Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

S0S

Съмнения за заразен лаптоп

Препоръчан отговор


Здравейте !!! От известно време имам проблеми с лаптопа ми. Значи става въпрос за това, като отварям страници с Експлорер и ми се отварят други нежелани уеб страницни, някой път са на китайки език (за езика не съм на 100 % сигурен че е китайки), също така друг проблем е когато искам да влезна в пощата си в абв и когато натисна да си напиша името, и тогава пак ми излизат такива страници и изобщо не ми дава маркера за да си напиша името и паролата.

Лаптопа е HP Pavilion g6 , 4GB Ram, 750 HDD, B960 - procesor.

Windows Home Premium ми е операционната система, която е оригинална и карам с нея 2 години.

Общо взето това е , ако имате въпроси ще отговоря в последствие. Благодаря много :)

Ето ги и лог файловете:

 

DDS

 

DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.10.9200.16635 Run by Dzhemal at 14:51:29 on 2013-07-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.4044.2405 [GMT 3:00] . AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:Program Files (x86)Software Platesvcgdp.exe C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k netsvcs C:Program FilesIDTWDMSTacSV64.exe C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k NetworkService C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe C:WindowsSysWOW64ezSharedSvcHost.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Program Files (x86)MicrosoftBingBarSeaPort.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Program Files (x86)SafeIPSafeIPs.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32taskhost.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesIDTWDMsttray64.exe C:Program FilesWindows Sidebarsidebar.exe C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe C:Program Files (x86)SkypePhoneSkype.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpConnectionManager.exe C:Program Files (x86)Winampwinampa.exe C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskeng.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe C:Program Files (x86)uTorrentuTorrent.exe C:Program Files (x86)VIVACOM 3G USB MODEMHspa USB Modem.exe C:Program Files (x86)Smiley Bar for FacebookPropertySync.exe C:Windowssystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32WUDFHost.exe C:Program FilesInternet Exploreriexplore.exe C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:WindowsSystem32MsSpellCheckingFacility.exe C:Windowssystem32conhost.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mURLSearchHooks: Winamp Toolbar Search Class: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:Program Files (x86)Winamp Toolbarwinamptb.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll mURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:Program Files (x86)Winamp Toolbarwinamptb.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17bhBabylonToolbar.dll BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ipsipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Smiley Bar for Facebook: {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:Program Files (x86)Smiley Bar for FacebookScriptHost.dll BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASCPlugin_Protection.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll BHO: Proxy Help: {F386E548-C533-472E-8C61-C026FB14FEB9} - C:WindowsSysWOW64Newtabs_22find.dll BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:Program Files (x86)Winamp Toolbarwinamptb.dll TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17BabylonToolbarTlbr.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll uRun: [Google Update] "C:UsersDzhemalAppDataLocalGoogleUpdateGoogleUpdate.exe" /c uRun: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun uRun: [Advanced SystemCare 6] "C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe" /AutoStart uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun uRun: [GoogleDriveSync] "C:Program Files (x86)GoogleDrivegoogledrivesync.exe" /autostart uRunOnce: [FlashPlayerUpdate] C:WindowsSystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe -update activex mRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe mRun: [HPConnectionManager] C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe mRun: [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe mRun: [WinampAgent] "C:Program Files (x86)Winampwinampa.exe" mRun: [ModemListener] C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe start mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe mRun: [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckNCLauncherFromIE.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204 LSP: C:WindowsSystem32SafeIPs.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}1417E637B696 : DHCPNameServer = 192.168.2.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}354716D42633475502940786F6E656 : DHCPNameServer = 172.30.139.17 172.30.140.69 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}4596D6566796D2144435C4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}84F64756C6F52516A7C6F676F553 : DHCPNameServer = 192.168.66.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D4562796461633 : DHCPNameServer = 212.39.90.42 212.39.90.43 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D494C4C454E49455D4 : DHCPNameServer = 212.39.90.42 8.8.8.8 TCP: Interfaces{081680D8-998A-4C20-B247-3A6FC448AA3D} : DHCPNameServer = 194.141.86.3 194.141.0.3 194.141.0.4 TCP: Interfaces{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer = 212.39.90.42 212.39.90.43 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:WindowsSysWOW64ezUPBHook.dll LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe x64-Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 ifrhgnqeeotnzrmz.ru tgp.buzzsession.com upgrade.questscantwo.com images.specialnetoffer.com boldchat.com viqrzfvi.freewww.biz scrooge.nbcsandiego.com ptichka.ru ads.bleepingcomputer.