Премини към съдържанието

Препоръчан отговор


Здравейте !!! От известно време имам проблеми с лаптопа ми. Значи става въпрос за това, като отварям страници с Експлорер и ми се отварят други нежелани уеб страницни, някой път са на китайки език (за езика не съм на 100 % сигурен че е китайки), също така друг проблем е когато искам да влезна в пощата си в абв и когато натисна да си напиша името, и тогава пак ми излизат такива страници и изобщо не ми дава маркера за да си напиша името и паролата.

Лаптопа е HP Pavilion g6 , 4GB Ram, 750 HDD, B960 - procesor.

Windows Home Premium ми е операционната система, която е оригинална и карам с нея 2 години.

Общо взето това е , ако имате въпроси ще отговоря в последствие. Благодаря много :)

Ето ги и лог файловете:

 

DDS

 

DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.10.9200.16635 Run by Dzhemal at 14:51:29 on 2013-07-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.4044.2405 [GMT 3:00] . AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:Program Files (x86)Software Platesvcgdp.exe C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k netsvcs C:Program FilesIDTWDMSTacSV64.exe C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k NetworkService C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe C:WindowsSysWOW64ezSharedSvcHost.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Program Files (x86)MicrosoftBingBarSeaPort.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Program Files (x86)SafeIPSafeIPs.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32taskhost.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesIDTWDMsttray64.exe C:Program FilesWindows Sidebarsidebar.exe C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe C:Program Files (x86)SkypePhoneSkype.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpConnectionManager.exe C:Program Files (x86)Winampwinampa.exe C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskeng.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe C:Program Files (x86)uTorrentuTorrent.exe C:Program Files (x86)VIVACOM 3G USB MODEMHspa USB Modem.exe C:Program Files (x86)Smiley Bar for FacebookPropertySync.exe C:Windowssystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32WUDFHost.exe C:Program FilesInternet Exploreriexplore.exe C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:WindowsSystem32MsSpellCheckingFacility.exe C:Windowssystem32conhost.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mURLSearchHooks: Winamp Toolbar Search Class: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:Program Files (x86)Winamp Toolbarwinamptb.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll mURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:Program Files (x86)Winamp Toolbarwinamptb.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17bhBabylonToolbar.dll BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ipsipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Smiley Bar for Facebook: {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:Program Files (x86)Smiley Bar for FacebookScriptHost.dll BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASCPlugin_Protection.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll BHO: Proxy Help: {F386E548-C533-472E-8C61-C026FB14FEB9} - C:WindowsSysWOW64Newtabs_22find.dll BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:Program Files (x86)Winamp Toolbarwinamptb.dll TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17BabylonToolbarTlbr.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll uRun: [Google Update] "C:UsersDzhemalAppDataLocalGoogleUpdateGoogleUpdate.exe" /c uRun: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun uRun: [Advanced SystemCare 6] "C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe" /AutoStart uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun uRun: [GoogleDriveSync] "C:Program Files (x86)GoogleDrivegoogledrivesync.exe" /autostart uRunOnce: [FlashPlayerUpdate] C:WindowsSystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe -update activex mRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe mRun: [HPConnectionManager] C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe mRun: [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe mRun: [WinampAgent] "C:Program Files (x86)Winampwinampa.exe" mRun: [ModemListener] C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe start mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe mRun: [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckNCLauncherFromIE.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204 LSP: C:WindowsSystem32SafeIPs.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}1417E637B696 : DHCPNameServer = 192.168.2.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}354716D42633475502940786F6E656 : DHCPNameServer = 172.30.139.17 172.30.140.69 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}4596D6566796D2144435C4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}84F64756C6F52516A7C6F676F553 : DHCPNameServer = 192.168.66.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D4562796461633 : DHCPNameServer = 212.39.90.42 212.39.90.43 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D494C4C454E49455D4 : DHCPNameServer = 212.39.90.42 8.8.8.8 TCP: Interfaces{081680D8-998A-4C20-B247-3A6FC448AA3D} : DHCPNameServer = 194.141.86.3 194.141.0.3 194.141.0.4 TCP: Interfaces{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer = 212.39.90.42 212.39.90.43 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:WindowsSysWOW64ezUPBHook.dll LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe x64-Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 ifrhgnqeeotnzrmz.ru tgp.buzzsession.com upgrade.questscantwo.com images.specialnetoffer.com boldchat.com viqrzfvi.freewww.biz scrooge.nbcsandiego.com ptichka.ru ads.bleepingcomputer.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:WindowsSystem32driversNISx641309010.00Esymds64.sys [2013-2-6 451192] R0 SymEFA;Symantec Extended File Attributes;C:WindowsSystem32driversNISx641309010.00Esymefa64.sys [2013-2-6 1129120] R1 BHDrvx64;BHDrvx64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsBASHDefs20130715.001BHDrvx64.sys [2013-7-17 1393240] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:WindowsSystem32driversNISx641309010.00Eccsetx64.sys [2013-2-6 167072] R1 IDSVia64;IDSVia64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsIPSDefs20130719.002IDSviA64.sys [2013-7-19 513184] R1 SymIRON;Symantec Iron Driver;C:WindowsSystem32driversNISx641309010.00Eironx64.sys [2013-2-6 190072] R1 SymNetS;Symantec Network Security WFP Driver;C:WindowsSystem32driversNISx641309010.00Esymnets.sys [2013-2-6 405624] R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2012-1-3 63928] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [2012-12-24 464256] R2 DeviceManager;DeviceManager;C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start --> C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start [?] R2 ezSharedSvc;Easybits Services for Windows;C:WindowsSystem32ezSharedSvcHost.exe --> C:WindowsSystem32ezSharedSvcHost.exe [?] R2 HP Support Assistant Service;HP Support Assistant Service;C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-8-6 291896] R2 HPWMISVC;HPWMISVC;C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe [2012-3-5 35200] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2011-5-30 13336] R2 IconMan_R;IconMan_R;C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2011-5-30 2372096] R2 NIS;Norton Internet Security;C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccsvchst.exe [2013-2-6 138272] R2 svcgdp;software services;C:Program Files (x86)Software Platesvcgdp.exe [2012-8-18 224416] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-5-30 2656280] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-7-28 31088] R3 hpCMSrv;HP Connection Manager 4.0 Service;C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe [2011-2-16 1071160] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-4-12 317440] R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:WindowsSystem32driversjrdusbser.sys [2011-12-14 119680] R3 MEIx64;Intel® Management Engine Interface;C:WindowsSystem32driversHECIx64.sys [2010-10-20 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:WindowsSystem32driversnetr28x.sys [2011-5-30 1860672] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-1-9 565352] R3 SafeIPS;SafeIPS;C:Program Files (x86)SafeIPSafeIPS.exe [2012-12-26 3797184] S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-1-8 161536] S3 BBSvc;Bing Bar Update Service;C:Program Files (x86)MicrosoftBingBarBBSvc.EXE [2011-3-2 183560] S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072] S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-12-15 19456] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:WindowsSystem32driversRtsPStor.sys [2011-5-30 335464] S3 SrvHsfHDA;SrvHsfHDA;C:WindowsSystem32driversVSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:WindowsSystem32driversVSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:WindowsSystem32driversVSTCNXT6.SYS [2009-7-14 740864] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-12-15 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2012-12-15 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-8-18 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-07-20 01:09:38 9216 ----a-w- C:Program Files (x86)Windows DefenderMpAsDesc.dll 2013-07-20 01:09:38 571904 ----a-w- C:Program FilesWindows DefenderMpClient.dll 2013-07-20 01:09:38 54784 ----a-w- C:Program Files (x86)Windows DefenderMpOAV.dll 2013-07-20 01:09:38 4608 ----a-w- C:Program Files (x86)Windows DefenderMsMpLics.dll 2013-07-20 01:09:38 392704 ----a-w- C:Program Files (x86)Windows DefenderMpClient.dll 2013-07-20 01:09:38 314880 ----a-w- C:Program FilesWindows DefenderMpCommu.dll 2013-07-20 01:09:38 1011712 ----a-w- C:Program FilesWindows DefenderMpSvc.dll 2013-07-20 01:04:30 1887744 ----a-w- C:WindowsSystem32WMVDECOD.DLL 2013-07-20 01:04:29 1620480 ----a-w- C:WindowsSysWow64WMVDECOD.DLL 2013-07-20 00:59:37 3153920 ----a-w- C:WindowsSystem32win32k.sys 2013-07-12 07:04:20 1367040 ----a-w- C:Program FilesCommon FilesMicrosoft Sharedinkjournal.dll 2013-07-12 07:04:19 936448 ----a-w- C:Program Files (x86)Common FilesMicrosoft Sharedinkjournal.dll 2013-07-12 06:54:07 1643520 ----a-w- C:WindowsSystem32DWrite.dll 2013-07-12 06:54:07 1247744 ----a-w- C:WindowsSysWow64DWrite.dll 2013-07-12 06:44:55 624128 ----a-w- C:WindowsSystem32qedit.dll 2013-07-12 06:44:55 509440 ----a-w- C:WindowsSysWow64qedit.dll 2013-07-09 09:14:13 -------- d-s---w- C:UsersDzhemalGoogle Диск 2013-06-22 18:49:54 8199504 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition UpdatesBackupmpengine.dll 2013-06-22 18:49:48 9552976 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{6181C238-CB68-4B11-AFB2-ADFF05264407}mpengine.dll . ==================== Find3M  ==================== . 2013-06-13 20:26:22 1910632 ----a-w- C:WindowsSystem32driverstcpip.sys 2013-06-13 20:24:56 751104 ----a-w- C:WindowsSystem32win32spl.dll 2013-06-13 20:24:56 492544 ----a-w- C:WindowsSysWow64win32spl.dll 2013-06-13 20:24:38 30720 ----a-w- C:WindowsSystem32cryptdlg.dll 2013-06-13 20:24:38 24576 ----a-w- C:WindowsSysWow64cryptdlg.dll 2013-06-11 23:43:37 1767936 ----a-w- C:WindowsSysWow64wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:WindowsSysWow64jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:WindowsSysWow64iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:WindowsSysWow64iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:WindowsSystem32wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:WindowsSystem32jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:WindowsSystem32iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:WindowsSystem32iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:WindowsSystem32mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb 2013-05-28 20:50:06 9728 ---ha-w- C:WindowsSysWow64api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-20 17:12:53 983400 ----a-w- C:WindowsSystem32driversdxgkrnl.sys 2013-05-20 17:12:53 265064 ----a-w- C:WindowsSystem32driversdxgmms1.sys 2013-05-20 17:12:53 144384 ----a-w- C:WindowsSystem32cdd.dll 2013-05-20 16:36:14 1930752 ----a-w- C:WindowsSystem32authui.dll 2013-05-20 16:36:13 70144 ----a-w- C:WindowsSystem32appinfo.dll 2013-05-20 16:36:13 1796096 ----a-w- C:WindowsSysWow64authui.dll 2013-05-20 16:36:13 111448 ----a-w- C:WindowsSystem32consent.exe 2013-05-20 16:19:39 48640 ----a-w- C:WindowsSystem32wwanprotdim.dll 2013-05-20 16:19:39 230400 ----a-w- C:WindowsSystem32wwansvc.dll 2013-05-20 16:19:27 474624 ----a-w- C:WindowsapppatchAcSpecfc.dll 2013-05-20 16:19:27 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2013-05-20 16:19:27 308736 ----a-w- C:WindowsapppatchAppPatch64AcGenral.dll 2013-05-20 16:19:27 2176512 ----a-w- C:WindowsapppatchAcGenral.dll 2013-05-20 16:19:27 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2013-05-20 16:19:27 111104 ----a-w- C:WindowsapppatchAppPatch64acspecfc.dll 2013-05-06 10:13:15 1656680 ----a-w- C:WindowsSystem32driversntfs.sys 2013-05-06 10:11:53 223752 ----a-w- C:WindowsSystem32driversfvevol.sys 2013-05-01 23:06:08 278800 ------w- C:WindowsSystem32MpSigStub.exe . ============= FINISH: 14:52:20,54 ===============

