Премини към съдържанието
15 години Kaldata.com – време е да почерпим! Прочети още... ×

Препоръчан отговор


Здравейте !!! От известно време имам проблеми с лаптопа ми. Значи става въпрос за това, като отварям страници с Експлорер и ми се отварят други нежелани уеб страницни, някой път са на китайки език (за езика не съм на 100 % сигурен че е китайки), също така друг проблем е когато искам да влезна в пощата си в абв и когато натисна да си напиша името, и тогава пак ми излизат такива страници и изобщо не ми дава маркера за да си напиша името и паролата.

Лаптопа е HP Pavilion g6 , 4GB Ram, 750 HDD, B960 - procesor.

Windows Home Premium ми е операционната система, която е оригинална и карам с нея 2 години.

Общо взето това е , ако имате въпроси ще отговоря в последствие. Благодаря много :)

Ето ги и лог файловете:

 

DDS

 

DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 9.10.9200.16635 Run by Dzhemal at 14:51:29 on 2013-07-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.4044.2405 [GMT 3:00] . AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe C:Windowssystem32svchost.exe -k RPCSS C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:Program Files (x86)Software Platesvcgdp.exe C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k netsvcs C:Program FilesIDTWDMSTacSV64.exe C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k NetworkService C:WindowsSystem32spoolsv.exe C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe C:WindowsSysWOW64ezSharedSvcHost.exe C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Program Files (x86)MicrosoftBingBarSeaPort.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:Program Files (x86)SafeIPSafeIPs.exe C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32taskhost.exe C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccSvcHst.exe C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesIDTWDMsttray64.exe C:Program FilesWindows Sidebarsidebar.exe C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe C:Program Files (x86)SkypePhoneSkype.exe C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpConnectionManager.exe C:Program Files (x86)Winampwinampa.exe C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32taskeng.exe C:Program Files (x86)CyberLinkYouCamYCMMirage.exe C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe C:Program Files (x86)uTorrentuTorrent.exe C:Program Files (x86)VIVACOM 3G USB MODEMHspa USB Modem.exe C:Program Files (x86)Smiley Bar for FacebookPropertySync.exe C:Windowssystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe C:Windowssystem32wbemwmiprvse.exe C:WindowsSystem32WUDFHost.exe C:Program FilesInternet Exploreriexplore.exe C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:Program Files (x86)Internet ExplorerIEXPLORE.EXE C:WindowsSystem32MsSpellCheckingFacility.exe C:Windowssystem32conhost.exe C:WindowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mURLSearchHooks: Winamp Toolbar Search Class: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:Program Files (x86)Winamp Toolbarwinamptb.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll mURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:Program Files (x86)Winamp Toolbarwinamptb.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17bhBabylonToolbar.dll BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ipsipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Smiley Bar for Facebook: {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:Program Files (x86)Smiley Bar for FacebookScriptHost.dll BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASCPlugin_Protection.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll BHO: Proxy Help: {F386E548-C533-472E-8C61-C026FB14FEB9} - C:WindowsSysWOW64Newtabs_22find.dll BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:Program Files (x86)uTorrentBarprxtbuTor.dll TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:Program Files (x86)ConduitEngineprxConduitEngin.dll TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:Program Files (x86)Winamp Toolbarwinamptb.dll TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:Program Files (x86)MyAshampootbMyAs.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.5.3.17BabylonToolbarTlbr.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14coieplg.dll TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:Program Files (x86)BS_PlayerprxtbBS_P.dll uRun: [Google Update] "C:UsersDzhemalAppDataLocalGoogleUpdateGoogleUpdate.exe" /c uRun: [sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun uRun: [Advanced SystemCare 6] "C:Program Files (x86)IObitAdvanced SystemCare 6ASCTray.exe" /AutoStart uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun uRun: [GoogleDriveSync] "C:Program Files (x86)GoogleDrivegoogledrivesync.exe" /autostart uRunOnce: [FlashPlayerUpdate] C:WindowsSystem32MacromedFlashFlashUtil64_11_1_102_ActiveX.exe -update activex mRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe mRun: [HPConnectionManager] C:Program Files (x86)Hewlett-PackardHP Connection ManagerHPCMDelayStart.exe mRun: [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe mRun: [WinampAgent] "C:Program Files (x86)Winampwinampa.exe" mRun: [ModemListener] C:Program Files (x86)VIVACOM 3G USB MODEMModemListener.exe start mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" mRun: [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe mRun: [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckNCLauncherFromIE.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204 LSP: C:WindowsSystem32SafeIPs.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}1417E637B696 : DHCPNameServer = 192.168.2.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}354716D42633475502940786F6E656 : DHCPNameServer = 172.30.139.17 172.30.140.69 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}4596D6566796D2144435C4 : DHCPNameServer = 192.168.1.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}84F64756C6F52516A7C6F676F553 : DHCPNameServer = 192.168.66.1 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D4562796461633 : DHCPNameServer = 212.39.90.42 212.39.90.43 TCP: Interfaces{076D2BED-0D24-460C-918E-196FE4EEA97E}D494C4C454E49455D4 : DHCPNameServer = 212.39.90.42 8.8.8.8 TCP: Interfaces{081680D8-998A-4C20-B247-3A6FC448AA3D} : DHCPNameServer = 194.141.86.3 194.141.0.3 194.141.0.4 TCP: Interfaces{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer = 212.39.90.42 212.39.90.43 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:WindowsSysWOW64ezUPBHook.dll LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exe x64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe x64-Run: [Persistence] C:WindowsSystem32igfxpers.exe x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe x64-Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 ifrhgnqeeotnzrmz.ru tgp.buzzsession.com upgrade.questscantwo.com images.specialnetoffer.com boldchat.com viqrzfvi.freewww.biz scrooge.nbcsandiego.com ptichka.ru ads.bleepingcomputer.com . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:WindowsSystem32driversNISx641309010.00Esymds64.sys [2013-2-6 451192] R0 SymEFA;Symantec Extended File Attributes;C:WindowsSystem32driversNISx641309010.00Esymefa64.sys [2013-2-6 1129120] R1 BHDrvx64;BHDrvx64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsBASHDefs20130715.001BHDrvx64.sys [2013-7-17 1393240] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:WindowsSystem32driversNISx641309010.00Eccsetx64.sys [2013-2-6 167072] R1 IDSVia64;IDSVia64;C:ProgramDataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NIS_19.8.0.14DefinitionsIPSDefs20130719.002IDSviA64.sys [2013-7-19 513184] R1 SymIRON;Symantec Iron Driver;C:WindowsSystem32driversNISx641309010.00Eironx64.sys [2013-2-6 190072] R1 SymNetS;Symantec Network Security WFP Driver;C:WindowsSystem32driversNISx641309010.00Esymnets.sys [2013-2-6 405624] R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2012-1-3 63928] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [2012-12-24 464256] R2 DeviceManager;DeviceManager;C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start --> C:Program Files (x86)Common FilesDeviceHelperDeviceManager.exe -start [?] R2 ezSharedSvc;Easybits Services for Windows;C:WindowsSystem32ezSharedSvcHost.exe --> C:WindowsSystem32ezSharedSvcHost.exe [?] R2 HP Support Assistant Service;HP Support Assistant Service;C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-8-6 291896] R2 HPWMISVC;HPWMISVC;C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe [2012-3-5 35200] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2011-5-30 13336] R2 IconMan_R;IconMan_R;C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2011-5-30 2372096] R2 NIS;Norton Internet Security;C:Program Files (x86)Norton Internet SecurityEngine19.9.1.14ccsvchst.exe [2013-2-6 138272] R2 svcgdp;software services;C:Program Files (x86)Software Platesvcgdp.exe [2012-8-18 224416] R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2011-5-30 2656280] R3 clwvd;CyberLink WebCam Virtual Driver;C:WindowsSystem32driversclwvd.sys [2010-7-28 31088] R3 hpCMSrv;HP Connection Manager 4.0 Service;C:Program Files (x86)Hewlett-PackardHP Connection ManagerhpCMSrv.exe [2011-2-16 1071160] R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2011-4-12 317440] R3 jrdusbser;Mobile Connector Device for Legacy Serial Communication;C:WindowsSystem32driversjrdusbser.sys [2011-12-14 119680] R3 MEIx64;Intel® Management Engine Interface;C:WindowsSystem32driversHECIx64.sys [2010-10-20 56344] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:WindowsSystem32driversnetr28x.sys [2011-5-30 1860672] R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2013-1-9 565352] R3 SafeIPS;SafeIPS;C:Program Files (x86)SafeIPSafeIPS.exe [2012-12-26 3797184] S2 gupdate;Услуга на Google Актуализация (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-1-8 161536] S3 BBSvc;Bing Bar Update Service;C:Program Files (x86)MicrosoftBingBarBBSvc.EXE [2011-3-2 183560] S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072] S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2012-8-18 116648] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2012-12-15 19456] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:WindowsSystem32driversRtsPStor.sys [2011-5-30 335464] S3 SrvHsfHDA;SrvHsfHDA;C:WindowsSystem32driversVSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:WindowsSystem32driversVSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:WindowsSystem32driversVSTCNXT6.SYS [2009-7-14 740864] S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2012-12-15 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2012-12-15 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2012-8-18 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-07-20 01:09:38 9216 ----a-w- C:Program Files (x86)Windows DefenderMpAsDesc.dll 2013-07-20 01:09:38 571904 ----a-w- C:Program FilesWindows DefenderMpClient.dll 2013-07-20 01:09:38 54784 ----a-w- C:Program Files (x86)Windows DefenderMpOAV.dll 2013-07-20 01:09:38 4608 ----a-w- C:Program Files (x86)Windows DefenderMsMpLics.dll 2013-07-20 01:09:38 392704 ----a-w- C:Program Files (x86)Windows DefenderMpClient.dll 2013-07-20 01:09:38 314880 ----a-w- C:Program FilesWindows DefenderMpCommu.dll 2013-07-20 01:09:38 1011712 ----a-w- C:Program FilesWindows DefenderMpSvc.dll 2013-07-20 01:04:30 1887744 ----a-w- C:WindowsSystem32WMVDECOD.DLL 2013-07-20 01:04:29 1620480 ----a-w- C:WindowsSysWow64WMVDECOD.DLL 2013-07-20 00:59:37 3153920 ----a-w- C:WindowsSystem32win32k.sys 2013-07-12 07:04:20 1367040 ----a-w- C:Program FilesCommon FilesMicrosoft Sharedinkjournal.dll 2013-07-12 07:04:19 936448 ----a-w- C:Program Files (x86)Common FilesMicrosoft Sharedinkjournal.dll 2013-07-12 06:54:07 1643520 ----a-w- C:WindowsSystem32DWrite.dll 2013-07-12 06:54:07 1247744 ----a-w- C:WindowsSysWow64DWrite.dll 2013-07-12 06:44:55 624128 ----a-w- C:WindowsSystem32qedit.dll 2013-07-12 06:44:55 509440 ----a-w- C:WindowsSysWow64qedit.dll 2013-07-09 09:14:13 -------- d-s---w- C:UsersDzhemalGoogle Диск 2013-06-22 18:49:54 8199504 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition UpdatesBackupmpengine.dll 2013-06-22 18:49:48 9552976 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{6181C238-CB68-4B11-AFB2-ADFF05264407}mpengine.dll . ==================== Find3M  ==================== . 2013-06-13 20:26:22 1910632 ----a-w- C:WindowsSystem32driverstcpip.sys 2013-06-13 20:24:56 751104 ----a-w- C:WindowsSystem32win32spl.dll 2013-06-13 20:24:56 492544 ----a-w- C:WindowsSysWow64win32spl.dll 2013-06-13 20:24:38 30720 ----a-w- C:WindowsSystem32cryptdlg.dll 2013-06-13 20:24:38 24576 ----a-w- C:WindowsSysWow64cryptdlg.dll 2013-06-11 23:43:37 1767936 ----a-w- C:WindowsSysWow64wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:WindowsSysWow64jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:WindowsSysWow64iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:WindowsSysWow64iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:WindowsSystem32wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:WindowsSystem32jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:WindowsSystem32iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:WindowsSystem32iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:WindowsSystem32mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb 2013-05-28 20:50:06 9728 ---ha-w- C:WindowsSysWow64api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-20 17:12:53 983400 ----a-w- C:WindowsSystem32driversdxgkrnl.sys 2013-05-20 17:12:53 265064 ----a-w- C:WindowsSystem32driversdxgmms1.sys 2013-05-20 17:12:53 144384 ----a-w- C:WindowsSystem32cdd.dll 2013-05-20 16:36:14 1930752 ----a-w- C:WindowsSystem32authui.dll 2013-05-20 16:36:13 70144 ----a-w- C:WindowsSystem32appinfo.dll 2013-05-20 16:36:13 1796096 ----a-w- C:WindowsSysWow64authui.dll 2013-05-20 16:36:13 111448 ----a-w- C:WindowsSystem32consent.exe 2013-05-20 16:19:39 48640 ----a-w- C:WindowsSystem32wwanprotdim.dll 2013-05-20 16:19:39 230400 ----a-w- C:WindowsSystem32wwansvc.dll 2013-05-20 16:19:27 474624 ----a-w- C:WindowsapppatchAcSpecfc.dll 2013-05-20 16:19:27 350208 ----a-w- C:WindowsapppatchAppPatch64AcLayers.dll 2013-05-20 16:19:27 308736 ----a-w- C:WindowsapppatchAppPatch64AcGenral.dll 2013-05-20 16:19:27 2176512 ----a-w- C:WindowsapppatchAcGenral.dll 2013-05-20 16:19:27 135168 ----a-w- C:WindowsapppatchAppPatch64AcXtrnal.dll 2013-05-20 16:19:27 111104 ----a-w- C:WindowsapppatchAppPatch64acspecfc.dll 2013-05-06 10:13:15 1656680 ----a-w- C:WindowsSystem32driversntfs.sys 2013-05-06 10:11:53 223752 ----a-w- C:WindowsSystem32driversfvevol.sys 2013-05-01 23:06:08 278800 ------w- C:WindowsSystem32MpSigStub.exe . ============= FINISH: 14:52:20,54 ===============