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:WindowsSystem32driversNISx641309010.00Esymds64.sys [2013-2-6 451192] R0 SymEFA;Symantec Extended File Attributes;C:WindowsSystem32driversNISx641309010.00Esymefa64.sys [2013-2-6 1129120] R1 BHDrvx64;BHDrvx64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsBASHDefs20130715.001BHDrvx64.sys [2013-7-17 1393240] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:WindowsSystem32driversNISx641309010.00Eccsetx64.sys [2013-2-6 167072] R1 IDSVia64;IDSVia64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsIPSDefs20130719.002IDSviA64.sys [2013-7-19 513184] R1 SymIRON;Symantec Iron Driver;C:WindowsSystem32driversNISx641309010.00Eironx64.sys [2013-2-6 190072] R1 SymNetS;Symantec Network Security WFP Driver;C:WindowsSystem32driversNISx641309010.00Esymnets.sys [2013-2-6 405624] R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2012-1-3 63928] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [2012-12-24 464256] R2 DeviceManager;DeviceManager;C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start --> C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start [?] R2 ezSharedSvc;Easybits Services for Windows;C:WindowsSystem32ezSharedSvcHost.exe --> C:WindowsSystem32ezSharedSvcHost.exe [?] R2 HP Support Assistant Service;HP Support Assistant Service;C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-8-6 291896] R2 HPWMISVC;HPWMISVC;C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe [2012-3-5 35200] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2011-5-30 13336] R2 IconMan_R;IconMan_R;C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2011-5-30 2372096] R2 NIS;Norton Internet Security;C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccsvchst.exe [2013-2-6 138272] R2 svcgdp;software services;C:Program Files (x86)Software Platesvcgdp.exe [2012-8-18 224416] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-5-30 2656280] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-7-28 31088] R3 hpCMSrv;HP Connection Manager 4.0 Service;C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe [2011-2-16 1071160] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-4-12 317440] R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:WindowsSystem32driversjrdusbser.sys [2011-12-14 119680] R3 MEIx64;Intel® Management Engine Interface;C:WindowsSystem32driversHECIx64.sys [2010-10-20 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:WindowsSystem32driversnetr28x.sys [2011-5-30 1860672] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-1-9 565352] R3 SafeIPS;SafeIPS;C:Program Files (x86)SafeIPSafeIPS.exe [2012-12-26 3797184] S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-1-8 161536] S3 BBSvc;Bing Bar Update Service;C:Program Files (x86)MicrosoftBingBarBBSvc.EXE [2011-3-2 183560] S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072] S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-12-15 19456] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:WindowsSystem32driversRtsPStor.sys [2011-5-30 335464] S3 SrvHsfHDA;SrvHsfHDA;C:WindowsSystem32driversVSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:WindowsSystem32driversVSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:WindowsSystem32driversVSTCNXT6.SYS [2009-7-14 740864] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-12-15 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2012-12-15 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-8-18 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-07-20 01:09:38 9216 ----a-w- C:Program Files (x86)Windows DefenderMpAsDesc.dll 2013-07-20 01:09:38 571904 ----a-w- C:Program FilesWindows DefenderMpClient.dll 2013-07-20 01:09:38 54784 ----a-w- C:Program Files (x86)Windows DefenderMpOAV.dll 2013-07-20 01:09:38 4608 ----a-w- C:Program Files (x86)Windows DefenderMsMpLics.dll 2013-07-20 01:09:38 392704 ----a-w- C:Program Files (x86)Windows DefenderMpClient.dll 2013-07-20 01:09:38 314880 ----a-w- C:Program FilesWindows DefenderMpCommu.dll 2013-07-20 01:09:38 1011712 ----a-w- C:Program FilesWindows DefenderMpSvc.dll 2013-07-20 01:04:30 1887744 ----a-w- C:WindowsSystem32WMVDECOD.DLL 2013-07-20 01:04:29 1620480 ----a-w- C:WindowsSysWow64WMVDECOD.DLL 2013-07-20 00:59:37 3153920 ----a-w- C:WindowsSystem32win32k.sys 2013-07-12 07:04:20 1367040 ----a-w- C:Program FilesCommon FilesMicrosoft Sharedinkjournal.dll 2013-07-12 07:04:19 936448 ----a-w- C:Program Files (x86)Common FilesMicrosoft Sharedinkjournal.dll 2013-07-12 06:54:07 1643520 ----a-w- C:WindowsSystem32DWrite.dll 2013-07-12 06:54:07 1247744 ----a-w- C:WindowsSysWow64DWrite.dll 2013-07-12 06:44:55 624128 ----a-w- C:WindowsSystem32qedit.dll 2013-07-12 06:44:55 509440 ----a-w- C:WindowsSysWow64qedit.dll 2013-07-09 09:14:13 -------- d-s---w- C:UsersDzhemalGoogle Диск 2013-06-22 18:49:54 8199504 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition UpdatesBackupmpengine.dll 2013-06-22 18:49:48 9552976 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{6181C238-CB68-4B11-AFB2-ADFF05264407}mpengine.dll . ==================== Find3M  ==================== . 2013-06-13 20:26:22 1910632 ----a-w- C:WindowsSystem32driverstcpip.sys 2013-06-13 20:24:56 751104 ----a-w- C:WindowsSystem32win32spl.dll 2013-06-13 20:24:56 492544 ----a-w- C:WindowsSysWow64win32spl.dll 2013-06-13 20:24:38 30720 ----a-w- C:WindowsSystem32cryptdlg.dll 2013-06-13 20:24:38 24576 ----a-w- C:WindowsSysWow64cryptdlg.dll 2013-06-11 23:43:37 1767936 ----a-w- C:WindowsSysWow64wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:WindowsSysWow64jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:WindowsSysWow64iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:WindowsSysWow64iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:WindowsSystem32wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:WindowsSystem32jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:WindowsSystem32iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:WindowsSystem32iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:WindowsSystem32mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb 2013-05-28 20:50:06 9728 ---ha-w- C:WindowsSysWow64api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-20 17:12:53 983400 ----a-w- C:WindowsSystem32driversdxgkrnl.sys 2013-05-20 17:12:53 265064 ----a-w- C:WindowsSystem32driversdxgmms1.sys 2013-05-20 17:12:53 144384 ----a-w- C:WindowsSystem32cdd.dll 2013-05-20 16:36:14 1930752 ----a-w- C:WindowsSystem32authui.dll 2013-05-20 16:36:13 70144 ----a-w- C:WindowsSystem32appinfo.dll 2013-05-20 16:36:13 1796096 ----a-w- C:WindowsSysWow64authui.dll 2013-05-20 16:36:13 111448 ----a-w- C:WindowsSystem32consent.exe 2013-05-20 16:19:39 48640 ----a-w- C:WindowsSystem32wwanprotdim.dll 2013-05-20 16:19:39 230400 ----a-w- C:WindowsSystem32wwansvc.dll 2013-05-20 16:19:27 474624 ----a-w- C:WindowsapppatchAcSpecfc.dll 2013-05-20 16:19:27 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2013-05-20 16:19:27 308736 ----a-w- C:WindowsapppatchAppPatch64AcGenral.dll 2013-05-20 16:19:27 2176512 ----a-w- C:WindowsapppatchAcGenral.dll 2013-05-20 16:19:27 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2013-05-20 16:19:27 111104 ----a-w- C:WindowsapppatchAppPatch64acspecfc.dll 2013-05-06 10:13:15 1656680 ----a-w- C:WindowsSystem32driversntfs.sys 2013-05-06 10:11:53 223752 ----a-w- C:WindowsSystem32driversfvevol.sys 2013-05-01 23:06:08 278800 ------w- C:WindowsSystem32MpSigStub.exe . ============= FINISH: 14:52:20,54 ===============

 

 

 

Attack:

 