 

 

 

Attack:

 

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume2 Install Date: 19.8.2011 г. 18:03:06 System Uptime: 21.7.2013 г. 22:18:53 (16 hours ago) . Motherboard: Hewlett-Packard |  | 166F Processor: Intel® Pentium® CPU B940 @ 2.00GHz | CPU1 | 800/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 343 GiB total, 221,082 GiB free. D: is FIXED (NTFS) - 14 GiB total, 1,513 GiB free. E: is CDROM () F: is Removable G: is FIXED (NTFS) - 342 GiB total, 175,825 GiB free. H: is FIXED (FAT32) - 0 GiB total, 0,082 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP165: 22.6.2013 г. 21:20:01 - Windows Modules Installer RP166: 2.7.2013 г. 13:19:45 - Scheduled Checkpoint RP167: 12.7.2013 г. 00:15:06 - Scheduled Checkpoint RP168: 12.7.2013 г. 10:48:44 - Windows Update RP169: 19.7.2013 г. 18:23:09 - Scheduled Checkpoint RP170: 21.7.2013 г. 03:00:12 - Windows Update . ==== Installed Programs ====================== . µTorrent 50 FREE MP3s +1 Free Audiobook! Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Reader X (10.1.3) MUI Advanced SystemCare 6 Agatha Christie - Peril at End House Ashampoo Magical Optimizer 1.22 Babylon toolbar on IE Bejeweled 2 Deluxe Bejeweled 3 Bing Bar Blackhawk Striker 2 Blasterball 3 Bounce Symphony BS Player Toolbar BS.Player FREE Build-a-lot 2 Cake Mania Chuzzle Deluxe Conduit Engine CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Dora's World Adventure Download Updater (AOL LLC) Energy Star Digital Logo ESU for Microsoft Windows 7 Evernote v. 4.2.2 Farm Frenzy FATE - The Traitor Soul Final Drive Nitro Google Chrome Google Drive Google Earth Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Connection Manager HP Customer Experience Enhancements HP Documentation HP Games HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 24 Java 6 Update 24 (64-bit) Junk Mail filter update K-Lite Codec Pack 6.0.0 (Full) Magic Desktop Mah Jong Medley Mesh Runtime Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT MSVCRT_amd64 MyAshampoo Toolbar Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Nero 7 Premium NewTabs Uninstall Norton Internet Security Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer Ralink RT5390 802.11b/g/n WiFi Adapter Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager SA Dictionary 2008 Beta 4 SafeIP Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shared C Run-time for x64 Skype Click to Call Skype™ 6.1 Slingo Supreme Smiley Bar for Facebook Software Plate Synaptics Pointing Device Driver The KMPlayer (remove only) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update Installer for WildTangent Games App uTorrentBar Toolbar V9 Homepage Uninstaller Virtual Villagers 4 - The Tree of Life VIVACOM 3G USB MODEM WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Winamp Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 21.7.2013 г. 03:13:22, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service. 21.7.2013 г. 03:13:22, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-2147218173. 21.7.2013 г. 03:11:07, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied.. 21.7.2013 г. 03:10:13, Error: volmgr [46]  - Crash dump initialization failed! 19.7.2013 г. 00:38:40, Error: Service Control Manager [7034]  - The Audio Service service terminated unexpectedly.  It has done this 1 time(s). 17.7.2013 г. 16:19:04, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Да започнем с това;

  • [*]Изтеглете
RogueKiller.exe и го запазете на десктопа. [*]Стартирайте приложението и натиснете бутона SCAN. [*]Ще се създаде лог файл на десктопа с името RKreport.txt на десктопа. [*]Публикувайте лог файла в следващия си коментар.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте , изпълних всичко което казахте, но малко преди са приключи сканирането програмата заби, и излезна квадратче на което пише RoogueKiller was stop wornikg. Повторих пак и този път завърши сканирането . Ето го лога :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 16:54:25 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_165425.txt >>

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стартирайте отново RogueKiller и изчакайте първоначалната проверка да приключи.

След това натиснете Scan.

След като приключи отидете до секцията Hosts и натиснете таба Fix Hosts

 

Възможно е да ви  поиска рестарт. Съгласете се.

След рестарта моля публикувайте новите лог файлове от RogueKiller в следващия си коментар.
  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

не ми поиска рестарт. Логовете :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 18:26:03 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_182603.txt >> RKreport[0]_S_07222013_165425.txt

 

 

 

 

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : HOSTSFix -- Date : 07/22/2013 18:26:32 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ Reset HOSTS: ¤¤¤ 127.0.0.1 localhost

Finished : << RKreport[0]_H_07222013_182632.txt >> RKreport[0]_S_07222013_165425.txt;RKreport[0]_S_07222013_182603.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Хм..нещо не се е получило това което исках..Сигурен ли сте че маркирахте  Fix Hosts.....?

 
Публикувано изображение 1.Изтеглете програмата AVZ 4.41 и разархивирайте avz4.zip например в папка (c:antivir).

Публикувано изображение 2.Стартирайте програмата и изпълнете:

File => Standard scripts => в отворилия се прозорец маркирайте позиция 7 => Execute selected scripts:
 
Публикувано изображение

Публикувано изображение



Публикувано изображение След завършване на сканирането компютъра ви ще се рестартира..!
Ще се създаде архив KL_syscure.zip в същата папка където е разархивирана програмата.
Моля, прикачете този архив във следващия си пост..!

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.

  Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org

Database version: v2013.07.22.06

Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Dzhemal :: DZHEMAL-HP [administrator]

22.7.2013 г. 19:35:03 ч. mbam-log-2013-07-22 (19-35-03).txt

Scan type: Full scan (C:|D:|G:|H:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 416749 Time elapsed: 1 hour(s), 16 minute(s), 24 second(s)

Memory Processes Detected: 0 (No malicious items detected)

Memory Modules Detected: 0 (No malicious items detected)

Registry Keys Detected: 0 (No malicious items detected)

Registry Values Detected: 0 (No malicious items detected)

Registry Data Items Detected: 0 (No malicious items detected)

Folders Detected: 1 C:ProgramDataIBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.

Files Detected: 1 C:ProgramDataIBUpdaterServicerepository.xml (PUP.InstallBrain) -> Quarantined and deleted successfully.

(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

...и последни проверки..:
 
Публикувано изображениеМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

  • [*]Затворете всички стартирани програми и браузъри [*]Кликнете два пъти върху
adwcleaner.exe за да стартирате инструмента. [*]Този път маркирайте Delete [*]Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта. [*]Моля, да публикувате съдържанието на този лог в отговора си [*]Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s1].txt.

Публикувано изображение
 
Публикувано изображение Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

Публикувано изображение

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

eто съдаржанието от първата:

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 21:08:55 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dzhemal - DZHEMAL-HP # Boot Mode : Normal # Running from : C:UsersDzhemalDesktopadwcleaner.exe # Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:END File Deleted : C:user.js Folder Deleted : C:Program Files (x86)BabylonToolbar Folder Deleted : C:Program Files (x86)BS_Player Folder Deleted : C:Program Files (x86)Common FilesSoftware Update Utility Folder Deleted : C:Program Files (x86)Conduit Folder Deleted : C:Program Files (x86)ConduitEngine Folder Deleted : C:Program Files (x86)file scout Folder Deleted : C:Program Files (x86)MyAshampoo Folder Deleted : C:Program Files (x86)Smiley Bar for Facebook Folder Deleted : C:Program Files (x86)uTorrentBar Folder Deleted : C:Program Files (x86)Winamp Toolbar Folder Deleted : C:ProgramDataBabylon Folder Deleted : C:ProgramDataWinamp Toolbar Folder Deleted : C:UsersDzhemalAppDataLocalConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowBS_Player Folder Deleted : C:UsersDzhemalAppDataLocalLowConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowConduitEngine Folder Deleted : C:UsersDzhemalAppDataLocalLowuTorrentBar Folder Deleted : C:UsersDzhemalAppDataRoamingBabylon Folder Deleted : C:UsersDzhemalAppDataRoamingfile scout Folder Deleted : C:UsersDzhemalAppDataRoamingPerformerSoft Folder Deleted : C:UsersDzhemalAppDataRoamingStatusWinks