 

 

 

Attack:

 

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume2 Install Date: 19.8.2011 г. 18:03:06 System Uptime: 21.7.2013 г. 22:18:53 (16 hours ago) . Motherboard: Hewlett-Packard |  | 166F Processor: Intel® Pentium® CPU B940 @ 2.00GHz | CPU1 | 800/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 343 GiB total, 221,082 GiB free. D: is FIXED (NTFS) - 14 GiB total, 1,513 GiB free. E: is CDROM () F: is Removable G: is FIXED (NTFS) - 342 GiB total, 175,825 GiB free. H: is FIXED (FAT32) - 0 GiB total, 0,082 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP165: 22.6.2013 г. 21:20:01 - Windows Modules Installer RP166: 2.7.2013 г. 13:19:45 - Scheduled Checkpoint RP167: 12.7.2013 г. 00:15:06 - Scheduled Checkpoint RP168: 12.7.2013 г. 10:48:44 - Windows Update RP169: 19.7.2013 г. 18:23:09 - Scheduled Checkpoint RP170: 21.7.2013 г. 03:00:12 - Windows Update . ==== Installed Programs ====================== . µTorrent 50 FREE MP3s +1 Free Audiobook! Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Reader X (10.1.3) MUI Advanced SystemCare 6 Agatha Christie - Peril at End House Ashampoo Magical Optimizer 1.22 Babylon toolbar on IE Bejeweled 2 Deluxe Bejeweled 3 Bing Bar Blackhawk Striker 2 Blasterball 3 Bounce Symphony BS Player Toolbar BS.Player FREE Build-a-lot 2 Cake Mania Chuzzle Deluxe Conduit Engine CyberLink YouCam D3DX10 Diner Dash 2 Restaurant Rescue Dora's World Adventure Download Updater (AOL LLC) Energy Star Digital Logo ESU for Microsoft Windows 7 Evernote v. 4.2.2 Farm Frenzy FATE - The Traitor Soul Final Drive Nitro Google Chrome Google Drive Google Earth Google Update Helper Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Connection Manager HP Customer Experience Enhancements HP Documentation HP Games HP On Screen Display HP Power Manager HP Quick Launch HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 24 Java 6 Update 24 (64-bit) Junk Mail filter update K-Lite Codec Pack 6.0.0 (Full) Magic Desktop Mah Jong Medley Mesh Runtime Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT MSVCRT_amd64 MyAshampoo Toolbar Mystery P.I. - Stolen in San Francisco Namco All-Stars PAC-MAN Nero 7 Premium NewTabs Uninstall Norton Internet Security Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer Ralink RT5390 802.11b/g/n WiFi Adapter Realtek Ethernet Controller Driver Realtek PCIE Card Reader Recovery Manager SA Dictionary 2008 Beta 4 SafeIP Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shared C Run-time for x64 Skype Click to Call Skype™ 6.1 Slingo Supreme Smiley Bar for Facebook Software Plate Synaptics Pointing Device Driver The KMPlayer (remove only) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update Installer for WildTangent Games App uTorrentBar Toolbar V9 Homepage Uninstaller Virtual Villagers 4 - The Tree of Life VIVACOM 3G USB MODEM WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Winamp Toolbar Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 21.7.2013 г. 03:13:22, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service. 21.7.2013 г. 03:13:22, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-2147218173. 21.7.2013 г. 03:11:07, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied.. 21.7.2013 г. 03:10:13, Error: volmgr [46]  - Crash dump initialization failed! 19.7.2013 г. 00:38:40, Error: Service Control Manager [7034]  - The Audio Service service terminated unexpectedly.  It has done this 1 time(s). 17.7.2013 г. 16:19:04, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Да започнем с това;

  • [*]Изтеглете
RogueKiller.exe и го запазете на десктопа. [*]Стартирайте приложението и натиснете бутона SCAN. [*]Ще се създаде лог файл на десктопа с името RKreport.txt на десктопа. [*]Публикувайте лог файла в следващия си коментар.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте , изпълних всичко което казахте, но малко преди са приключи сканирането програмата заби, и излезна квадратче на което пише RoogueKiller was stop wornikg. Повторих пак и този път завърши сканирането . Ето го лога :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 16:54:25 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_165425.txt >>

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стартирайте отново RogueKiller и изчакайте първоначалната проверка да приключи.

След това натиснете Scan.

След като приключи отидете до секцията Hosts и натиснете таба Fix Hosts

 

Възможно е да ви  поиска рестарт. Съгласете се.

След рестарта моля публикувайте новите лог файлове от RogueKiller в следващия си коментар.
  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

не ми поиска рестарт. Логовете :

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : Scan -- Date : 07/22/2013 18:26:03 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> FOUND [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++ --- User --- [MBR] e7291a51bdd97332dc7de6d4a517066e [bSP] 43acc1143e6db16be49149e712bbde49 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo 1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 409600 | Size: 351194 Mo 3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 719654912 | Size: 364009 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 7d1b6db635bd5729c751827a64459154 [bSP] 8cb2736df4e3428c618e11c1ff6aa842 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[0]_S_07222013_182603.txt >> RKreport[0]_S_07222013_165425.txt

 

 

 

 

 

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dzhemal [Admin rights] Mode : HOSTSFix -- Date : 07/22/2013 18:26:32 | ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤ [DNS] HKLM[...]CCSet[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [DNS] HKLM[...]CS001[...]{3CD6BAB7-D4B1-470B-ACCE-77332F076F19} : NameServer (212.39.90.42 212.39.90.43) -> NOT REMOVED, USE DNSFIX [HJ POL] HKLM[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM[...]Wow6432Node[...]System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU[...]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts|Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%System32driversetchosts