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume2 Install Date: 19.8.2011 г. 18:03:06 System Uptime: 21.7.2013 г. 22:18:53 (16 hours ago) . Motherboard: Hewlett-Packard |  | 166F Processor: Intel® Pentium® CPU B940 @ 2.00GHz | CPU1 | 800/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 343 GiB total, 221,082 GiB free. D: is FIXED (NTFS) - 14 GiB total, 1,513 GiB free. E: is CDROM () F: is Removable G: is FIXED (NTFS) - 342 GiB total, 175,825 GiB free. H: is FIXED (FAT32) - 0 GiB total, 0,082 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP165: 22.6.2013 г. 21:20:01 - Windows Modules Installer RP166: 2.7.2013 г. 13:19:45 - Scheduled Checkpoint RP167: 12.7.2013 г. 00:15:06 - Scheduled Checkpoint RP168: 12.7.2013 г. 10:48:44 - Windows Update RP169: 19.7.2013 г. 18:23:09 - Scheduled Checkpoint RP170: 21.7.2013 г. 03:00:12 - Windows Update . ==== Installed Programs ====================== . µTorrent 50 FREE MP3s +1 Free Audiobook! Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Reader X (10.1.3) MUI Advanced SystemCare 6 Agatha Christie - Peril at End House Ashampoo Magical Optimizer 1.22 Babylon toolbar on IE Bejeweled 2 Deluxe Bejeweled 3 Bing Bar Blackhawk Striker 2 Blasterball 3 Bounce Symphony BS Player Toolbar BS.Player FREE Build-a-lot 2 Cake Mania Chuzzle Deluxe Conduit Engine CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Dora's World Adventure Download Updater (AOL LLC) Energy Star Digital Logo ESU for Microsoft Windows 7 Evernote v. 4.2.2 Farm Frenzy FATE - The Traitor Soul Final Drive Nitro Google Chrome Google Drive Google Earth Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Connection Manager HP Customer Experience Enhancements HP Documentation HP Games HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 24 Java 6 Update 24 (64-bit) Junk Mail filter update K-Lite Codec Pack 6.0.0 (Full) Magic Desktop Mah Jong Medley Mesh Runtime Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT MSVCRT_amd64 MyAshampoo Toolbar Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Nero 7 Premium NewTabs Uninstall Norton Internet Security Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer Ralink RT5390 802.11b/g/n WiFi Adapter Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager SA Dictionary 2008 Beta 4 SafeIP Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shared C Run-time for x64 Skype Click to Call Skype™ 6.1 Slingo Supreme Smiley Bar for Facebook Software Plate Synaptics Pointing Device Driver The KMPlayer (remove only) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update Installer for WildTangent Games App uTorrentBar Toolbar V9 Homepage Uninstaller Virtual Villagers 4 - The Tree of Life VIVACOM 3G USB MODEM WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Winamp Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 21.7.2013 г. 03:13:22, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service. 21.7.2013 г. 03:13:22, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-2147218173. 21.7.2013 г. 03:11:07, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied.. 21.7.2013 г. 03:10:13, Error: volmgr [46]  - Crash dump initialization failed! 19.7.2013 г. 00:38:40, Error: Service Control Manager [7034]  - The Audio Service service terminated unexpectedly.  It has done this 1 time(s). 17.7.2013 г. 16:19:04, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Да започнем с това;

  • [*]Изтеглете
RogueKiller.exe и го запазете на десктопа. [*]Стартирайте приложението и натиснете бутона SCAN. [*]Ще се създаде лог файл на десктопа с името RKreport.txt на десктопа. [*]Публикувайте лог файла в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте , изпълних всичко което казахте, но малко преди са приключи сканирането програмата заби, и излезна квадратче на което пише RoogueKiller was stop wornikg. Повторих пак и този път завърши сканирането . Ето го лога :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 16:54:25 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_165425.txt >>

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стартирайте отново RogueKiller и изчакайте първоначалната проверка да приключи.

След това натиснете Scan.

След като приключи отидете до секцията Hosts и натиснете таба Fix Hosts

 

Възможно е да ви  поиска рестарт. Съгласете се.

След рестарта моля публикувайте новите лог файлове от RogueKiller в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

не ми поиска рестарт. Логовете :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 18:26:03 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_182603.txt >> RKreport[0]_S_07222013_165425.txt

 

 

 

 

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : HOSTSFix -- Date : 07/22/2013 18:26:32 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ Reset HOSTS: ¤¤¤ 127.0.0.1 localhost

Finished : << RKreport[0]_H_07222013_182632.txt >> RKreport[0]_S_07222013_165425.txt;RKreport[0]_S_07222013_182603.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Хм..нещо не се е получило това което исках..Сигурен ли сте че маркирахте  Fix Hosts.....?

 
Публикувано изображение 1.Изтеглете програмата AVZ 4.41 и разархивирайте avz4.zip например в папка (c:antivir).

Публикувано изображение 2.Стартирайте програмата и изпълнете:

File => Standard scripts => в отворилия се прозорец маркирайте позиция 7 => Execute selected scripts:
 
Публикувано изображение

Публикувано изображение



Публикувано изображение След завършване на сканирането компютъра ви ще се рестартира..!
Ще се създаде архив KL_syscure.zip в същата папка където е разархивирана програмата.
Моля, прикачете този архив във следващия си пост..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

да изпълних всичко което бяхте посочили.

ето прикачения архив :

http://file.bg/c247290TDSaW

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.

  Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org

Database version: v2013.07.22.06

Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Dzhemal :: DZHEMAL-HP [administrator]

22.7.2013 г. 19:35:03 ч. mbam-log-2013-07-22 (19-35-03).txt

Scan type: Full scan (C:|D:|G:|H:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 416749 Time elapsed: 1 hour(s), 16 minute(s), 24 second(s)

Memory Processes Detected: 0 (No malicious items detected)

Memory Modules Detected: 0 (No malicious items detected)

Registry Keys Detected: 0 (No malicious items detected)

Registry Values Detected: 0 (No malicious items detected)

Registry Data Items Detected: 0 (No malicious items detected)

Folders Detected: 1 C:ProgramDataIBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.

Files Detected: 1 C:ProgramDataIBUpdaterServicerepository.xml (PUP.InstallBrain) -> Quarantined and deleted successfully.

(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

...и последни проверки..:
 
Публикувано изображениеМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

  • [*]Затворете всички стартирани програми и браузъри [*]Кликнете два пъти върху
adwcleaner.exe за да стартирате инструмента. [*]Този път маркирайте Delete [*]Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта. [*]Моля, да публикувате съдържанието на този лог в отговора си [*]Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s1].txt.

