn.com
        CHR StartupUrls: Profile 1 -> "hxxp://www.google.com"
        CHR NewTab: Profile 1 ->  Active:"chrome-extension://fcfenmboojpjinhpgggodefccipikbpd/newTab.html", Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html"
        CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-07-03]
        CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-20]
        CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
        CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
        CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
        CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-07]
        CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
        CHR Extension: (Dropbox for Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2016-01-31]
        CHR Extension: (Email Game) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbobaphhmjpchjknfpcnlhcbkjbclge [2015-07-19]
        CHR Extension: (Gmail Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-07-19]
        CHR Extension: (Google Calendar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-14]
        CHR Extension: (Dnevnik.bg) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgpgbimpbapjogkgkgmdkcdimopnnljb [2015-07-19]
        CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
        CHR Extension: (Pin It Button) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-24]
        CHR Extension: (Facebook Invite All) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-01-31]
        CHR Extension: (Download Master) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2016-01-31]
        CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
        CHR Extension: (MultiHighlighter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifbglmlbpgpbflnkfpclkmckoollbn [2015-09-04]
        CHR Extension: (OokiCookie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohjmnhgnkikbajikhhbplekfmljhdhjm [2015-07-19]
        CHR Extension: (word highlight) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooabkmkhabkahcjbgpiajffckeibpdoa [2015-07-19]
        CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
        CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-07-03]
        CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-06]
        CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
        CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
        CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
        CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
        CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
        CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-26]
        CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-06]
        CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
        CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
        CHR Extension: (FromDocToPDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-11-05]
        CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
        CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-30]
        CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
        CHR Extension: (10b253f49536d7c82625e2601c9d32eb_2) - C:\Program Files (x86)\Google\Chrome\Application\10b253f49536d7c82625e2601c9d32eb_2 [2016-08-18]
        CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-03]
        CHR HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
        CHR HKU\S-1-5-21-2108872990-2365937994-3429966836-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
        ==================== Services (Whitelisted) ====================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
        S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-04-12] (Macrovision Europe Ltd.) [File not signed]
        R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
        R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
        R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
        R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
        R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
        R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
        S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
        R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-16] (Dell Inc.) [File not signed]
        ===================== Drivers (Whitelisted) ======================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [46960 2016-08-20] ()
        R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
        R1 MpKsl1dabfb16; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B742210-A60B-40E6-8C1C-30273624352C}\MpKsl1dabfb16.sys [58120 2017-11-06] (Microsoft Corporation)
        R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
        S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
        S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
        S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
        S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
        S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
        S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
        S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
        S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
        S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
        ==================== NetSvcs (Whitelisted) ===================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        ==================== One Month Created files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-11-06 14:32 - 2017-11-06 14:36 - 000022793 _____ C:\Users\User\Desktop\FRST.txt
        2017-11-06 14:32 - 2017-11-06 14:32 - 000000000 ____D C:\FRST
        2017-11-06 14:31 - 2017-11-06 14:31 - 002403328 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
        2017-10-29 13:08 - 2017-10-29 13:09 - 000000000 ____D C:\Users\User\AppData\Local\Viber
        2017-10-26 21:08 - 2017-10-26 21:08 - 000182233 _____ C:\Users\User\Desktop\Гръбначните изкривявания - Част VI_ Загуба на шийна лордоза (Forward Head Posture syndrome) _ Любомир Иванов.html
        2017-10-26 21:08 - 2017-10-26 21:08 - 000000000 ____D C:\Users\User\Desktop\Гръбначните изкривявания - Част VI_ Загуба на шийна лордоза (Forward Head Posture syndrome) _ Любомир Иванов_files
        2017-10-17 10:55 - 2017-10-17 10:55 - 000136163 _____ C:\Users\User\Desktop\Актуална цена за присъединяване.pdf
        2017-10-12 20:26 - 2017-10-12 20:26 - 000056320 _____ C:\Users\User\Desktop\Таксуване (1).xls
        2017-10-12 19:09 - 2017-10-12 19:09 - 000056320 _____ C:\Users\User\Desktop\Таксуване.xls
        2017-10-11 21:32 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
        2017-10-11 21:32 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
        2017-10-11 21:32 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
        2017-10-11 21:32 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
        2017-10-11 21:32 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
        2017-10-11 21:32 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
        2017-10-11 21:32 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
        2017-10-11 21:32 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
        2017-10-11 21:32 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
        2017-10-11 21:32 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
        2017-10-11 21:32 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
        2017-10-11 21:32 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