127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com --> Potentially malicious! 127.0.0.1 7c74a4bc5dd3df5db4c2aa7a3dd5cce6.org blackmandz.com kkkarow-judo.de www3.doubleclick.com gpaper117.112.2o7.net ufhwf8093hrdsf.com www.flash-counter.com ads27.hpg.com.br watisawarosydok.org --> Potentially malicious! 127.0.0.1 lejbomor.ru clickauditor.net jarasumjazz.com ad.eg.doubleclick.net ads.jpost.com toronto-locksmith.biz upmqpwyndzwzmmwy.ru c1z.at ad73.hpg.com.br --> Potentially malicious! 127.0.0.1 intervalsselfservice.pro ads.wunderground.com ciao.ivwbox.de betasreceivable.org count72.51yes.com count621.51yes.com 718unlimited.com rewardster.com googleads.g.doubleclick.net --> Potentially malicious! 127.0.0.1 08.185.87.17.liveadvert.com downx.52z.com pamiangsao.com counter.bloke.com 208.185.87.112.liveadvert.com ad.primopdf.com ad.eurosport.com chemmannurkuries.com gan.doubleclick.net --> Potentially malicious! 127.0.0.1 widowadvertising.net gnndfe.zyns.com ad203.hpg.com.br brandnameshoppin.cn imperial-groupsvc.net bakveli.net ad236.paycount.com count833.51yes.com ad.au.doubleclick.net --> Potentially malicious! 127.0.0.1 ads.creative-serving.com 7254da45bf6a7e358e456f1a86cd92c1.org 9bfc110f5d387f09e74910496b35181f.org ad.it.doubleclick.net www.exactadvertising.com 186.6.87.194.dynamic.dol.ru sb.scorecardresearch.com count847.51yes.com advert234.hpg.com.br --> Potentially malicious! 127.0.0.1 calicutinternationalschool.com clicktrade.linkexchange.net clicks.net doubleclick.d4p.net ads1.theglobeandmail.com boom.ro classbasecamp.pro kaleidosskop.ru tns-counter.ru --> Potentially malicious! 127.0.0.1 ads.51.net www.counter4all.de ad.pt.doubleclick.net www-google-analytics.l.google.com media.popuptraffic.com tracker.snowball.com koelnrsc.ivwbox.de jewelsactuality.ru cassandrarice.com --> Potentially malicious! 127.0.0.1 uwfekfyj.ru ad.pl.doubleclick.net imapscans.info tds-23vb8g5ff.co.cc emulatesdigital.pro 08.185.87.146.liveadvert.com etritotube.net ter00alsy.rr.nu adnet.worldreviewer.com --> Potentially malicious! 127.0.0.1 rampidads.com easy-ad.info nrtjny.sellclassics.com bannercampaign.com ads07.focalink.com c7.statcounter.com 7x70.com count801.51yes.com trackads.com --> Potentially malicious! 127.0.0.1 invoicedimplementations.info 179fed8d388a1afd3e901cd2bdd761c0.info goptres.co.cc sedfer.com ns1.doubleclick.net dominoforsale.biz penavare.com lottomeca.com count455.51yes.com --> Potentially malicious! 127.0.0.1 c16.statcounter.com crowgerber.ru ypmptx.in ad191.hpg.com.br geoloc78.geovisite.com count931.51yes.com sdlcuauo.cn ad.gt.doubleclick.net thldkvcgbkzcbfxw.ru --> Potentially malicious! 127.0.0.1 rovio3.appads.com ad174.paycount.com ad.co.doubleclick.net adimage.guardian.co.uk helpmetoretire.com qnit9x.com adrotate.sytes.net adminder.com www.istats.nl --> Potentially malicious! 127.0.0.1 www5.yesadvertising.com professorbanner.com scrooge.wsoctv.com weirdplanet.net visit.webhosting.yahoo.com ads.bigasia.com ad.ca.doubleclick.net securitymonitor2012in.com successfulmpfs.org --> Potentially malicious! 127.0.0.1 08.185.87.176.liveadvert.com ds.ign.us.intellitxt.com img.msgtag.com bizad.nikkeibp.co.jp ads.top500.org admeta.com 142.6.87.194.dynamic.dol.ru c32.statcounter.com ads.edbindex.dk --> Potentially malicious! 127.0.0.1 stat.alibaba.com netshelter.net thelemoncity.com ads123.hpg.com.br allcomrades.com c12.statcounter.com aprombz.com super67.me gassystem.co.kr --> Potentially malicious! 127.0.0.1 kiportal.net yesky.com simlossim.epac.to 08.185.87.143.liveadvert.com wfslwzbmj.freewww.biz ad.fr.doubleclick.net mnszyhxgp.freewww.biz a19.g.akamai.net www.marketplacemanager.com --> Potentially malicious! 127.0.0.1 hyoxnckrngodoret.ru 08.185.87.35.liveadvert.com www.mytiwi.com pannatex.com 123counts.com ad210.paycount.com ad.jp.doubleclick.net earing-debasededit.hk.ms antispy-online90.com --> Potentially malicious! 127.0.0.1 stats.trafficjuicer.com selmoipourtoi.net ewnnd.ru activetrakresponsible.pro storesseeks.in www.doubleclick.ne.jp 910ec64a02c66d8b2ce0454051de1d09.info u074.03.spylog.com avgtechnologies.112.2o7.net --> Potentially malicious! 