Публикувано изображение
 
Публикувано изображение Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

Публикувано изображение

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

eто съдаржанието от първата:

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 21:08:55 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dzhemal - DZHEMAL-HP # Boot Mode : Normal # Running from : C:UsersDzhemalDesktopadwcleaner.exe # Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:END File Deleted : C:user.js Folder Deleted : C:Program Files (x86)BabylonToolbar Folder Deleted : C:Program Files (x86)BS_Player Folder Deleted : C:Program Files (x86)Common FilesSoftware Update Utility Folder Deleted : C:Program Files (x86)Conduit Folder Deleted : C:Program Files (x86)ConduitEngine Folder Deleted : C:Program Files (x86)file scout Folder Deleted : C:Program Files (x86)MyAshampoo Folder Deleted : C:Program Files (x86)Smiley Bar for Facebook Folder Deleted : C:Program Files (x86)uTorrentBar Folder Deleted : C:Program Files (x86)Winamp Toolbar Folder Deleted : C:ProgramDataBabylon Folder Deleted : C:ProgramDataWinamp Toolbar Folder Deleted : C:UsersDzhemalAppDataLocalConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowBS_Player Folder Deleted : C:UsersDzhemalAppDataLocalLowConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowConduitEngine Folder Deleted : C:UsersDzhemalAppDataLocalLowuTorrentBar Folder Deleted : C:UsersDzhemalAppDataRoamingBabylon Folder Deleted : C:UsersDzhemalAppDataRoamingfile scout Folder Deleted : C:UsersDzhemalAppDataRoamingPerformerSoft Folder Deleted : C:UsersDzhemalAppDataRoamingStatusWinks

***** [Registry] *****

Key Deleted : HKCUSoftwareAppDataLowSoftwareBS_Player Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwareconduitEngine Key Deleted : HKCUSoftwareAppDataLowSoftwareConduitSearchScopes Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampoo Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampootoolbar Key Deleted : HKCUSoftwareAppDataLowSoftwareSmartBar Key Deleted : HKCUSoftwareAppDataLowSoftwareuTorrentBar Key Deleted : HKCUSoftwareAppDataLowToolbar Key Deleted : HKCUSoftwareBabylonToolbar Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwarefilescout Key Deleted : HKCUSoftwareInstallCore Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKCUSoftwareSoftonic Key Deleted : HKCUSoftwareWinamp Toolbar Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSoftwareBabylon Key Deleted : HKLMSoftwareBabylonToolbar Key Deleted : HKLMSoftwareBS_Player Key Deleted : HKLMSOFTWAREClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLMSOFTWAREClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Key Deleted : HKLMSOFTWAREClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4} Key Deleted : HKLMSOFTWAREClassesAppID{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesAppID{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{562B9317-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLMSOFTWAREClassesAppID{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLMSOFTWAREClassesAppID{B27D9527-3762-4D71-963D-FB7A94FDD678} Key Deleted : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLMSOFTWAREClassesAppID{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesAppIDAddonsFramework.DLL Key Deleted : HKLMSOFTWAREClassesAppIDButtonSite.DLL Key Deleted : HKLMSOFTWAREClassesAppIDdnu.EXE Key Deleted : HKLMSOFTWAREClassesAppIDescort.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortApp.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortEng.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescorTlbr.DLL Key Deleted : HKLMSOFTWAREClassesAppIDesrv.EXE Key Deleted : HKLMSOFTWAREClassesAppIDPropertySync.EXE Key Deleted : HKLMSOFTWAREClassesAppIDScriptHost.DLL Key Deleted : HKLMSOFTWAREClassesAppIDwinamptbServer.exe Key Deleted : HKLMSOFTWAREClassesb Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd.1 Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore.1 Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLMSOFTWAREClassesConduit.Engine Key Deleted : HKLMSOFTWAREClassesdnUpdate Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser.1 Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController.1 Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane.1 Key Deleted : HKLMSOFTWAREClassesescort.escrtBtn.1 Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc.1 Key Deleted : HKLMSOFTWAREClassesProd.cap Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool.1 Key Deleted : HKLMSOFTWAREClassesToolbar.CT1750559 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2475029 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2786678 Key Deleted : HKLMSOFTWAREClassesTypeLib{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesTypeLib{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesTypeLib{507591C2-2F4E-46A7-92D6-E6CFF82E5F26} Key Deleted : HKLMSOFTWAREClassesTypeLib{538CD77C-BFDD-49B0-9562-77419CAB89D1} Key Deleted : HKLMSOFTWAREClassesTypeLib{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLMSOFTWAREClassesTypeLib{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLMSOFTWAREClassesTypeLib{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams.1 Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper.1 Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareconduitEngine Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerExtensions{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSoftwareMyAshampoo Key Deleted : HKLMSoftwareMyAshampootoolbar Key Deleted : HKLMSoftwareuTorrentBar Key Deleted : HKLMSoftwareV9Software Key Deleted : HKLMSoftwareWinamp Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{57BCA5FA-5DBB-45A2-B558-1755C3F6253B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{6EF4E91D-DDD5-4478-BCA7-DA04435934C0} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B38D6EDE-390B-4620-8365-29E16459EBDA} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FE178B09-C8AA-4734-804D-1849BCCA0C29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{27598766-07DA-4D2C-BA3D-94E7BCB76FB1} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{3EEC087D-DB13-4786-BE94-73B35E52481C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{A8C2644D-BF72-4A89-A88C-D85F565F2F46} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{CEB29294-02C7-44B2-AEEF-3C02FFC2F3B3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{D6B7CB41-15B5-466F-AF4B-951DBDD9C331} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{DDDFD019-5321-4150-9713-B5CD90665C3B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBabylonToolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallConduit Engine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallconduitEngine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallMyAshampoo Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSmiley Bar for Facebook Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSoftwareUpdUtility Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstalluTorrentBar Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallV9Software Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKLMSOFTWAREClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [internet Browsers] *****

- Internet Explorer v10.0.9200.16635

*************************

AdwCleaner[s1].txt - [27691 octets] - [22/07/2013 21:08:55]