***** [Registry] *****

Key Deleted : HKCUSoftwareAppDataLowSoftwareBS_Player Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwareconduitEngine Key Deleted : HKCUSoftwareAppDataLowSoftwareConduitSearchScopes Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampoo Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampootoolbar Key Deleted : HKCUSoftwareAppDataLowSoftwareSmartBar Key Deleted : HKCUSoftwareAppDataLowSoftwareuTorrentBar Key Deleted : HKCUSoftwareAppDataLowToolbar Key Deleted : HKCUSoftwareBabylonToolbar Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwarefilescout Key Deleted : HKCUSoftwareInstallCore Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKCUSoftwareSoftonic Key Deleted : HKCUSoftwareWinamp Toolbar Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSoftwareBabylon Key Deleted : HKLMSoftwareBabylonToolbar Key Deleted : HKLMSoftwareBS_Player Key Deleted : HKLMSOFTWAREClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLMSOFTWAREClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Key Deleted : HKLMSOFTWAREClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4} Key Deleted : HKLMSOFTWAREClassesAppID{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesAppID{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{562B9317-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLMSOFTWAREClassesAppID{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLMSOFTWAREClassesAppID{B27D9527-3762-4D71-963D-FB7A94FDD678} Key Deleted : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLMSOFTWAREClassesAppID{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesAppIDAddonsFramework.DLL Key Deleted : HKLMSOFTWAREClassesAppIDButtonSite.DLL Key Deleted : HKLMSOFTWAREClassesAppIDdnu.EXE Key Deleted : HKLMSOFTWAREClassesAppIDescort.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortApp.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortEng.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescorTlbr.DLL Key Deleted : HKLMSOFTWAREClassesAppIDesrv.EXE Key Deleted : HKLMSOFTWAREClassesAppIDPropertySync.EXE Key Deleted : HKLMSOFTWAREClassesAppIDScriptHost.DLL Key Deleted : HKLMSOFTWAREClassesAppIDwinamptbServer.exe Key Deleted : HKLMSOFTWAREClassesb Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd.1 Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore.1 Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLMSOFTWAREClassesConduit.Engine Key Deleted : HKLMSOFTWAREClassesdnUpdate Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser.1 Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController.1 Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane.1 Key Deleted : HKLMSOFTWAREClassesescort.escrtBtn.1 Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc.1 Key Deleted : HKLMSOFTWAREClassesProd.cap Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool.1 Key Deleted : HKLMSOFTWAREClassesToolbar.CT1750559 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2475029 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2786678 Key Deleted : HKLMSOFTWAREClassesTypeLib{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesTypeLib{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesTypeLib{507591C2-2F4E-46A7-92D6-E6CFF82E5F26} Key Deleted : HKLMSOFTWAREClassesTypeLib{538CD77C-BFDD-49B0-9562-77419CAB89D1} Key Deleted : HKLMSOFTWAREClassesTypeLib{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLMSOFTWAREClassesTypeLib{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLMSOFTWAREClassesTypeLib{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams.1 Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper.1 Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareconduitEngine Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerExtensions{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSoftwareMyAshampoo Key Deleted : HKLMSoftwareMyAshampootoolbar Key Deleted : HKLMSoftwareuTorrentBar Key Deleted : HKLMSoftwareV9Software Key Deleted : HKLMSoftwareWinamp Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{57BCA5FA-5DBB-45A2-B558-1755C3F6253B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{6EF4E91D-DDD5-4478-BCA7-DA04435934C0} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B38D6EDE-390B-4620-8365-29E16459EBDA} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FE178B09-C8AA-4734-804D-1849BCCA0C29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{27598766-07DA-4D2C-BA3D-94E7BCB76FB1} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{3EEC087D-DB13-4786-BE94-73B35E52481C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{A8C2644D-BF72-4A89-A88C-D85F565F2F46} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{CEB29294-02C7-44B2-AEEF-3C02FFC2F3B3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{D6B7CB41-15B5-466F-AF4B-951DBDD9C331} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{DDDFD019-5321-4150-9713-B5CD90665C3B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBabylonToolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallConduit Engine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallconduitEngine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallMyAshampoo Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSmiley Bar for Facebook Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSoftwareUpdUtility Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstalluTorrentBar Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallV9Software Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKLMSOFTWAREClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [internet Browsers] *****

- Internet Explorer v10.0.9200.16635

*************************

AdwCleaner[s1].txt - [27691 octets] - [22/07/2013 21:08:55]

########## EOF - C:AdwCleaner[s1].txt - [27752 octets] ##########

Ето и 2-рия лог :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.2.0 (07.21.2013:1) OS: Windows 7 Home Premium x64 Ran by Dzhemal on Ї®­ 22.07.2013 Ј. at 21:29:00,23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{494AA071-15E8-4F7D-8B60-F178E86123EF} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{112DEDAE-AACB-4217-88A6-2F53DF270033} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{49F79A1A-F707-45FB-9F04-B5149FB8C73E} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{4E188446-8975-4AEE-BF0F-99359E63F83B} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{7112ED04-E42F-4476-B1BC-493EC219E104} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C0DBBED7-D31C-49E7-A66E-ECA7D75D555F} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C1080434-84E8-4382-99C9-441D4EE74AF9} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{D6A97776-4525-4561-BCBD-082048FB87E4} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{DF07B432-CF3F-45CD-A22F-A94417196611} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{EBDDC513-4459-478F-A088-727459BDECDB}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Ї®­ 22.07.2013 Ј. at 21:37:46,64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

И как е положението със системата ви....наблюдавате ли първоначалните проблеми..?

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

в мометна нямам проблем с абв-то влизам си без проблем, и другите банери не ми се отварят, но лаптопа някак си зарежда мн бавно. Трябва ли да го рестарт???

Така след рестарт, системата се държи стабилно , зарежда си добре и проблемите мисля, че вече ги няма :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прекрасно..! :)
 
Публикувано изображение Изтеглете Security Check (автор: screen317) от тук или от тук и го запишете на десктопа.

  • [*]Кликнете два пъти върху
SecurityCheck.exe и следвайте инструкциите. [*]Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt. [*]Копирайте съдържанието на checkup.txt с Копирай (Copy) и с Постави (Paste) го поставете в следващия си коментар.

След това стартирайте PatchMyPC и инсталирайте всички ъпдейти, които инструмента предложи.
 
 
Публикувано изображение Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools => натиснете бутона Run Инструмента ще се самоизтрие след като приключи своята задача!
 

Публикувано изображение Изтрийте всичко друго което е останало след процедурите (използвано в лечението).Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..!:)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

от security check log-a излезна само това :

 UNSUPPORTED OPERATING SYSTEM! ABORTED!  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..! :)

 

Ейй голем си брат :):) Много благодаря, жив и здрав и всичко хубаво да ти се случва.

Лека вечер и от мен :)

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от CaptainJord
      Здравейте, откакто изтеглих един файл и го стартирах антивирусната ми засече някакъв вирус относно видеокартата ми (няма как файлове от видеокартата ми да са вирус) .. не знам и аз точно какво е та за по ясно ето снимка .. Колкото и да се опитвам да го махна то пак излиза ..
       
       

      Addition.txt
    • от D101149
      Здравейте! Имам вируси в компютъра. Имах Malwebytes anti-virus, изтече му лиценза пробният и го махнах и сега съм с есет за 30 дена. По-добър от Malwerbytes обаче постоянно ми вади някакъв вирус като вляза в chrome за CoinMiner
      прикачам файловете, които са ви нужни. благодаря!

      FRST.txt
      Addition.txt
    • от ℒℴ♥e
      Значи проблема е, че ми се товари процесора без видима причина, и към бонус това ми спами, някакви рандом реклами в браузера през (период от-време) без, да го стартирам, дори! (той сам се стартира)
      Вече съм с win10 pro и не знам какви са пръвите стъпки, които да направя (ако нещо се е променило (от преди време) да ми кажете), какво се правеше от самото начало?
      Като се има в предвид, че евентуално вирусите ми блокират "Malwarebytes Anti-Malware" (не се стартира след инстал) и може би, да са двойно повече от посл. път (към 500, да кажем сега).
      Не мога и да изтегля Farbar Recovery Scan Tool да кача! Не мога да го download изобщо. Браузера, които и да е, изключва при стартиране на линка!!
      Не завиждам, всъщност на този, който би се занимал с мен. И предварително, се извинявам на всеки, който съм обидил по-някакъв начин!
      И също така, съм много признателен на всички Вас, които ми оправихте последния мега-тера-гига-удар, който понесе компютъра ми, преди време и до-сега работи безотказно !!!
    • от ivan_pop
      Здравейте!
      Компютъра е с Win 8.1/32bit.През 2-3 минути в горния десен ъгъл ми излиза това съобщение.
      post a picture
      Това е от днес около обяд.Не съм забелязал да има проблем с работата на компютъра.Пуснах ъпдейти и съобщението пак си излиза.
      А в долния десен ъгъл,заедно с горното съобщение,излиза това.
      image hosting over 5mb
      Моля за помощ!
    • от Erkant Etem
      Здравейте , 
      Беше ми нужно инсталирането на Microsoft Office Pack-ет , по - стара версия и поради това използвах keygen (portable) версия потърсена чрез google търсачката и от тогава имам проблем с изкачащ прозорец от време на време ... С Windows 10 64 bit съм и използвам Chrome  и от време на време само тръгва да зарежда един и същ сайт при което аз го махам , но ми се струва , че е нещо сериозно ... Също ми се случи и без отворен Chrome , само да си зарежда Chrome и да стартира съответния сайт , мисля , че е някъкъв руски , защото изписва .ru и нещо си - "checker id" после пренасочва към някъкъв друг сайт - "3305382455.linkshort.pro"  .  
      Едит: Сайта , който изписва checking visitor , a не checker id e - di1stero.com  и отново само си пусна chorme и започна да зарежда споменатата страница... винаги е едно и също..  От .ru на checker id - di1stero.com   и след това 3305382455.linkshort.pro"  ...
      Благодаря предварително.
       