127.0.0.1 ad.ie.doubleclick.net secree.com mysa.belointeractive.com n6sc.info ohbjirqfm.freewww.biz vg07.met.vgwort.de wdata.ero-advertising.com partners.priceline.com keepit.freebieandcouponmom.com --> Potentially malicious! 127.0.0.1 cashengines.com trytokickmewhenimoneywwww2.com rantcloned.org wswb1.surf-town.net ads.outpersonals.com ad.no.doubleclick.net sugoicounter.com xml.adtech.fr alenty.com --> Potentially malicious! 127.0.0.1 count880.51yes.com cheapflightsonsale.com securelive.co.kr pics3.inxhost.com u1773.34.spylog.com mcfestaseventos.com.br www.sociomantic.com live.sekindo.com doubleclick.shockwave.com --> Potentially malicious! 127.0.0.1 eightfoldlogic.com affiliate.ab1trk.com trafficparade.com adclick.com ad.mx.doubleclick.net 411affiliates.ca click.dagbladet.no 5.6.87.194.dynamic.dol.ru westernillusion.com --> Potentially malicious! 127.0.0.1 nyttechnology.112.2o7.net 08.185.87.31.liveadvert.com www.yourhitstats.com adsklick.de creast.afkepock.com rupeksa.com www.wwwetracker.com ad-emea.doubleclick.net count450.51yes.com --> Potentially malicious! 127.0.0.1 clavosdecristo.es u024.10.spylog.com ad.cl.doubleclick.net rgadvert.com rubiconproject.com myeducationcompany.com ahyea.com 28.6.87.194.dynamic.dol.ru count225.51yes.com --> Potentially malicious! 127.0.0.1 adthis.com 208.185.87.32.liveadvert.com www.pigment-adv.co.il kelaxserv56.in tldadserv.com ad.us.doubleclick.net ad176.hpg.com.br xerta.lenuerry.com razumtds.ws --> Potentially malicious! 127.0.0.1 ads.asp.net blog.ero-advertising.com c10.statcounter.com stoorvogelsoftware.nl yasarsigorta.com high-update.com adclient.detelefoongids.nl top-site-list.com integrate.com --> Potentially malicious! 127.0.0.1 prefisio.com.br trk.blamads.com 11.blogbestsites.com anapoli.ru ad.tw.doubleclick.net cbird6.sextracker.com ad.hyena.cz latebin.ru tracking.voltagesearch.com --> Potentially malicious! 127.0.0.1 zaefofin.ru leprisoruim.ru www.achmedia.com a5.websponsors.com entrepreneur.us.intellitxt.com norilsknikeli.ru s2.statcounter.com count988.51yes.com baeisa.co.cc --> Potentially malicious! 127.0.0.1 adsonar.com netreflector.com counter17.bravenet.com mi-web31.prod.millennialmedia.com count783.51yes.com ads.isoftmarketing.com ir.doubleclick.net secure.quantserve.com ad160.hpg.com.br --> Potentially malicious! 127.0.0.1 2fflatfee.ero-advertising.com cobrands.mailermailer.com ad235.paycount.com rubilonk.info apendiksator.ru ad.dk.doubleclick.net traffka.eu www5.click-fr.com bank44.ads.mp.mydas.mobi --> Potentially malicious! 127.0.0.1 ictgroupnet.cc splitteroverwhelmingly.pro nmnandomedia.112.2o7.net ads.nordichardware.com truehits1.gits.net.th ads.bigfoot.com epiccash.com kvvkprxkpnbebixguhtcfajrdm.info www.doubleclick.de --> Potentially malicious! 127.0.0.1 count840.51yes.com ad.es.doubleclick.net zvhtkpsnmdy.info itillc.com nl.topstat.com ads.adohana.com siteminer.superstats.com ad15.paycount.com darkscape.info --> Potentially malicious! 127.0.0.1 domssingomangos.net secguard.biz affiliate.travelnow.com tarakc1.net cyberantiquemall.com ads.aol.com itbannerexchange.com adx.allstar.cz ad.ar.doubleclick.net --> Potentially malicious! 127.0.0.1 count437.51yes.com jytorqu.ru munchkin.marketo.net adinterax.com banner.nixnet.cz recover88888.com oepjvondifnnkskfcxzvjiefrkd.com ads.fool.com c17.statcounter.com --> Potentially malicious! 127.0.0.1 8xvideos-tube.mobi recessionwire.com ad.my.doubleclick.net flyghtairline.ru 111309a301e46e230013eada1a63b079.info dialerporn.com ad.sexcount.de brainrace.ru nytrwilmington.112.2o7.net --> Potentially malicious! 127.0.0.1 count268.51yes.com werkendwachtik.nl ad.br.doubleclick.net bin.hnissa.com hoycktsjwqsmklnv.biz xgmrtookfnjibguofinhqcwodxwq.ru wsqwehnnjppxrgxp.org page1.name count113.51yes.com --> Potentially malicious! 127.0.0.1 logv18.xiti.com demo.doubleclick.net ads.5ci.lt zmbagc.com nesamithran.com sis-street.com fb64b06873291207414862989cb55799.info forum-cs.net76.net 08.185.87.115.liveadvert.com --> Potentially malicious! 127.0.0.1 ankursociety.org 57.6.87.194.dynamic.dol.ru thecounter.com c1.statcounter.com erostracker.com ads15.hpg.com.br download13-socinenie.ru j5b.kr pluto.adcycle.com --> Potentially malicious! 