        2017-10-11 21:32 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
        2017-10-11 21:32 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
        2017-10-11 21:32 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
        2017-10-11 21:32 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
        2017-10-11 21:32 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
        2017-10-11 21:32 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
        2017-10-11 21:32 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
        2017-10-11 21:32 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
        2017-10-11 21:32 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
        2017-10-11 21:32 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
        2017-10-11 21:32 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
        2017-10-11 21:32 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
        2017-10-11 21:32 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
        2017-10-11 21:32 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
        2017-10-11 21:32 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
        2017-10-11 21:32 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
        2017-10-11 21:32 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
        2017-10-11 21:32 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
        2017-10-11 21:32 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
        2017-10-11 21:32 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
        2017-10-11 21:32 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
        2017-10-11 21:32 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
        2017-10-11 21:32 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
        2017-10-11 21:32 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
        2017-10-11 21:32 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
        2017-10-11 21:32 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
        2017-10-11 21:32 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
        2017-10-11 21:32 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
        2017-10-11 21:32 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
        2017-10-11 21:32 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
        2017-10-11 21:32 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
        2017-10-11 21:32 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
        2017-10-11 21:32 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
        2017-10-11 21:32 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
        2017-10-11 21:32 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
        2017-10-11 21:32 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
        2017-10-11 21:32 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
        2017-10-11 21:32 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
        2017-10-11 21:32 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
        2017-10-11 21:32 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
        2017-10-11 21:32 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
        2017-10-11 21:32 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
        2017-10-11 21:32 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
        2017-10-11 21:32 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
        2017-10-11 21:32 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
        2017-10-11 21:32 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
        2017-10-11 21:32 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
        2017-10-11 21:32 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
        2017-10-11 21:32 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
        2017-10-11 21:32 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
        2017-10-11 21:32 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
        2017-10-11 21:32 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
        2017-10-11 21:32 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
        2017-10-11 21:32 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
        2017-10-11 21:32 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
        2017-10-11 21:32 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
        2017-10-11 21:32 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
        2017-10-11 21:32 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
        2017-10-11 21:32 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
        2017-10-11 21:32 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
        2017-10-11 21:32 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
        2017-10-11 21:32 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
        2017-10-11 21:32 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
        2017-10-11 21:32 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
        2017-10-11 21:32 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
        2017-10-11 21:32 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
        2017-10-11 21:32 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
        2017-10-11 21:32 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
        2017-10-11 21:32 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
        2017-10-11 21:32 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
        2017-10-11 21:32 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
        2017-10-11 21:32 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
        2017-10-11 21:32 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
        2017-10-11 21:32 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
        2017-10-11 21:32 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
        2017-10-11 21:32 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
        2017-10-11 21:32 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
        2017-10-11 21:32 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
        2017-10-11 21:32 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
        2017-10-11 21:32 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
        2017-10-11 21:32 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
        2017-10-11 21:32 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
        2017-10-11 21:32 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
        2017-10-11 21:32 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
        2017-10-11 21:32 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
        2017-10-11 21:32 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
        2017-10-11 21:32 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
        2017-10-11 21:32 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
        2017-10-11 21:32 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
        2017-10-11 21:32 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
        2017-10-11 21:32 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
        2017-10-11 21:32 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
        2017-10-11 21:32 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
        2017-10-11 21:32 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
        2017-10-11 21:32 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
        2017-10-11 21:32 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