########## EOF - C:AdwCleaner[s1].txt - [27752 octets] ##########

Ето и 2-рия лог :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.2.0 (07.21.2013:1) OS: Windows 7 Home Premium x64 Ran by Dzhemal on Ї®­ 22.07.2013 Ј. at 21:29:00,23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{494AA071-15E8-4F7D-8B60-F178E86123EF} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{112DEDAE-AACB-4217-88A6-2F53DF270033} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{49F79A1A-F707-45FB-9F04-B5149FB8C73E} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{4E188446-8975-4AEE-BF0F-99359E63F83B} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{7112ED04-E42F-4476-B1BC-493EC219E104} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C0DBBED7-D31C-49E7-A66E-ECA7D75D555F} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C1080434-84E8-4382-99C9-441D4EE74AF9} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{D6A97776-4525-4561-BCBD-082048FB87E4} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{DF07B432-CF3F-45CD-A22F-A94417196611} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{EBDDC513-4459-478F-A088-727459BDECDB}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Ї®­ 22.07.2013 Ј. at 21:37:46,64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

И как е положението със системата ви....наблюдавате ли първоначалните проблеми..?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

в мометна нямам проблем с абв-то влизам си без проблем, и другите банери не ми се отварят, но лаптопа някак си зарежда мн бавно. Трябва ли да го рестарт???

Така след рестарт, системата се държи стабилно , зарежда си добре и проблемите мисля, че вече ги няма :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прекрасно..! :)
 
Публикувано изображение Изтеглете Security Check (автор: screen317) от тук или от тук и го запишете на десктопа.

  • [*]Кликнете два пъти върху
SecurityCheck.exe и следвайте инструкциите. [*]Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt. [*]Копирайте съдържанието на checkup.txt с Копирай (Copy) и с Постави (Paste) го поставете в следващия си коментар.

След това стартирайте PatchMyPC и инсталирайте всички ъпдейти, които инструмента предложи.
 
 
Публикувано изображение Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools => натиснете бутона Run Инструмента ще се самоизтрие след като приключи своята задача!
 

Публикувано изображение Изтрийте всичко друго което е останало след процедурите (използвано в лечението).Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..!:)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

от security check log-a излезна само това :

 UNSUPPORTED OPERATING SYSTEM! ABORTED!  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..! :)

 

Ейй голем си брат :):) Много благодаря, жив и здрав и всичко хубаво да ти се случва.

Лека вечер и от мен :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Plamen_ruse
      От известно време ми се появи този проблем. Докато браузвам (независимо от браузера) ми се отварят допълнителни прозорци с реклами. Нямам усещане, че компютъра работи по-бавно от преди. 
       