127.0.0.1 banners254.hpg.com.br woteucv.freewww.biz upadoo.xpg.com.br 208.185.87.121.liveadvert.com ad.sg.doubleclick.net sunbeltinverting.pro mydreamnewone.com dsfh.ru ad242.hpg.com.br --> Potentially malicious! 127.0.0.1 hyydsglxirgykbxcmlntmvhi.ru ww2.xp115.com n4403ad.doubleclick.net threefooktiro.no-ip.info vacationrentalcabins.com websponsors.com zoferxtube8.info igahicfrwwfpjhef.ru mediamind.com --> Potentially malicious! 127.0.0.1 cashforsurveys.net domteks-volga.ru deadonseparating.ru analyticdns.org nuert.lenuerry.com logisticservices.info denisdenisstation.cu.cc engine.4dsply.com reports.doubleclick.net --> Potentially malicious! 127.0.0.1 kron-energo.ru c13.statcounter.com 964b2ff96df2ba9951881c168282189c.org track.ft.com ads.krawall.de accountpro046.ru createsend3.com axf8.net gamesitestop100.com --> Potentially malicious! 127.0.0.1 dragongut.co.cc www.statcounter.com ads.alt.com expresshomecinema.com www.adshuh.com adspics.com zuchezhaowo.com counter24.bravenet.com aspn.ddns.info --> Potentially malicious! 127.0.0.1 travel.netster.com ad187.paycount.com taktiku.biz bb.connextra.com banner-count.com gobiernofacil.go.cr tnktrck.com reelshandsoff.info c6.statcounter.com --> Potentially malicious! 127.0.0.1 ads.adpulse.com www.linkybank.com ad.kw.doubleclick.net ad233.paycount.com sj-g-lbs.focalink.com 208.185.87.138.liveadvert.com bvalphaserver.com pfvfsi.freewww.biz www.mega-traf.net --> Potentially malicious! 127.0.0.1 ad.sa.doubleclick.net lmvwnv.in securepaths.com www.ewordofmouth.com wsclick.infospace.com count817.51yes.com z0.extreme-dm.com royalwinnipegballet.net server-br.imrworldwide.com --> Potentially malicious! 127.0.0.1 ad.m5prod.net accountpro007.ru hstest.surf-town.net counter15.sextracker.be count40.51yes.com adsalvo.com onlineadvertclick.org sinher24itedsc.rr.nu ad.is.doubleclick.net --> Potentially malicious! 127.0.0.1 o1.plus-zone.co.kr ecd52048dace94e20d35d8a47b04b35d.org c15.statcounter.com g.adspeed.net opienetwork.com content-cooperation.com blogdetranssexuel.com jokenqi.ru 125search.com --> Potentially malicious! 127.0.0.1 indobilling.com eqw002.cn c11.statcounter.com ads140.hpg.com.br hollabackvideo.com tecchan.ivwbox.de cogirunner.ru ru03-hits.spylog.com 429861812.3322.org --> Potentially malicious! 127.0.0.1 dfilmcounderw.su rspzdtpxll.com users.marketleverage.com bqtl.in g243gtdsgsdg.vv.cc usamoney.nl.ai ads189.hpg.com.br officebook1.org learn.doubleclick.net --> Potentially malicious! 127.0.0.1 rxbuy-itewvaha.ru dsvseee.nl.ai aloeroyal.com sre13vea.rr.nu microsoftwga.112.2o7.net icentric.us.intellitxt.com 123002915.cn.com help.doubleclick.net ad.realmedia.co.kr --> Potentially malicious! 127.0.0.1 ads.mgnetwork.com mooo.com ad.in.doubleclick.net abc.googlezuju.com assoc-amazon.com nhoimwl.mysecondarydns.com www.click-under.info us.a1.yimg.com ads.webme.com --> Potentially malicious! 127.0.0.1 puertoalmirante.com bank27.mi.ads.mp.mydas.mobi www.doubleclick.com step2me.net static.appwatch.com kjbbc.net ylufida.com lwtcxuzbdrsnpqfb.ru www6.testtradedoubler.com --> Potentially malicious! 127.0.0.1 count915.51yes.com ad.doubleclick.de squirtingsblog.com tag.tlvmedia.com fp.gad-network.com a.doktorhappy.com u017.76.spylog.com www.parse.ly bannermat.com --> Potentially malicious! 127.0.0.1 bx.clickmedia.ro websmeter.com 208.185.87.36.liveadvert.com ads.alwayson-network.com xb8.ru flierstrusting.biz n4052ad.doubleclick.net 157.6.87.194.dynamic.dol.ru adq.nextag.com --> Potentially malicious! 127.0.0.1 maidarm.ru ads.swirve.com hosting-controlpin.tk ad-g.doubleclick.net imgddd.net ck.jp.ap.valuecommerce.com support.semptoshiba.com.br software.xoomcounter.com verfer.com --> Potentially malicious! 127.0.0.1 adboost.de.vu dimpact.co.il javacentricunencumbered.org uybeor.freewww.biz exitexchange.com sexxxstaz.org ad.za.doubleclick.net adprojekt.pl scorpionbkn.xpg.com.br --> Potentially malicious! 127.0.0.1 ad.cn.doubleclick.net zcloumedia.com kerchna.in ad31.paycount.com ad5.speedbit.com 59.6.87.194.dynamic.dol.ru icnhedsafe.com abroad.name top50.co.uk --> Potentially malicious! 