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
      Ran by Erkant (administrator) on DESKTOP-LLNRL7P (21-05-2018 16:15:21)
      Running from C:\Users\Erkant\Downloads
      Loaded Profiles: Erkant (Available Profiles: Erkant)
      Platform: Windows 10 Pro Version 1709 16299.431 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646680 2017-12-19] (Oracle Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-449665086-573856661-688635114-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-05-19] (Valve Corporation)
      GroupPolicy: Restriction - Windows Defender <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: 127.0.0.1 keystone.mwbsys.com
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
      Tcpip\..\Interfaces\{6f7c230f-23f8-4da3-a985-6efa2206f6cc}: [DhcpNameServer] 192.168.0.1 0.0.0.0
      Internet Explorer:
      ==================
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
      FireFox:
      ========
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
      Chrome: 
      =======
      CHR Profile: C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default [2018-05-21]
      CHR Extension: (Slides) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-25]
      CHR Extension: (Docs) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-25]
      CHR Extension: (Google Drive) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-25]
      CHR Extension: (YouTube) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-25]
      CHR Extension: (Sheets) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-25]
      CHR Extension: (Google Docs Offline) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-25]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-25]
      CHR Extension: (Gmail) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-25]
      CHR Extension: (Chrome Media Router) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-25]
      CHR Extension: (Extension optimizator) - C:\Users\Erkant\AppData\Local\Google\Chrome\User Data\Default\Optimizator\1.3_0 [2018-05-20]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
      R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-26] (Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-26] (Microsoft Corporation)
      S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
      S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
      R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-21] (Malwarebytes)
      R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-21] (Malwarebytes)
      R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-21] (Malwarebytes)
      R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-21] (Malwarebytes)
      R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-21] (Malwarebytes)
      R1 MpKslf3e4cdd1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F82E94D3-DD78-498F-9C67-3E8291EE6843}\MpKslf3e4cdd1.sys [58120 2018-05-21] (Microsoft Corporation)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
      S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-26] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-26] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-26] (Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-05-21 16:15 - 2018-05-21 16:16 - 000010704 _____ C:\Users\Erkant\Downloads\FRST.txt
      2018-05-21 16:15 - 2018-05-21 16:15 - 000000000 ____D C:\FRST
      2018-05-21 16:13 - 2018-05-21 16:13 - 002413056 _____ (Farbar) C:\Users\Erkant\Downloads\FRST64.exe
      2018-05-21 15:19 - 2018-05-21 15:19 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
      2018-05-21 15:18 - 2018-05-21 15:22 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
      2018-05-21 15:18 - 2018-05-21 15:18 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2018-05-21 15:18 - 2018-05-21 15:18 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
      2018-05-21 15:18 - 2018-05-21 15:18 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
      2018-05-21 15:18 - 2018-05-21 15:18 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-05-21 15:18 - 2018-05-21 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-05-21 15:18 - 2018-05-21 15:18 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-05-21 15:18 - 2018-05-21 15:18 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-05-21 15:18 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
      2018-05-21 13:33 - 2018-05-21 13:33 - 000000880 _____ C:\Users\Erkant\Documents\hosts.txt
      2018-05-21 13:33 - 2018-05-21 13:33 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Obsidium
      2018-05-21 01:42 - 2018-05-21 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
      2018-05-21 01:42 - 2018-05-21 01:42 - 000000000 ____D C:\Program Files\qBittorrent
      2018-05-21 01:16 - 2018-05-21 01:16 - 000000258 __RSH C:\Users\Erkant\ntuser.pol
      2018-05-21 00:08 - 2018-05-21 00:08 - 000001181 _____ C:\Users\Erkant\Desktop\Android Studio.lnk
      2018-05-20 23:59 - 2018-05-20 23:59 - 000000998 _____ C:\Users\Erkant\Desktop\Xampp.lnk
      2018-05-20 23:57 - 2018-05-20 23:57 - 000001779 _____ C:\Users\Erkant\Desktop\MySQL.lnk
      2018-05-20 21:43 - 2018-05-20 21:43 - 000002468 __RSH C:\ProgramData\ntuser.pol
      2018-05-20 21:41 - 2018-05-20 21:41 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
      2018-05-20 21:41 - 2018-05-20 21:41 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\FileModule
      2018-05-20 21:40 - 2018-05-20 21:40 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\winhttp 5.1
      2018-05-20 21:38 - 2018-05-21 15:16 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\qBittorrent
      2018-05-20 21:38 - 2018-05-20 21:38 - 000000000 ____D C:\Users\Erkant\AppData\Local\qBittorrent
      2018-05-20 21:21 - 2018-05-20 22:32 - 000005246 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-LLNRL7P-Erkant DESKTOP-LLNRL7P
      2018-05-20 20:20 - 2018-05-20 20:20 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\JetBrains
      2018-05-20 19:23 - 2018-05-21 00:08 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Postman
      2018-05-20 19:23 - 2018-05-20 19:23 - 000002210 _____ C:\Users\Erkant\Desktop\Postman.lnk
      2018-05-20 19:23 - 2018-05-20 19:23 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postman
      2018-05-20 19:22 - 2018-05-20 19:23 - 000000000 ____D C:\Users\Erkant\AppData\Local\SquirrelTemp
      2018-05-20 19:22 - 2018-05-20 19:23 - 000000000 ____D C:\Users\Erkant\AppData\Local\Postman
      2018-05-20 19:21 - 2018-05-20 19:22 - 067730552 _____ (Postman) C:\Users\Erkant\Downloads\Postman-win64-6.1.2-Setup.exe
      2018-05-20 19:07 - 2018-05-20 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
      2018-05-20 18:51 - 2018-05-20 18:51 - 000000000 ____D C:\Program Files (x86)\MySQL
      2018-05-20 18:21 - 2018-05-20 18:21 - 000000000 ____D C:\WINDOWS\system32\appmgmt
      2018-05-20 18:07 - 2018-05-20 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
      2018-05-20 18:04 - 2018-05-20 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
      2018-05-20 18:04 - 2018-05-20 18:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
      2018-05-20 18:03 - 2018-05-20 18:03 - 000000000 ____D C:\WINDOWS\PCHEALTH
      2018-05-20 18:03 - 2018-05-20 18:03 - 000000000 ____D C:\Program Files\Microsoft SQL Server
      2018-05-20 18:03 - 2018-05-20 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
      2018-05-20 18:01 - 2018-05-20 18:04 - 000000000 ____D C:\WINDOWS\SHELLNEW
      2018-05-20 18:00 - 2018-05-20 18:03 - 000000000 ____D C:\Program Files\Microsoft Office
      2018-05-20 18:00 - 2018-05-20 18:00 - 000000000 ____D C:\Users\Erkant\AppData\Local\Microsoft Help
      2018-05-20 18:00 - 2018-05-20 18:00 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
      2018-05-20 18:00 - 2018-05-20 18:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2018-05-20 18:00 - 2018-05-20 18:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
      2018-05-20 17:59 - 2018-05-20 17:59 - 000000000 __RHD C:\MSOCache
      2018-05-20 17:58 - 2018-05-20 23:52 - 000000000 ____D C:\xampp
      2018-05-20 17:54 - 2018-05-20 18:25 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\MySQL
      2018-05-20 17:53 - 2018-05-20 18:24 - 000000000 ____D C:\Program Files\MySQL
      2018-05-20 17:48 - 2018-05-20 17:49 - 129956760 _____ (Bitnami) C:\Users\Erkant\Downloads\xampp-win32-7.2.5-0-VC15-installer.exe
      2018-05-20 17:47 - 2018-05-20 17:47 - 029601792 _____ C:\Users\Erkant\Downloads\mysql-workbench-community-6.3.10-winx64.msi
      2018-05-20 17:07 - 2018-05-20 17:07 - 000000000 ____D C:\Users\Erkant\Desktop\TimeAttendance
      2018-05-19 13:43 - 2018-05-19 13:43 - 000000000 ____D C:\Users\Erkant\AppData\Local\ElevatedDiagnostics
      2018-05-16 03:18 - 2018-05-16 03:18 - 000000222 _____ C:\Users\Erkant\Desktop\Stickman Destruction 2.url
      2018-05-16 03:18 - 2018-05-16 03:18 - 000000000 ____D C:\Users\Erkant\AppData\LocalLow\OtakuMaker
      2018-05-16 00:46 - 2018-05-16 00:46 - 000000000 ____D C:\WINDOWS\SysWOW64\AGEIA
      2018-05-16 00:46 - 2018-05-16 00:46 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
      2018-05-15 19:48 - 2018-05-15 19:48 - 000000221 _____ C:\Users\Erkant\Desktop\Watchmen The End Is Nigh.url
      2018-05-14 10:15 - 2018-05-14 16:19 - 000000000 ____D C:\WINDOWS\Minidump
      2018-05-13 18:06 - 2018-05-13 18:06 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
      2018-05-10 21:57 - 2018-05-10 21:57 - 002276378 _____ C:\Users\Erkant\Downloads\app-debug.apk
      2018-05-10 16:17 - 2018-05-10 16:17 - 000000000 ____D C:\Users\Erkant\AppData\Local\Notepad++
      2018-05-10 13:02 - 2018-05-10 13:02 - 000000000 ____D C:\Users\Erkant\ApkProjects
      2018-05-10 11:55 - 2018-05-10 11:55 - 000000000 ____D C:\Users\Erkant\AppData\Local\NVIDIA
      2018-05-09 20:06 - 2018-05-09 20:06 - 000000000 ____D C:\Users\Erkant\AppData\Local\Icycle On Thin Ice
      2018-05-09 20:05 - 2018-05-09 20:05 - 000000222 _____ C:\Users\Erkant\Desktop\Icycle On Thin Ice.url
      2018-05-09 19:05 - 2018-05-09 19:05 - 000000000 ____D C:\Users\Erkant\AppData\Local\Stories
      2018-05-09 18:50 - 2018-05-09 18:50 - 000000222 _____ C:\Users\Erkant\Desktop\Stories The Path of Destinies.url
      2018-05-08 23:08 - 2018-05-02 00:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2018-05-08 23:08 - 2018-05-02 00:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2018-05-08 21:13 - 2018-05-03 10:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
      2018-05-08 21:13 - 2018-05-03 10:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2018-05-08 21:13 - 2018-05-03 10:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2018-05-08 21:13 - 2018-05-03 10:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
      2018-05-08 21:13 - 2018-05-03 10:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
      2018-05-08 21:13 - 2018-05-03 10:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
      2018-05-08 21:13 - 2018-05-03 10:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
      2018-05-08 21:13 - 2018-05-03 10:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
      2018-05-08 21:13 - 2018-05-03 10:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2018-05-08 21:13 - 2018-05-03 10:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
      2018-05-08 21:13 - 2018-05-03 10:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2018-05-08 21:13 - 2018-05-03 10:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2018-05-08 21:13 - 2018-05-03 10:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
      2018-05-08 21:13 - 2018-05-03 10:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
      2018-05-08 21:13 - 2018-05-03 10:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
      2018-05-08 21:13 - 2018-05-03 10:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
      2018-05-08 21:13 - 2018-05-03 10:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
      2018-05-08 21:13 - 2018-05-03 10:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
      2018-05-08 21:13 - 2018-05-03 10:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
      2018-05-08 21:13 - 2018-05-03 10:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
      2018-05-08 21:13 - 2018-05-03 10:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2018-05-08 21:13 - 2018-05-03 10:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2018-05-08 21:13 - 2018-05-03 10:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2018-05-08 21:13 - 2018-05-03 10:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2018-05-08 21:13 - 2018-05-03 10:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
      2018-05-08 21:13 - 2018-05-03 10:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
      2018-05-08 21:13 - 2018-05-03 10:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
      2018-05-08 21:13 - 2018-05-03 10:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2018-05-08 21:13 - 2018-05-03 10:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2018-05-08 21:13 - 2018-05-03 10:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2018-05-08 21:13 - 2018-05-03 10:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2018-05-08 21:13 - 2018-05-03 10:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2018-05-08 21:13 - 2018-05-03 10:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
      2018-05-08 21:13 - 2018-05-03 10:36 - 000397728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
      2018-05-08 21:13 - 2018-05-03 10:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2018-05-08 21:13 - 2018-05-03 10:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
      2018-05-08 21:13 - 2018-05-03 10:35 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
      2018-05-08 21:13 - 2018-05-03 10:35 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
      2018-05-08 21:13 - 2018-05-03 10:35 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
      2018-05-08 21:13 - 2018-05-03 10:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