       
      can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
      Ran by User (administrator) on DESKTOP-9A6KV1O (10-01-2019 21:03:43)
      Running from D:\Downloads
      Loaded Profiles: User (Available Profiles: User)
      Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
      (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (ESET) C:\Program Files\ESET\ESET Security\egui.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
      () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
      HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-12] (ESET)
      HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-619769886-4034110463-2982145271-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe [25972968 2018-12-22] (Spotify Ltd)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{d4f7e68d-b074-4387-bb66-200a4cfcbb5d}: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{dd5152f7-fb4e-44ba-b531-9721fa95320d}: [DhcpNameServer] 10.0.0.1
      Internet Explorer:
      ==================
      BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-16] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      FireFox:
      ========
      FF DefaultProfile: 5zp7ongo.default
      FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default [2019-01-06]
      FF Homepage: Mozilla\Firefox\Profiles\5zp7ongo.default -> www.google.bg
      FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-17]
      FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-07-28] [Legacy] [not signed]
      FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
      FF Plugin-x32: @huawei.com/NPPlugin -> C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll [2015-07-02] ()
      FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> hxxp://www.google.com/
      CHR StartupUrls: Default -> "hxxp://www.google.com/"
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Theme Creator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2017-07-21]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-21]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-21]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Floating for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2018-12-23]
      CHR Extension: (Video DownloadHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-01]
      CHR Extension: (IP домейн флаг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2017-12-29]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-21]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-13]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-06]
      CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-09-13]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
      CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-08]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-11-01]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-01]
      CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-16]
      CHR Extension: (Google Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-16]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-13]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-01-09]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-11]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-11]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-16]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-16]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-11]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-26]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-13]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-16]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-06-20]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-10]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-10]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-10]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-10]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-12]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc.)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
      R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-09-16] (Microsoft Corporation)
      R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
      S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
      S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe" [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-21] (Disc Soft Ltd)
      R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-09] (ESET)
      R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-09] (ESET)
      S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-08-27] (ESET)
      R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-08-27] (ESET)
      R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-08-27] (ESET)
      R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-08-27] (ESET)
      R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-08-27] (ESET)
      R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
      R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
      R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
      R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2018-04-12] (Realtek Semiconductor Corporation )
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 21:03 - 2019-01-10 21:03 - 000000000 ____D C:\FRST
      2019-01-08 20:52 - 2019-01-01 15:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
      2019-01-08 20:52 - 2019-01-01 15:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 15:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
      2019-01-08 20:52 - 2019-01-01 09:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2019-01-08 20:52 - 2019-01-01 09:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
      2019-01-08 20:52 - 2019-01-01 08:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
      2019-01-08 20:52 - 2019-01-01 08:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
      2019-01-08 20:52 - 2019-01-01 08:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
      2019-01-08 20:52 - 2019-01-01 08:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2019-01-08 20:52 - 2019-01-01 08:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 08:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 07:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
      2019-01-08 20:52 - 2018-12-19 06:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
      2019-01-06 00:59 - 2019-01-06 00:59 - 000141434 _____ C:\TDSSKiller.3.1.0.25_06.01.2019_00.59.11_log.txt
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbam
      2018-12-19 20:41 - 2018-12-14 09:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2018-12-19 20:41 - 2018-12-14 09:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 09:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
      2018-12-19 20:41 - 2018-12-14 08:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2018-12-19 20:41 - 2018-12-14 08:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Инструменти на Microsoft Office
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-12-13 18:52 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
      2018-12-12 21:25 - 2018-12-08 14:47 - 001786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
      2018-12-12 21:25 - 2018-12-08 14:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
      2018-12-12 21:25 - 2018-12-08 14:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
      2018-12-12 21:25 - 2018-12-08 14:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
      2018-12-12 21:25 - 2018-12-08 14:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
      2018-12-12 21:25 - 2018-12-08 14:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
      2018-12-12 21:25 - 2018-12-08 14:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 14:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 10:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
      2018-12-12 21:25 - 2018-12-08 10:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2018-12-12 21:25 - 2018-12-08 10:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
      2018-12-12 21:25 - 2018-12-08 09:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
      2018-12-12 21:25 - 2018-12-08 09:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2018-12-12 21:25 - 2018-12-08 09:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
      2018-12-12 21:25 - 2018-12-08 09:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2018-12-12 21:25 - 2018-12-08 09:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
      2018-12-12 21:25 - 2018-12-08 09:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
      2018-12-12 21:25 - 2018-12-08 09:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
      2018-12-12 21:25 - 2018-11-09 08:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2018-12-12 21:25 - 2018-11-09 07:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
      2018-12-12 21:25 - 2018-11-09 07:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
      2018-12-12 21:25 - 2018-11-09 07:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 07:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 04:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
      2018-12-12 21:25 - 2018-11-09 04:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 04:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
      2018-12-12 21:25 - 2018-11-09 04:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
      2018-12-12 21:25 - 2018-11-09 04:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2018-12-12 21:25 - 2018-11-09 04:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
      2018-12-12 21:25 - 2018-11-09 04:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
      2018-12-12 21:25 - 2018-11-09 04:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 03:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 03:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 03:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2018-12-12 21:24 - 2018-12-08 14:48 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 001627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