        2017-10-11 21:32 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
        2017-10-11 21:32 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
        2017-10-11 21:32 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
        2017-10-11 21:32 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
        2017-10-11 21:32 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
        2017-10-11 21:32 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
        2017-10-11 21:32 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
        2017-10-11 21:32 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
        2017-10-11 21:32 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
        2017-10-11 21:32 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
        2017-10-11 21:32 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
        2017-10-11 21:32 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
        2017-10-11 21:32 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
        2017-10-11 21:32 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
        2017-10-11 21:32 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
        2017-10-11 21:32 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
        2017-10-11 21:32 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
        2017-10-11 21:32 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
        2017-10-11 21:32 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
        2017-10-11 21:32 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
        2017-10-11 21:32 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
        2017-10-11 21:32 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
        2017-10-11 21:32 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
        2017-10-11 21:32 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
        ==================== One Month Modified files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-11-06 14:26 - 2015-06-24 14:51 - 000000000 ____D C:\Users\User\Documents\ViberDownloads
        2017-11-06 14:26 - 2011-04-12 10:47 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
        2017-11-06 14:17 - 2011-05-26 17:50 - 000001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108872990-2365937994-3429966836-1000UA.job
        2017-11-06 13:32 - 2009-07-14 06:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
        2017-11-06 13:32 - 2009-07-14 06:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
        2017-11-06 13:22 - 2009-07-14 07:13 - 000785786 _____ C:\Windows\system32\PerfStringBackup.INI
        2017-11-06 13:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
        2017-11-06 13:20 - 2016-04-14 22:13 - 000000000 ____D C:\Users\User\AppData\Roaming\ViberPC
        2017-11-06 13:17 - 2016-03-27 23:35 - 000065536 _____ C:\Windows\system32\Ikeext.etl
        2017-11-06 13:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
        2017-11-05 18:17 - 2011-05-26 17:50 - 000000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2108872990-2365937994-3429966836-1000Core.job
        2017-11-05 10:53 - 2017-04-13 22:27 - 000000000 ___RD C:\Program Files (x86)\Skype
        2017-11-05 10:53 - 2011-04-12 10:46 - 000000000 ____D C:\ProgramData\Skype
        2017-11-05 10:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
        2017-10-31 11:15 - 2011-04-12 20:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
        2017-10-26 19:48 - 2017-07-25 10:39 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
        2017-10-25 19:32 - 2017-07-22 20:42 - 000000000 ____D C:\Users\User\AppData\Roaming\SoundTouch
        2017-10-25 19:32 - 2017-07-22 20:41 - 000000000 ____D C:\Program Files (x86)\SoundTouch
        2017-10-24 15:23 - 2013-01-16 17:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
        2017-10-19 09:39 - 2016-12-19 08:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
        2017-10-19 09:39 - 2016-12-05 20:28 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
        2017-10-12 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
        2017-10-12 16:22 - 2009-07-14 06:45 - 002338848 _____ C:\Windows\system32\FNTCACHE.DAT
        2017-10-11 22:02 - 2011-04-12 11:16 - 000762140 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
        ==================== Files in the root of some directories =======
        2011-07-27 22:59 - 2011-07-27 22:59 - 000000000 ____H () C:\Users\User\AppData\Local\BIT7DB1.tmp
        2011-11-10 16:05 - 2011-11-10 16:05 - 000004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm
        2011-07-27 22:59 - 2011-07-27 22:59 - 000000000 _____ () C:\Users\User\AppData\Local\{BE08E1F6-7B92-4E51-B565-F383E741847C}
        2011-07-28 14:34 - 2011-07-28 14:35 - 000000000 _____ () C:\Users\User\AppData\Local\{D390E0A7-E0A7-4120-9348-F90CD935A202}
        2011-04-12 12:27 - 2011-04-12 12:27 - 000000056 ____H () C:\ProgramData\ezsidmv.dat
        2016-03-12 22:11 - 2016-03-12 22:11 - 000000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
        Some files in TEMP:
        ====================
        2017-09-10 14:36 - 2017-09-10 14:36 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe
        2017-09-10 14:36 - 2017-09-10 14:36 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe
        2017-08-05 17:18 - 2017-10-06 16:51 - 058881488 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
        ==================== Bamital & volsnap ======================
        (There is no automatic fix for files that do not pass verification.)
        C:\Windows\system32\winlogon.exe => File is digitally signed
        C:\Windows\system32\wininit.exe => File is digitally signed
        C:\Windows\SysWOW64\wininit.exe => File is digitally signed
        C:\Windows\explorer.exe => File is digitally signed
        C:\Windows\SysWOW64\explorer.exe => File is digitally signed
        C:\Windows\system32\svchost.exe => File is digitally signed
        C:\Windows\SysWOW64\svchost.exe => File is digitally signed
        C:\Windows\system32\services.exe => File is digitally signed
        C:\Windows\system32\User32.dll => File is digitally signed
        C:\Windows\SysWOW64\User32.dll => File is digitally signed
        C:\Windows\system32\userinit.exe => File is digitally signed
        C:\Windows\SysWOW64\userinit.exe => File is digitally signed
        C:\Windows\system32\rpcss.dll => File is digitally signed
        C:\Windows\system32\dnsapi.dll => File is digitally signed
        C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
        C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
        LastRegBack: 2017-10-31 11:55
        ==================== End of FRST.txt ============================
         
        Благодаря предваротелно за съдействието
         
        Addition.txt
      • от N1K17Y
        Теглих съмнителни торенти и мисля, че системата ми е заразена 
         
        Addition.txt
      • от Wrath
        Добър ден ! Днес забелязах, че имам чужди опити за логини във всичките си абв акаунти. От Нидерландия, Алжир, Оман и така нататък. Верятно да е фалшвиш ип адрес, но винаги има все пак.  Опитите за влизане са несполучливи понеже няма как да ми улучат паролата , но все пак се притесних. Ще съм супер благодарен за малко помощ ! 
        Addition.txt
        FRST.txt
    • Разглеждащи в момента   0 потребители

      Няма регистрирани потребители разглеждащи тази страница.

    • Дарение

    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.