      2018-05-08 21:13 - 2018-05-03 10:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2018-05-08 21:13 - 2018-05-03 10:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
      2018-05-08 21:13 - 2018-05-03 10:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2018-05-08 21:13 - 2018-05-03 10:32 - 000744864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
      2018-05-08 21:13 - 2018-05-03 10:32 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
      2018-05-08 21:13 - 2018-05-03 10:32 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
      2018-05-08 21:13 - 2018-05-03 10:31 - 001420704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
      2018-05-08 21:13 - 2018-05-03 10:30 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
      2018-05-08 21:13 - 2018-05-03 10:30 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
      2018-05-08 21:13 - 2018-05-03 10:30 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
      2018-05-08 21:13 - 2018-05-03 10:30 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
      2018-05-08 21:13 - 2018-05-03 09:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
      2018-05-08 21:13 - 2018-05-03 09:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
      2018-05-08 21:13 - 2018-05-03 09:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
      2018-05-08 21:13 - 2018-05-03 09:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2018-05-08 21:13 - 2018-05-03 09:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2018-05-08 21:13 - 2018-05-03 09:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2018-05-08 21:13 - 2018-05-03 09:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
      2018-05-08 21:13 - 2018-05-03 09:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
      2018-05-08 21:13 - 2018-05-03 09:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2018-05-08 21:13 - 2018-05-03 09:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2018-05-08 21:13 - 2018-05-03 09:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2018-05-08 21:13 - 2018-05-03 09:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
      2018-05-08 21:13 - 2018-05-03 09:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
      2018-05-08 21:13 - 2018-05-03 09:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
      2018-05-08 21:13 - 2018-05-03 09:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2018-05-08 21:13 - 2018-05-03 09:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
      2018-05-08 21:13 - 2018-05-03 09:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
      2018-05-08 21:13 - 2018-05-03 09:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
      2018-05-08 21:13 - 2018-05-03 09:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
      2018-05-08 21:13 - 2018-05-03 09:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
      2018-05-08 21:13 - 2018-05-03 09:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
      2018-05-08 21:13 - 2018-05-03 09:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
      2018-05-08 21:13 - 2018-05-03 09:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
      2018-05-08 21:13 - 2018-05-03 09:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
      2018-05-08 21:13 - 2018-05-03 09:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
      2018-05-08 21:13 - 2018-05-03 09:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
      2018-05-08 21:13 - 2018-05-03 09:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
      2018-05-08 21:13 - 2018-05-03 09:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
      2018-05-08 21:13 - 2018-05-03 09:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
      2018-05-08 21:13 - 2018-05-03 09:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2018-05-08 21:13 - 2018-05-03 09:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
      2018-05-08 21:13 - 2018-05-03 09:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
      2018-05-08 21:13 - 2018-05-03 09:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2018-05-08 21:13 - 2018-05-03 09:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2018-05-08 21:13 - 2018-05-03 09:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2018-05-08 21:13 - 2018-05-03 09:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
      2018-05-08 21:13 - 2018-05-03 09:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2018-05-08 21:13 - 2018-05-03 09:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2018-05-08 21:13 - 2018-05-03 09:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
      2018-05-08 21:13 - 2018-05-03 09:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
      2018-05-08 21:13 - 2018-05-03 09:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
      2018-05-08 21:13 - 2018-05-03 09:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
      2018-05-08 21:13 - 2018-05-03 09:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
      2018-05-08 21:13 - 2018-05-03 09:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
      2018-05-08 21:13 - 2018-05-03 09:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
      2018-05-08 21:13 - 2018-05-03 09:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2018-05-08 21:13 - 2018-05-03 09:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
      2018-05-08 21:13 - 2018-05-03 09:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
      2018-05-08 21:13 - 2018-05-03 08:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2018-05-08 21:13 - 2018-05-03 08:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2018-05-08 21:13 - 2018-05-03 08:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
      2018-05-08 21:13 - 2018-05-03 08:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
      2018-05-08 21:13 - 2018-05-03 08:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2018-05-08 21:13 - 2018-05-03 08:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
      2018-05-08 21:13 - 2018-05-03 08:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
      2018-05-08 21:13 - 2018-05-03 08:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
      2018-05-08 21:13 - 2018-05-03 08:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
      2018-05-08 21:13 - 2018-05-03 08:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2018-05-08 21:13 - 2018-05-03 08:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2018-05-08 21:13 - 2018-05-03 08:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
      2018-05-08 21:13 - 2018-05-03 08:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2018-05-08 21:13 - 2018-05-03 08:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2018-05-08 21:13 - 2018-05-03 08:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2018-05-08 21:13 - 2018-05-03 08:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2018-05-08 21:13 - 2018-05-03 08:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2018-05-08 21:13 - 2018-05-03 08:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
      2018-05-08 21:13 - 2018-05-03 08:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
      2018-05-08 21:13 - 2018-05-03 08:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
      2018-05-08 21:13 - 2018-05-03 08:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
      2018-05-08 21:13 - 2018-05-03 08:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
      2018-05-08 21:13 - 2018-05-03 08:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
      2018-05-08 21:13 - 2018-04-16 01:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
      2018-05-08 21:13 - 2018-04-16 01:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
      2018-05-08 21:13 - 2018-04-16 01:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
      2018-05-08 21:13 - 2018-04-16 00:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
      2018-05-08 21:13 - 2018-04-16 00:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2018-05-08 21:13 - 2018-04-16 00:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
      2018-05-08 21:13 - 2018-04-16 00:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2018-05-08 21:13 - 2018-04-16 00:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
      2018-05-08 21:13 - 2018-04-16 00:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
      2018-05-08 21:13 - 2018-04-16 00:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
      2018-05-08 21:13 - 2018-04-16 00:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
      2018-05-08 21:13 - 2018-04-16 00:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
      2018-05-08 21:13 - 2018-04-16 00:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
      2018-05-08 21:13 - 2018-04-16 00:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
      2018-05-08 21:13 - 2018-04-16 00:36 - 002376088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
      2018-05-08 21:13 - 2018-04-16 00:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
      2018-05-08 21:13 - 2018-04-16 00:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
      2018-05-08 21:13 - 2018-04-16 00:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
      2018-05-08 21:13 - 2018-04-16 00:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
      2018-05-08 21:13 - 2018-04-16 00:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
      2018-05-08 21:13 - 2018-04-16 00:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2018-05-08 21:13 - 2018-04-16 00:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
      2018-05-08 21:13 - 2018-04-16 00:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
      2018-05-08 21:13 - 2018-04-16 00:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
      2018-05-08 21:13 - 2018-04-16 00:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
      2018-05-08 21:13 - 2018-04-16 00:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2018-05-08 21:13 - 2018-04-16 00:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
      2018-05-08 21:13 - 2018-04-16 00:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
      2018-05-08 21:13 - 2018-04-16 00:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
      2018-05-08 21:13 - 2018-04-16 00:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
      2018-05-08 21:13 - 2018-04-16 00:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
      2018-05-08 21:13 - 2018-04-15 23:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2018-05-08 21:13 - 2018-04-15 23:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2018-05-08 21:13 - 2018-04-15 23:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
      2018-05-08 21:13 - 2018-04-15 23:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
      2018-05-08 21:13 - 2018-04-15 23:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
      2018-05-08 21:13 - 2018-04-15 23:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
      2018-05-08 21:13 - 2018-04-15 23:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
      2018-05-08 21:13 - 2018-04-15 23:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
      2018-05-08 21:13 - 2018-04-15 23:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
      2018-05-08 21:13 - 2018-04-15 23:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
      2018-05-08 21:13 - 2018-04-15 23:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
      2018-05-08 21:13 - 2018-04-15 23:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
      2018-05-08 21:13 - 2018-04-15 23:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
      2018-05-08 21:13 - 2018-04-15 23:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
      2018-05-08 21:13 - 2018-04-15 23:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
      2018-05-08 21:13 - 2018-04-15 23:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
      2018-05-08 21:13 - 2018-04-15 23:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2018-05-08 21:13 - 2018-04-15 23:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
      2018-05-08 21:13 - 2018-04-15 23:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2018-05-08 21:13 - 2018-04-15 23:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
      2018-05-08 21:13 - 2018-04-15 23:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
      2018-05-08 21:13 - 2018-04-15 23:33 - 001623960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
      2018-05-08 21:13 - 2018-04-15 23:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
      2018-05-08 21:13 - 2018-04-15 23:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
      2018-05-08 21:13 - 2018-04-15 23:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
      2018-05-08 21:13 - 2018-04-15 23:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
      2018-05-08 21:13 - 2018-04-15 23:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
      2018-05-08 21:13 - 2018-04-15 23:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
      2018-05-08 21:13 - 2018-04-15 23:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
      2018-05-08 21:13 - 2018-04-15 23:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
      2018-05-08 21:13 - 2018-04-15 23:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
      2018-05-08 21:13 - 2018-04-15 23:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
      2018-05-08 21:13 - 2018-04-15 23:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
      2018-05-08 21:13 - 2018-04-15 23:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
      2018-05-08 21:13 - 2018-04-15 23:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
      2018-05-08 21:13 - 2018-04-15 23:09 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
      2018-05-08 21:13 - 2018-04-15 23:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
      2018-05-08 21:13 - 2018-04-15 23:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
      2018-05-08 21:13 - 2018-04-15 23:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
      2018-05-08 21:13 - 2018-04-15 23:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
      2018-05-08 21:13 - 2018-04-15 23:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
      2018-05-08 21:13 - 2018-04-15 23:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