      2018-12-12 21:24 - 2018-12-08 14:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:43 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
      2018-12-12 21:24 - 2018-12-08 14:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
      2018-12-12 21:24 - 2018-12-08 14:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
      2018-12-12 21:24 - 2018-12-08 14:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
      2018-12-12 21:24 - 2018-12-08 10:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
      2018-12-12 21:24 - 2018-12-08 10:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
      2018-12-12 21:24 - 2018-12-08 10:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
      2018-12-12 21:24 - 2018-12-08 10:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
      2018-12-12 21:24 - 2018-12-08 10:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
      2018-12-12 21:24 - 2018-12-08 10:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
      2018-12-12 21:24 - 2018-12-08 09:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
      2018-12-12 21:24 - 2018-12-08 09:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
      2018-12-12 21:24 - 2018-12-08 09:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
      2018-12-12 21:24 - 2018-12-08 09:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
      2018-12-12 21:24 - 2018-12-08 09:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-12-08 09:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2018-12-12 21:24 - 2018-12-08 09:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
      2018-12-12 21:24 - 2018-12-08 09:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-11-09 08:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
      2018-12-12 21:24 - 2018-11-09 07:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
      2018-12-12 21:24 - 2018-11-09 07:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
      2018-12-12 21:24 - 2018-11-09 07:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2018-12-12 21:24 - 2018-11-09 04:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 04:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 04:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
      2018-12-12 21:24 - 2018-11-09 04:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 04:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
      2018-12-12 21:24 - 2018-11-09 04:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
      2018-12-12 21:24 - 2018-11-09 04:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
      2018-12-12 21:24 - 2018-11-09 04:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
      2018-12-12 21:24 - 2018-11-09 03:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
      2018-12-12 21:24 - 2018-11-09 03:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 03:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 03:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 20:59 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2019-01-10 19:30 - 2018-09-16 16:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2019-01-09 18:35 - 2018-09-16 16:27 - 001532434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2019-01-09 18:35 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
      2019-01-09 18:35 - 2017-07-30 15:50 - 000536072 _____ C:\WINDOWS\system32\perfh002.dat
      2019-01-09 18:35 - 2017-07-30 15:50 - 000162902 _____ C:\WINDOWS\system32\perfc002.dat
      2019-01-09 18:29 - 2018-09-16 16:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2019-01-08 23:43 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
      2019-01-08 21:01 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
      2019-01-08 20:25 - 2018-09-16 16:31 - 000004550 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2019-01-08 20:21 - 2018-09-16 16:31 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2019-01-07 22:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
      2019-01-06 23:41 - 2017-12-25 22:05 - 000000000 ____D C:\Users\User\Desktop\1
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2019-01-06 00:39 - 2017-07-19 16:04 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
      2019-01-06 00:39 - 2017-07-19 15:57 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
      2019-01-05 19:20 - 2017-07-19 16:01 - 000000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
      2019-01-05 18:45 - 2017-07-20 10:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-01-04 19:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
      2019-01-03 22:12 - 2017-08-09 19:30 - 000001456 _____ C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      2019-01-02 21:41 - 2018-04-12 01:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2019-01-02 21:41 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2019-01-01 20:39 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2018-12-25 00:42 - 2017-07-21 09:01 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
      2018-12-23 23:24 - 2018-02-23 22:15 - 000000000 ____D C:\Users\User\AppData\Local\Packages
      2018-12-23 10:06 - 2017-07-21 21:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения в Chrome
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003518 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003394 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-12-20 19:17 - 2018-09-16 16:31 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-619769886-4034110463-2982145271-1001
      2018-12-20 19:17 - 2018-09-16 16:16 - 000002388 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-12-20 19:17 - 2017-07-19 09:25 - 000000000 ___RD C:\Users\User\OneDrive
      2018-12-16 17:01 - 2017-07-21 09:02 - 000000000 ____D C:\ProgramData\TEMP
      2018-12-16 16:29 - 2017-07-20 10:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2018-12-14 00:22 - 2017-09-16 08:33 - 000000000 ____D C:\Program Files (x86)\Audacity
      2018-12-13 23:56 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Google
      2018-12-13 23:54 - 2018-09-09 15:45 - 000000000 ___DC C:\WINDOWS\Panther
      2018-12-13 18:42 - 2018-02-23 22:31 - 000000000 ___RD C:\Users\User\3D Objects
      2018-12-13 18:42 - 2016-11-21 09:30 - 000000000 __RHD C:\Users\Public\AccountPictures
      2018-12-13 18:40 - 2018-09-16 16:13 - 000401856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
      ==================== Files in the root of some directories =======
      2017-12-25 22:02 - 2017-12-25 22:02 - 000000128 ____H () C:\Users\User\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
      2017-08-09 19:30 - 2019-01-03 22:12 - 000001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-09-16 16:12
      ==================== End of FRST.txt ============================
      Addition.txt
    • от B0rn T0 P0rN (Forest*)
      Нещо не схванах каква е цялата схема на раздела, но моето не е чак толкова голям проблем. Изтеглих си Bandicam от "някакъв" сайт, но когато тръгнах да го инсталирам ми изкара прозорче, в което искаше да му дам достъп като админ, за да продължи инсталацията. Направи ми впечатление, че искаше да инсталира някакъв друг software и направо му цъкнах Cancel, след това компютъра заби за около 1-2 секунди, отворих Task manager-a, поне над 6-7 процеса (непознати) работеха, както и да е, инсталира ми някакви програмки, премахнах ги, всичко ток ама без жицата. Остана един друг проблееем.. Сега от цялата история остана един AD който не намирам начин да го премахна.. Гледах, суках, струвах, изтеглих Junkware Removal Tool-a дето уж щял да помогне но уви, не помогна. Ето ей таз глупост не успявам да я премахна > ЦЪК < На антивирустни изобщо не се доверявам, хем компютъра цикли повече от тях, хем двойно повече вируси се бъкат.. Абе като дъвка са за вирусите. Ето и log-a след края на JRT; 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Ultimate x64 Ran by idk (Administrator) on ўв 15.01.2019 Ј. at 3:38:08,89 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 17 Failed to delete: C:\Program Files (x86)\proxygate (Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ўв 15.01.2019 Ј. at 3:40:09,86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Само ми направи впечатление ей това > "Failed to delete: C:\Program Files (x86)\proxygate (Folder)", нещо ми е много мерак да го изтрия ръчно?
    • от legolas69
      Здравейте, въпросният лаптоп се използва от майка ми за ежедневни дейности и то рядко. При стартирането на системата ESET засича PUP.Optional.Reimage, позволих си да сканирам с Malwarebytes, БЕЗ да предприемам действия. Каква е тази папка и има ли нещо притеснително ? Благодаря предварително. 
      Addition.txt
      FRST.txt
      malwarebytes.txt
    • от v3cko
      Здравейте и за много години,моят проблем хром бавно отваря забива и се срива- отварят се по няколко страници . В момента съм safe mode иначе забива
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2019
      Ran by ВЕС (administrator) on WIN-SKFJ6HLGST2 (03-01-2019 20:43:32)
      Running from C:\Users\ВЕС\Downloads
      Loaded Profiles: ВЕС (Available Profiles: ВЕС)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Safe Mode (with Networking)
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [DHY0GM3ATCSFE7M] => "C:\Program Files\x0h1djdcnoe\3OQCH.exe"
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\MountPoints2: {41be252d-0f82-11e9-a624-002713343a56} - F:\Lenovo_Suite.exe
      HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-03] (Google Inc.)
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{840DEA2A-8553-4D25-A5FB-7DB86C5BFBE5}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EE11610E-0BCC-42A7-A0AC-89B4A3B92BF1}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3512987231-521144983-709920193-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_754_190103&q={searchTerms}
      BHO: YoutubeAdBlock -> {984AFA40-4BEC-457F-AEDE-FE3404A646FA} -> C:\Program Files\VKkhWVSisIE\kwTiXoR.dll => No File
      FireFox:
      ========
      FF ProfilePath: C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default [2019-01-03]
      FF user.js: detected! => C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
      FF Extension: (NewsFox) - C:\Users\ВЕС\Downloads\k-meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-01-04] [Legacy] [not signed]
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      Chrome: 
      =======
      CHR HomePage: Default -> hxxp://google.bg/
      CHR Profile: C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default [2019-01-03]
      CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-01-03]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-03]
      CHR Extension: (Chrome Media Router) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      "qamplvkj" => service was unlocked. <==== ATTENTION
      S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [375776 2018-12-12] (Google Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
      S2 qamplvkj; C:\Windows\system32\qamplvkj\dfaricjc.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
      S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
      S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-03] (Malwarebytes)
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2019-01-03] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2019-01-03] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-03] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2019-01-03] (Malwarebytes)
      U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      2019-01-04 03:14 - 2019-01-04 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
      2019-01-04 03:10 - 2019-01-03 18:31 - 000000000 ____D C:\Windows\Panther
      2019-01-04 03:03 - 2019-01-04 03:03 - 000000000 ____D C:\Windows.old
      2019-01-03 20:43 - 2019-01-03 20:43 - 001783808 _____ (Farbar) C:\Users\ВЕС\Downloads\FRST.exe
      2019-01-03 20:43 - 2019-01-03 20:43 - 000007564 _____ C:\Users\ВЕС\Downloads\FRST.txt
      2019-01-03 20:43 - 2019-01-03 20:43 - 000000000 ____D C:\FRST
      2019-01-03 20:18 - 2019-01-03 20:18 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2019-01-03 20:03 - 2019-01-03 20:03 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbam
      2019-01-03 20:02 - 2019-01-03 20:42 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbamtray
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
      2019-01-03 20:02 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
      2019-01-03 20:00 - 2019-01-03 20:01 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
      2019-01-03 19:40 - 2019-01-03 20:03 - 000000000 ____D C:\ProgramData\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 029162424 _____ (Adlice Software ) C:\Users\ВЕС\Downloads\RogueKiller_setup.exe
      2019-01-03 19:40 - 2019-01-03 19:40 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\Program Files\RogueKiller
      2019-01-03 19:34 - 2019-01-03 20:42 - 000265284 _____ C:\Windows\ntbtlog.txt
      2019-01-03 19:30 - 2019-01-03 19:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\teiqv2gvtfm
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\imgn0qmwmwh
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\acysy1vaoki
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:09 - 2019-01-03 19:09 - 000000009 _____ C:\Users\ВЕС\rstr1.ini
      2019-01-03 19:08 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\3zxuksmazmq
      2019-01-03 19:07 - 2019-01-03 19:07 - 000000258 __RSH C:\Users\ВЕС\ntuser.pol
      2019-01-03 19:04 - 2019-01-03 19:04 - 000000000 ____D C:\Windows\system32\qamplvkj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\vi5lm2mflim
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\sq0zlve2tqj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\qc1oa2vrskn
      2019-01-03 19:02 - 2019-01-03 19:02 - 000000000 ____D C:\Users\ВЕС\AppData\LocalLow\yHNPHHIzKpsCK
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\423viiu5lfu
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Michael
      2019-01-03 19:01 - 2019-01-03 19:19 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ShopMore
      2019-01-03 19:01 - 2019-01-03 19:07 - 000002964 __RSH C:\ProgramData\ntuser.pol
      2019-01-03 19:01 - 2019-01-03 19:01 - 000493800 _____ (VideoDriver) C:\Windows\D04DE5140B2D.sys
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Python
      2019-01-03 19:00 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ezc3lfxnx4j
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ C:\Users\ВЕС\AppData\Local\wbem.ini
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{AC10FE2E-1A46-0496-3E07-15883EE04CD9}
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{59403C6F-D807-F1C6-7FC5-457D7F221C2C}
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\Users\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000000000 ____H C:\d85105b2d85102533b.lock
      2019-01-03 18:56 - 2019-01-03 18:56 - 000000000 ____D C:\ProgramData\HCRGWPOIZH4OHCKX91M2
      2019-01-03 18:56 - 2015-08-03 08:53 - 000384000 _____ (SafeIP) C:\Windows\system32\SafeIPs.dll
      2019-01-03 18:55 - 2019-01-03 20:05 - 000000000 ____D C:\Program Files\KMSPico 10.2.1 Final
      2019-01-03 18:53 - 2018-12-10 23:04 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2019-01-03 18:48 - 2019-01-03 18:48 - 001259736 _____ (Plarium) C:\Users\ВЕС\Downloads\PlariumPlaySetup (1).exe
      2019-01-03 18:46 - 2019-01-03 18:46 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Package Cache
      2019-01-03 18:45 - 2019-01-03 19:03 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Mozilla
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\K-Meleon
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Local\K-Meleon
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Plarium
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\CEF
      2019-01-03 18:39 - 2019-01-03 18:39 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Google
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2019-01-03 18:37 - 2019-01-03 19:02 - 000000000 ____D C:\Program Files\Google
      2019-01-03 18:37 - 2019-01-03 19:00 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Google
      2019-01-03 18:37 - 2019-01-03 18:37 - 000057560 _____ C:\Users\ВЕС\AppData\Local\GDIPFONTCACHEV1.DAT
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Deployment
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Apps\2.0
      2019-01-03 18:36 - 2014-05-14 17:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2019-01-03 18:36 - 2014-05-14 17:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2019-01-03 18:36 - 2014-05-14 17:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2019-01-03 18:36 - 2014-05-14 17:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2019-01-03 18:36 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2019-01-03 18:36 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2019-01-03 18:33 - 2019-01-03 19:53 - 000001335 _____ C:\Users\ВЕС\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2019-01-03 18:33 - 2019-01-03 19:09 - 000000000 ____D C:\Users\ВЕС
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000020 ___SH C:\Users\ВЕС\ntuser.ini
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000000 ____D C:\Users\ВЕС\AppData\Local\VirtualStore
      2019-01-03 18:33 - 2010-11-21 01:46 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Media Center Programs
      2019-01-03 16:27 - 2019-01-03 16:27 - 000000000 ____D C:\My Drivers
      2018-12-30 08:50 - 2018-12-30 08:50 - 005183296 _____ (Marcin Szeniak ) C:\Users\ВЕС\Downloads\BCUninstaller_4.12.1_setup.exe
      2018-12-29 13:35 - 2018-12-29 13:35 - 000000000 ____D C:\SWSetup
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2019-01-04 03:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep
      2019-01-04 03:12 - 2010-11-21 01:46 - 000000000 ____D C:\Windows\CSC
      2019-01-04 03:10 - 2009-07-14 05:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
      2019-01-03 20:30 - 2010-11-20 22:01 - 000713888 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-01-03 20:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
      2019-01-03 20:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 19:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\GroupPolicy
      2019-01-03 18:57 - 2018-08-11 19:54 - 000000000 ____D C:\Intel
      2019-01-03 18:57 - 2017-10-21 13:53 - 000000000 ____D C:\LFS
      2019-01-03 18:57 - 2017-09-25 20:50 - 000000000 ___RD C:\BECKO-PC
      2019-01-03 18:57 - 2017-04-14 15:10 - 000036892 ____H C:\iCS Source.suo.nybmyxmig
      2019-01-03 18:33 - 2009-07-14 05:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-01-03 18:31 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries
      2019-01-03 17:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
      2019-01-03 15:34 - 2018-08-11 14:17 - 000000000 ____D C:\Users\ВЕС\Downloads\k-meleon
      2019-01-01 13:09 - 2018-09-02 13:32 - 000000000 ____D C:\Users\ВЕС\Documents\TalkHelper
      ==================== Files in the root of some directories =======
      1601-01-03 21:26 - 1601-01-03 21:26 - 000186368 ____N (Microsoft Corporation) C:\Users\ВЕС\AppData\Local\aIQEonJ.exe
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ () C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ () C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ () C:\Users\ВЕС\AppData\Local\wbem.ini
      Some files in TEMP:
      ====================
      2019-01-03 18:56 - 2019-01-03 18:56 - 000710464 _____ () C:\Users\ВЕС\AppData\Local\Temp\3.exe
      2019-01-03 19:00 - 2019-01-03 19:00 - 001312696 _____ (                                                            ) C:\Users\ВЕС\AppData\Local\Temp\fastdatax.exe
      2019-01-03 19:09 - 2019-01-03 20:19 - 000000000 ____D () C:\Users\ВЕС\AppData\Local\Temp\IEShims.dll
      2019-01-03 19:00 - 2019-01-03 19:00 - 003520512 _____ () C:\Users\ВЕС\AppData\Local\Temp\installer_mi.exe
      2019-01-03 18:56 - 2019-01-03 18:56 - 002715792 _____ (SafeIP, LLC.                                                ) C:\Users\ВЕС\AppData\Local\Temp\update.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-01-04 03:11
      ==================== End of FRST.txt ===========================
      Addition.txt

    • от Шабан Талипов
      Някой може ли дами помогне, тази грешка забранява достъпа на обновление на windows-a и не позволява включването на защитната стена. Пробвах с антивирусна програма bitdefender без успех
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.