      2018-05-08 21:13 - 2018-04-15 23:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
      2018-05-08 21:13 - 2018-04-15 23:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
      2018-05-08 21:13 - 2018-04-15 23:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
      2018-05-08 21:13 - 2018-04-15 23:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
      2018-05-08 21:13 - 2018-04-15 23:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
      2018-05-08 21:13 - 2018-04-15 23:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
      2018-05-08 21:13 - 2018-04-15 23:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
      2018-05-08 21:13 - 2018-04-15 23:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
      2018-05-08 21:13 - 2018-04-15 23:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
      2018-05-08 21:13 - 2018-04-15 23:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
      2018-05-08 21:13 - 2018-04-15 23:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
      2018-05-08 21:13 - 2018-04-15 23:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
      2018-05-08 21:13 - 2018-04-15 23:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
      2018-05-08 21:13 - 2018-04-15 23:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
      2018-05-08 21:13 - 2018-04-15 23:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
      2018-05-08 21:13 - 2018-04-15 23:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
      2018-05-08 21:13 - 2018-04-15 23:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
      2018-05-08 21:13 - 2018-04-15 23:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
      2018-05-08 21:13 - 2018-04-15 23:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
      2018-05-08 21:13 - 2018-04-15 23:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
      2018-05-08 21:13 - 2018-04-15 23:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
      2018-05-08 21:13 - 2018-04-15 23:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
      2018-05-08 21:13 - 2018-04-15 23:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
      2018-05-08 21:13 - 2018-04-15 23:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
      2018-05-08 21:13 - 2018-04-15 23:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
      2018-05-08 21:13 - 2018-04-15 23:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
      2018-05-08 21:13 - 2018-04-15 23:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
      2018-05-08 21:13 - 2018-04-15 23:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
      2018-05-08 21:13 - 2018-04-15 22:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
      2018-05-08 21:13 - 2017-11-26 16:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      2018-05-08 21:12 - 2018-05-03 09:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
      2018-05-08 21:12 - 2018-05-03 09:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
      2018-05-08 21:12 - 2018-05-03 09:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
      2018-05-08 21:12 - 2018-05-03 08:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
      2018-05-08 21:12 - 2018-05-03 08:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
      2018-05-08 21:12 - 2018-05-03 08:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
      2018-05-08 21:12 - 2018-04-16 00:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
      2018-05-08 21:12 - 2018-04-16 00:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
      2018-05-08 21:12 - 2018-04-16 00:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
      2018-05-08 21:12 - 2018-04-15 23:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
      2018-05-08 21:12 - 2018-04-15 23:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
      2018-05-08 21:12 - 2018-04-15 23:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
      2018-05-08 21:12 - 2018-04-15 23:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
      2018-05-08 21:12 - 2018-04-15 23:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
      2018-05-08 21:12 - 2018-04-15 23:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
      2018-05-08 21:12 - 2018-04-15 23:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
      2018-05-08 21:12 - 2018-04-15 23:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
      2018-05-08 21:12 - 2018-04-15 23:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
      2018-05-08 21:12 - 2018-04-15 23:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
      2018-05-08 21:12 - 2018-04-15 23:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
      2018-05-08 21:12 - 2018-04-15 23:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
      2018-05-08 21:12 - 2018-04-15 23:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
      2018-05-08 21:12 - 2018-04-15 23:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
      2018-05-08 21:12 - 2018-04-15 23:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
      2018-05-08 21:12 - 2018-04-15 23:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
      2018-05-08 21:12 - 2018-04-15 23:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
      2018-05-08 21:12 - 2018-04-15 23:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
      2018-05-08 21:12 - 2018-04-15 23:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
      2018-05-08 21:12 - 2018-04-15 23:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
      2018-05-08 21:12 - 2018-04-15 23:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
      2018-05-08 21:12 - 2018-04-15 23:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
      2018-05-08 21:12 - 2018-04-15 23:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
      2018-05-08 21:12 - 2018-04-15 23:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
      2018-05-08 21:12 - 2018-04-15 23:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
      2018-05-08 21:12 - 2018-04-15 23:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
      2018-05-08 21:12 - 2018-04-15 23:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
      2018-05-08 21:12 - 2018-04-15 23:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
      2018-05-08 21:12 - 2018-04-15 23:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
      2018-05-08 21:12 - 2018-04-15 23:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
      2018-05-08 21:12 - 2018-04-15 23:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
      2018-05-08 21:12 - 2018-04-15 23:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
      2018-05-08 21:12 - 2018-04-15 23:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
      2018-05-08 21:12 - 2018-04-15 23:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
      2018-05-08 21:12 - 2018-04-15 23:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
      2018-05-08 21:12 - 2018-04-15 23:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
      2018-05-08 21:12 - 2018-04-15 23:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
      2018-05-08 21:12 - 2018-04-15 23:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
      2018-05-08 21:12 - 2018-04-15 22:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
      2018-05-08 21:12 - 2018-04-15 22:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
      2018-05-08 21:12 - 2018-04-15 22:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
      2018-05-08 17:27 - 2018-05-08 17:27 - 000000000 ____D C:\Program Files\Intel
      2018-05-08 17:27 - 2017-08-21 17:13 - 000126584 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelHaxm.sys
      2018-05-08 17:14 - 2018-05-08 17:14 - 000000000 ____D C:\Users\Erkant\AppData\Local\Android
      2018-05-08 17:13 - 2018-05-20 21:01 - 000000000 ____D C:\Users\Erkant\.android
      2018-05-08 17:13 - 2018-05-08 17:13 - 000000000 ____D C:\Users\Erkant\.AndroidStudio3.1
      2018-05-08 17:13 - 2018-05-08 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
      2018-05-08 17:08 - 2018-05-08 17:08 - 000000000 ____D C:\Program Files\Android
      2018-05-08 17:06 - 2018-05-08 17:08 - 794908256 _____ (Google Inc.) C:\Users\Erkant\Downloads\android-studio-ide-173.4720617-windows.exe
      2018-05-08 17:04 - 2018-05-20 17:24 - 000000000 ____D C:\Users\Erkant\.gradle
      2018-05-08 17:04 - 2018-05-20 17:07 - 000000000 ____D C:\Users\Erkant\Downloads\TimeAttendance
      2018-05-08 17:03 - 2018-05-08 22:33 - 000000000 ____D C:\Users\Erkant\Downloads\Manchester-University
      2018-05-08 17:02 - 2018-05-08 17:02 - 004162176 _____ C:\Users\Erkant\Downloads\Manchester-University.rar
      2018-05-07 18:08 - 2018-05-07 18:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
      2018-05-03 13:33 - 2018-05-03 13:33 - 000469851 _____ C:\Users\Erkant\Downloads\TimeAttendance.rar
      2018-05-03 13:24 - 2018-05-03 13:24 - 001438086 _____ (Igor Pavlov) C:\Users\Erkant\Downloads\7z1805-x64.exe
      2018-05-03 13:24 - 2018-05-03 13:24 - 000000000 ____D C:\Program Files\7-Zip
      2018-05-03 12:57 - 2018-05-03 12:57 - 000000000 ____D C:\Users\Erkant\AppData\LocalLow\Temp
      2018-05-02 19:37 - 2018-05-02 19:37 - 000000222 _____ C:\Users\Erkant\Desktop\Fossil Hunters.url
      2018-04-27 19:49 - 2018-04-27 19:49 - 000000000 ____D C:\Users\Erkant\AppData\Local\NVIDIA Corporation
      2018-04-27 19:48 - 2018-05-09 19:05 - 000000000 ____D C:\Users\Erkant\AppData\Local\UnrealEngine
      2018-04-27 19:47 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
      2018-04-27 19:47 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
      2018-04-27 19:47 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
      2018-04-27 19:47 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
      2018-04-27 19:47 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
      2018-04-27 19:47 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
      2018-04-27 19:44 - 2018-04-27 19:44 - 000000000 ____D C:\Users\Erkant\AppData\Local\TekkenGame
      2018-04-27 19:13 - 2018-04-27 19:15 - 022930498 _____ C:\Users\Erkant\Downloads\programming-basics-java-bg.pdf
      2018-04-27 17:59 - 2018-04-27 17:59 - 000000222 _____ C:\Users\Erkant\Desktop\TEKKEN 7.url
      2018-04-26 11:38 - 2018-04-26 11:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
      2018-04-26 11:38 - 2018-04-26 11:36 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2018-04-26 11:37 - 2018-05-08 21:23 - 000000000 ____D C:\WINDOWS\system32\MRT
      2018-04-26 11:36 - 2018-05-08 21:22 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2018-04-26 11:36 - 2018-05-08 21:22 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2018-04-26 00:14 - 2018-04-26 00:14 - 000000000 ____D C:\WINDOWS\InfusedApps
      2018-04-26 00:14 - 2018-04-25 13:28 - 000000000 ____D C:\WINDOWS\Panther
      2018-04-26 00:13 - 2018-04-26 00:13 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
      2018-04-26 00:13 - 2018-04-25 13:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
      2018-04-26 00:11 - 2018-04-26 00:11 - 000000000 ____D C:\WINDOWS\Setup
      2018-04-26 00:10 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\containers
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\yo-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\wo-SN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ur-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ug-CN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\tt-RU
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\tk-TM
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ti-ET
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\te-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ta-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\sw-KE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\sq-AL
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\si-LK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\rw-RW
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\quz-PE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\prs-AF
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\pa-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\or-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\nn-NO
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ne-NP
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\mt-MT
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\mr-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\mn-MN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ml-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\mk-MK
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\lo-LA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\lb-LU
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ky-KG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\kok-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\kn-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\km-KH
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ka-GE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\is-IS
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ig-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\hy-AM
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\gu-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\gd-GB
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ga-IE
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\fil-PH
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\fa-IR
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\cy-GB
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\bn-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\bn-BD
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\be-BY
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\as-IN
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\am-ET
      2018-04-26 00:07 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\af-ZA
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\system32\hi-IN
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\system32\gl-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\system32\eu-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\system32\ca-ES
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\WINDOWS\OCR
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\Program Files\Reference Assemblies
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\Program Files\MSBuild
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
      2018-04-26 00:07 - 2018-04-26 00:07 - 000000000 ____D C:\Program Files (x86)\MSBuild
      2018-04-26 00:03 - 2018-04-26 00:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
      2018-04-26 00:03 - 2018-04-26 00:05 - 000000000 ____D C:\WINDOWS\system32\WCN
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\winrm
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\slmgr
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\bg
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\0409
      2018-04-26 00:03 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\DigitalLocker
      2018-04-25 23:58 - 2018-05-21 15:12 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
      2018-04-25 23:58 - 2018-05-21 14:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
      2018-04-25 23:58 - 2018-05-20 23:58 - 000000000 ___RD C:\Program Files (x86)
      2018-04-25 23:58 - 2018-05-20 21:43 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
      2018-04-25 23:58 - 2018-05-20 18:12 - 000000167 _____ C:\WINDOWS\win.ini
      2018-04-25 23:58 - 2018-05-20 18:04 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2018-04-25 23:58 - 2018-05-20 18:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2018-04-25 23:58 - 2018-05-20 18:01 - 000000000 ____D C:\Program Files\Common Files\system
      2018-04-25 23:58 - 2018-05-19 21:18 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-04-25 23:58 - 2018-05-19 21:18 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-04-25 23:58 - 2018-05-19 13:42 - 000000000 ____D C:\WINDOWS\system32\NDF
      2018-04-25 23:58 - 2018-05-18 00:28 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
      2018-04-25 23:58 - 2018-05-10 21:42 - 000000000 ____D C:\WINDOWS\rescache
      2018-04-25 23:58 - 2018-05-08 23:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
      2018-04-25 23:58 - 2018-05-08 23:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
      2018-04-25 23:58 - 2018-05-08 23:04 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2018-04-25 23:58 - 2018-05-08 23:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2018-04-25 23:58 - 2018-05-08 23:04 - 000000000 ____D C:\WINDOWS\system32\oobe
      2018-04-25 23:58 - 2018-05-08 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
      2018-04-25 23:58 - 2018-05-08 23:04 - 000000000 ____D C:\WINDOWS\ShellExperiences
      2018-04-25 23:58 - 2018-04-27 20:09 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2018-04-25 23:58 - 2018-04-26 11:38 - 000000000 ___RD C:\Program Files\Windows Defender
      2018-04-25 23:58 - 2018-04-26 00:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
      2018-04-25 23:58 - 2018-04-26 00:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
      2018-04-25 23:58 - 2018-04-26 00:14 - 000000000 ____D C:\WINDOWS\CSC
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ___SD C:\WINDOWS\system32\F12
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\TextInput
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\Provisioning
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\WINDOWS\bcastdvr
      2018-04-25 23:58 - 2018-04-26 00:10 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
      2018-04-25 23:58 - 2018-04-26 00:05 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
      2018-04-25 23:58 - 2018-04-26 00:05 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2018-04-25 23:58 - 2018-04-26 00:05 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
      2018-04-25 23:58 - 2018-04-26 00:05 - 000000000 ____D C:\Program Files (x86)\Windows Defender
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ___SD C:\WINDOWS\system32\dsc
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\SysWOW64\com
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\setup
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\MUI
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\system32\com
      2018-04-25 23:58 - 2018-04-26 00:03 - 000000000 ____D C:\WINDOWS\IME
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 __SHD C:\Program Files\Windows Sidebar
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 __RSD C:\WINDOWS\media
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\system32\UNP
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\system32\Nui
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\system32\Configuration
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\system32\AppV
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Web
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Vss
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\tracing
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\TAPI
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SystemResources
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SystemApps
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\winevt
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\spool
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\ras
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\PointOfService
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\MsDtc
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\Ipmi
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\InputMethod
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\inetsrv
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\IME
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\icsxml
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\ias
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\hydrogen
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\downlevel
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\DDFs
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\config\TxR
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\config\Journal
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\Bthprops
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\AppLocker
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\System
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SKB
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\security
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\schemas
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\SchCache
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Resources
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\RemotePackages
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Registration
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\PLA
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Performance
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\ModemLogs
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\L2Schemas
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\InputMethod
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Globalization
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Cursors
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\Branding
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\appcompat
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\addins
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files\Windows Security
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files\Windows Portable Devices
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files\windows nt
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files\Common Files\Services
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files (x86)\windows nt
      2018-04-25 23:58 - 2018-04-25 23:58 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
      2018-04-25 23:58 - 2018-04-25 23:55 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
      2018-04-25 23:58 - 2018-04-25 23:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
      2018-04-25 23:58 - 2018-04-25 23:55 - 000027136 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
      2018-04-25 23:58 - 2018-04-25 23:55 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
      2018-04-25 23:58 - 2018-04-25 23:54 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
      2018-04-25 23:58 - 2018-04-25 23:54 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
      2018-04-25 23:58 - 2018-04-25 23:54 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
      2018-04-25 23:58 - 2018-04-25 23:54 - 000017572 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
      2018-04-25 23:58 - 2018-04-25 23:54 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
      2018-04-25 23:58 - 2018-04-25 23:54 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
      2018-04-25 23:58 - 2018-04-25 23:54 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
      2018-04-25 23:58 - 2018-04-25 23:54 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
      2018-04-25 23:58 - 2018-04-25 23:54 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
      2018-04-25 23:58 - 2018-04-25 23:54 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
      2018-04-25 23:58 - 2018-04-25 23:54 - 000000219 _____ C:\WINDOWS\system.ini
      2018-04-25 23:58 - 2018-04-25 13:28 - 000000000 ____D C:\ProgramData\USOPrivate
      2018-04-25 23:58 - 2018-04-25 13:25 - 000000000 __RHD C:\Users\Public\Libraries
      2018-04-25 23:58 - 2018-04-25 13:23 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
      2018-04-25 23:58 - 2018-04-25 13:22 - 000000000 ____D C:\WINDOWS\system32\Sysprep
      2018-04-25 23:58 - 2018-04-25 13:19 - 000000000 ___RD C:\WINDOWS\PrintDialog
      2018-04-25 23:58 - 2018-04-25 13:18 - 000000000 ____D C:\WINDOWS\Help
      2018-04-25 23:56 - 2018-05-21 14:52 - 000000000 ____D C:\WINDOWS\INF
      2018-04-25 23:42 - 2018-05-08 21:21 - 000000000 ____D C:\WINDOWS\CbsTemp
      2018-04-25 23:38 - 2018-05-21 15:17 - 088342528 _____ C:\WINDOWS\system32\config\SOFTWARE
      2018-04-25 23:38 - 2018-05-21 15:17 - 013107200 _____ C:\WINDOWS\system32\config\SYSTEM
      2018-04-25 23:38 - 2018-05-21 15:17 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
      2018-04-25 23:38 - 2018-05-21 15:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
      2018-04-25 23:38 - 2018-05-21 15:17 - 000024576 _____ C:\WINDOWS\system32\config\SECURITY
      2018-04-25 23:38 - 2018-05-08 23:04 - 000000000 ____D C:\WINDOWS\servicing
      2018-04-25 23:38 - 2018-04-26 00:14 - 000032768 _____ C:\WINDOWS\system32\config\SAM
      2018-04-25 23:38 - 2018-04-25 23:58 - 000000000 ____D C:\WINDOWS\system32\SMI
      2018-04-25 23:38 - 2018-04-25 13:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
      2018-04-25 23:37 - 2018-04-26 00:15 - 000000000 ___HD C:\$SysReset
      2018-04-25 22:44 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
      2018-04-25 22:44 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
      2018-04-25 22:44 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
      2018-04-25 22:44 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
      2018-04-25 22:44 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
      2018-04-25 22:44 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
      2018-04-25 22:44 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
      2018-04-25 22:44 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
      2018-04-25 22:44 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
      2018-04-25 22:44 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
      2018-04-25 22:44 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
      2018-04-25 22:44 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
      2018-04-25 22:44 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
      2018-04-25 22:44 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
      2018-04-25 22:44 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
      2018-04-25 22:44 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
      2018-04-25 22:44 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
      2018-04-25 22:44 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
      2018-04-25 22:44 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
      2018-04-25 22:44 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
      2018-04-25 22:44 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
      2018-04-25 22:44 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
      2018-04-25 22:44 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
      2018-04-25 22:44 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
      2018-04-25 22:44 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
      2018-04-25 22:44 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
      2018-04-25 22:44 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
      2018-04-25 22:44 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
      2018-04-25 22:44 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
      2018-04-25 22:44 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
      2018-04-25 22:44 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
      2018-04-25 22:44 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
      2018-04-25 22:44 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
      2018-04-25 22:44 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
      2018-04-25 22:44 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
      2018-04-25 22:44 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
      2018-04-25 22:44 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
      2018-04-25 22:44 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
      2018-04-25 22:44 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
      2018-04-25 22:44 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
      2018-04-25 22:44 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
      2018-04-25 22:44 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
      2018-04-25 22:44 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
      2018-04-25 22:44 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
      2018-04-25 22:44 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
      2018-04-25 22:44 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
      2018-04-25 22:44 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
      2018-04-25 22:44 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
      2018-04-25 22:44 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
      2018-04-25 22:44 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
      2018-04-25 22:44 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
      2018-04-25 22:44 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
      2018-04-25 22:44 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
      2018-04-25 22:44 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
      2018-04-25 22:44 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
      2018-04-25 22:44 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
      2018-04-25 22:44 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
      2018-04-25 22:44 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
      2018-04-25 22:44 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
      2018-04-25 22:44 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
      2018-04-25 22:44 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
      2018-04-25 22:44 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
      2018-04-25 22:44 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
      2018-04-25 22:44 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
      2018-04-25 22:44 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
      2018-04-25 22:44 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
      2018-04-25 22:44 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
      2018-04-25 22:43 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
      2018-04-25 22:43 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
      2018-04-25 22:43 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
      2018-04-25 22:43 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
      2018-04-25 22:43 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
      2018-04-25 22:43 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
      2018-04-25 22:43 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
      2018-04-25 22:43 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
      2018-04-25 22:43 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
      2018-04-25 22:43 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
      2018-04-25 22:43 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
      2018-04-25 22:43 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
      2018-04-25 22:43 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
      2018-04-25 22:43 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
      2018-04-25 22:43 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
      2018-04-25 22:43 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
      2018-04-25 22:43 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
      2018-04-25 22:43 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
      2018-04-25 22:43 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
      2018-04-25 22:43 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
      2018-04-25 22:43 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
      2018-04-25 22:43 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
      2018-04-25 22:43 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
      2018-04-25 22:43 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
      2018-04-25 22:43 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
      2018-04-25 22:43 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
      2018-04-25 22:43 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
      2018-04-25 22:43 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
      2018-04-25 22:43 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
      2018-04-25 22:43 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
      2018-04-25 22:43 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
      2018-04-25 22:43 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
      2018-04-25 22:43 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
      2018-04-25 22:43 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
      2018-04-25 22:43 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
      2018-04-25 22:43 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
      2018-04-25 22:43 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
      2018-04-25 22:43 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
      2018-04-25 22:43 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
      2018-04-25 22:43 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
      2018-04-25 22:43 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
      2018-04-25 22:43 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
      2018-04-25 22:43 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
      2018-04-25 22:43 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
      2018-04-25 22:43 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
      2018-04-25 22:43 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
      2018-04-25 22:43 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
      2018-04-25 22:43 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
      2018-04-25 22:43 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
      2018-04-25 22:43 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
      2018-04-25 22:43 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
      2018-04-25 22:41 - 2018-04-25 22:44 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
      2018-04-25 22:41 - 2018-04-25 22:41 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
      2018-04-25 22:41 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
      2018-04-25 22:41 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
      2018-04-25 22:41 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
      2018-04-25 22:41 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
      2018-04-25 22:41 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
      2018-04-25 22:41 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
      2018-04-25 21:49 - 2018-04-25 21:49 - 000000000 ____D C:\Users\Erkant\AppData\Local\DBG
      2018-04-25 21:48 - 2018-05-09 19:05 - 000000000 ____D C:\ProgramData\Package Cache
      2018-04-25 20:26 - 2018-04-25 20:26 - 000000222 _____ C:\Users\Erkant\Desktop\Bastion.url
      2018-04-25 14:36 - 2018-04-26 11:11 - 000000000 ____D C:\Users\Erkant\AppData\Local\Steam
      2018-04-25 14:36 - 2018-04-25 14:36 - 000000000 ____D C:\Users\Erkant\AppData\Local\CEF
      2018-04-25 14:35 - 2018-05-20 01:46 - 000000000 ____D C:\Users\Erkant\AppData\Local\Eclipse
      2018-04-25 14:35 - 2018-04-25 14:35 - 000001087 _____ C:\Users\Erkant\Desktop\Eclipse Java Oxygen.lnk
      2018-04-25 14:30 - 2018-05-21 15:45 - 000000000 ____D C:\Program Files (x86)\Steam
      2018-04-25 14:30 - 2018-04-25 14:30 - 000001028 _____ C:\Users\Public\Desktop\Steam.lnk
      2018-04-25 14:27 - 2018-05-10 16:19 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Notepad++
      2018-04-25 14:27 - 2018-04-25 14:28 - 000000000 ____D C:\Program Files\Notepad++
      2018-04-25 14:27 - 2018-04-25 14:27 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
      2018-04-25 14:21 - 2018-04-25 14:21 - 000003734 _____ C:\WINDOWS\System32\Tasks\JavaUpdateSched
      2018-04-25 14:21 - 2018-04-25 14:21 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Sun
      2018-04-25 14:21 - 2018-04-25 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2018-04-25 14:21 - 2018-04-25 14:20 - 000144448 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
      2018-04-25 14:14 - 2018-04-25 14:20 - 000000000 ____D C:\Program Files\Java
      2018-04-25 14:10 - 2018-04-25 14:10 - 000000000 ____D C:\ProgramData\Oracle
      2018-04-25 13:54 - 2018-04-25 13:54 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Google
      2018-04-25 13:50 - 2018-05-17 21:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-04-25 13:50 - 2018-05-17 21:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-04-25 13:50 - 2018-05-17 21:09 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-04-25 13:50 - 2018-05-17 21:09 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-04-25 13:49 - 2018-05-21 01:16 - 000000000 ____D C:\Program Files (x86)\Google
      2018-04-25 13:49 - 2018-04-25 14:50 - 000000000 ____D C:\Users\Erkant\AppData\Local\Google
      2018-04-25 13:48 - 2018-04-25 13:48 - 000000000 ____D C:\Users\Erkant\AppData\Local\PeerDistRepub
      2018-04-25 13:33 - 2018-04-25 13:33 - 000000000 ____D C:\ProgramData\USOShared
      2018-04-25 13:31 - 2018-04-25 13:32 - 000000000 ___RD C:\Users\Erkant\OneDrive
      2018-04-25 13:30 - 2018-04-25 13:30 - 000000000 ____D C:\Users\Erkant\AppData\Local\Comms
      2018-04-25 13:30 - 2018-04-25 13:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
      2018-04-25 13:29 - 2018-05-21 14:13 - 000996206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-04-25 13:29 - 2018-04-25 13:29 - 000000000 ____D C:\Users\Erkant\AppData\Local\Publishers
      2018-04-25 13:29 - 2018-04-25 13:29 - 000000000 ____D C:\Users\Erkant\AppData\Local\MicrosoftEdge
      2018-04-25 13:28 - 2018-05-20 23:55 - 000000000 ____D C:\Users\Erkant\AppData\Local\Packages
      2018-04-25 13:28 - 2018-04-25 13:28 - 000000020 ___SH C:\Users\Erkant\ntuser.ini
      2018-04-25 13:28 - 2018-04-25 13:28 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Adobe
      2018-04-25 13:28 - 2018-04-25 13:28 - 000000000 ____D C:\Users\Erkant\AppData\Local\VirtualStore
      2018-04-25 13:28 - 2018-04-25 13:28 - 000000000 ____D C:\Users\Erkant\AppData\Local\ConnectedDevicesPlatform
      2018-04-25 13:27 - 2018-04-25 13:27 - 000000000 _SHDL C:\Users\Default User
      2018-04-25 13:27 - 2018-04-25 13:27 - 000000000 _SHDL C:\Users\All Users
      2018-04-25 13:26 - 2018-05-21 15:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-04-25 13:22 - 2018-05-21 13:51 - 000000000 ____D C:\Users\Erkant
      2018-04-25 13:19 - 2018-03-13 08:02 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
      2018-04-25 13:18 - 2018-05-21 15:17 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____H C:\ProgramData\DP45977C.lfl
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\WINDOWS\system32\DAX3
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\WINDOWS\system32\DAX2
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\ProgramData\Audyssey Labs
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2018-04-25 13:18 - 2018-04-25 13:18 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2018-04-25 13:18 - 2017-10-27 19:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
      2018-04-25 13:18 - 2017-10-27 19:12 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
      2018-04-25 13:18 - 2017-10-27 19:12 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
      2018-04-25 13:18 - 2017-10-25 13:33 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
      2018-04-25 13:17 - 2018-04-25 13:17 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
      2018-04-25 13:17 - 2018-04-25 13:17 - 000000000 ____D C:\Program Files\Realtek
      2018-04-25 13:16 - 2018-05-21 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2018-04-25 13:16 - 2018-05-21 01:16 - 000393320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-04-21 22:43 - 2018-04-21 22:43 - 000000000 ____D C:\Users\Erkant\AppData\LocalLow\Reptoid Games
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-05-20 01:46 - 2018-03-14 17:53 - 000000000 ____D C:\Users\Erkant\.p2
      2018-05-19 14:46 - 2018-04-17 11:42 - 000000073 _____ C:\Users\Erkant\Desktop\Key.txt
      2018-05-16 00:46 - 2018-03-13 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2018-05-10 16:38 - 2018-03-14 17:58 - 000000000 ____D C:\Users\Erkant\eclipse-workspace
      2018-05-08 23:09 - 2018-03-13 00:04 - 000000000 __RHD C:\Users\Public\AccountPictures
      2018-05-08 23:09 - 2018-03-13 00:04 - 000000000 ___RD C:\Users\Erkant\3D Objects
      2018-05-08 21:16 - 2017-09-29 16:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
      2018-05-08 21:15 - 2017-09-29 16:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
      2018-05-08 21:15 - 2017-09-29 16:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
      2018-05-08 21:15 - 2017-09-29 16:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
      2018-05-03 13:24 - 2018-03-13 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
      2018-04-25 14:32 - 2018-03-14 17:54 - 000000000 ____D C:\Users\Erkant\eclipse
      2018-04-25 14:30 - 2018-03-14 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
      2018-04-25 14:27 - 2018-03-14 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
      2018-04-25 14:21 - 2018-03-14 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
      2018-04-25 13:25 - 2018-04-05 13:24 - 000000000 ___SD C:\Users\Erkant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
      2018-04-25 13:25 - 2018-03-14 17:57 - 000000000 ____D C:\Users\Erkant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
      Some files in TEMP:
      ====================
      2018-05-21 13:39 - 2018-05-21 13:26 - 078346672 _____ (Malwarebytes                                                ) C:\Users\Erkant\AppData\Local\Temp\mb3-setup-consumer-3.3.1.2183.exe
      2018-05-21 15:15 - 2018-05-21 15:14 - 074288784 _____ (Malwarebytes                                                ) C:\Users\Erkant\AppData\Local\Temp\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.4968.exe
      2017-10-26 11:07 - 2017-10-26 11:07 - 000488960 _____ () C:\Users\Erkant\AppData\Local\Temp\sqlite3.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-05-18 00:28
      ==================== End of FRST.txt ============================
       
       
      Addition_21-05-2018 16.20.10.txt
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.