127.0.0.1 lustler.com 3ew.ru ad.gmtracker.com count196.51yes.com banner.list.ru toringkerk.co.za usigroupnet.cc biozavr.ru doubleclick.de --> Potentially malicious! 127.0.0.1 www3.smartadserver.com ad10.focalink.com ads27.focalink.com banners251.hpg.com.br www2.doubleclick.com 208.185.87.16.liveadvert.com ads.pixfuture.net count388.51yes.com kepen.ru --> Potentially malicious! 127.0.0.1 zxlngj.eu buyhitscheap.com cashspace.com alnce21.com www2.doubleclick.net thenetnameshop.cn 4.whereinmilan.com img.buchananjenkinshyundai.com count699.51yes.com --> Potentially malicious! 127.0.0.1 ad.ru.doubleclick.net geoloc58.geovisite.com weidenhof.at x9w.ru 0d8d348a9f374540d947c126e712fa23.org containercox.ru tewnrpvxbdjc.info uxosgik.ru marlaktuell.de --> Potentially malicious! 127.0.0.1 ads.detelefoongids.nl m.doubleclick.net advert243.hpg.com.br uskamalchik.ru www.c-on-text.com ad185.hpg.com.br 101.6.87.194.dynamic.dol.ru thinkgeek.112.2o7.net mgmgroupnet.cc --> Potentially malicious! 127.0.0.1 www.doubleclick.net.my ad.120.tbn.ru bfantastic.com hatsvisuals.org xomcui.com ergebruibgebigbei.com 118.6.87.194.dynamic.dol.ru ef9710b691fa9df28214ad21c2019822.org diamonstar.cn --> Potentially malicious! 127.0.0.1 swathespicture.org ads.mariuana.it wbs.tmkvmv.eu ad.se.doubleclick.net count87.51yes.com pillspharmacyrx.ru a.total-media.net lsvdxjpwykxxvryd.ru sillacareer.or.kr --> Potentially malicious! 127.0.0.1 anbfse.ru newnetnameshop.cn ojnrirhnfemxpnhepnlaeyhmfph.biz jquery-framework.com logv7.xiti.com globaltrack.com j-vision.co.kr ad.cz.doubleclick.net rr1.xxxcounter.com --> Potentially malicious! 127.0.0.1 akaelyr.cn goreeotuma.ru gloriousflooring.com clearerstats.com.es azelas.net ad.gr.doubleclick.net secure-unitedonline.cleanprint.net d4e71869070fd9133c2ec4fe6e728e70.org vexuliritynetwork.com --> Potentially malicious! 127.0.0.1 38efe6484281ec752b4426a55d20de1c.info xn--pauone-4q9l.com namessguibulk.net poekdf.ru ad1.trafficx.com wiombejwxrddpkkx.ru u130.01.spylog.com tex.ero-advertising.com dfp.doubleclick.net --> Potentially malicious! 127.0.0.1 count70.51yes.com ad.hk.doubleclick.net ads1.canoe.ca rp.hit.gemius.pl ad157.paycount.com pagubev.ru pilldrugstoregroup.com infolinks.com ioad.info --> Potentially malicious! 127.0.0.1 count584.51yes.com members.swimsuitnetwork.com us5.forward-to-friend1.com sitebrand.geeks.com 156.6.87.194.dynamic.dol.ru blachervers-2.com paypalssl.doubleclick.net stats.surf-town.net scaner-sdee.tk --> Potentially malicious! 127.0.0.1 www.keywordblocks.com xonio.ivwbox.de c5.statcounter.com count716.51yes.com moderndating2012.asia villusoftreit.ru ideet.ru lfstmedia.com freeroom66.com --> Potentially malicious! 127.0.0.1 unixpoint02.xpg.com.br qaxgckzkn.changeip.name ads.tmcs.net fls.doubleclick.net statsl.com dnads.directnic.com 3cw.ru banner.coza.com count978.51yes.com --> Potentially malicious! 127.0.0.1 fxdas.lflinkup.net ecoresearch.hu achmedia.com n479ad.doubleclick.net quickcamsassembled.net keymedia.hu ailway42staging.rr.nu o.zeroredirect.com cornermarketmedia.com --> Potentially malicious! 127.0.0.1 webfrogs.ru u117.45.spylog.com paymonsters.com kondratev.popunder.ru adcloud.net dnsnum11.com c8.statcounter.com u072.93.spylog.com miguelrubio.sites.uol.com.br --> Potentially malicious! 127.0.0.1 ebtmarketing.com wcbsimg.dayport.com surprise-knsmd.tk ads.discovery.com cerzdtolonknkneibekjbavwgqvk.info statcounter.com atc-groop.com criptxvidsyde.co.cc bfupndesgjnzgakkbeytoljcmugjf.com --> Potentially malicious! 127.0.0.1 bannermall.com i1.createsend5.com l.zeroredirect.com glakvpxu.org global-charge.com ylyhjz.in ads131.hpg.com.br 2.gaza-hackers.info doubleclick.de --> Potentially malicious! 127.0.0.1 counter5.sextracker.be hostscounter.com u3239.08.spylog.com nytrgadsden.112.2o7.net c3.statcounter.com vchysb.freewww.biz fad-411.mtl4.targetnet.com downloadtorrent.org.uk.tc count849.51yes.com --> Potentially malicious! 127.0.0.1 106.6.87.194.dynamic.dol.ru stat24.com 08.185.87.1.liveadvert.com maaandhra.com banners31.hpg.com.br x1v.ru jastreb.hr ad.fi.doubleclick.net traffic.gabmage.in --> Potentially malicious! 127.0.0.1 tigerloads.com ads.softure.com ads4homes.com ads227.hpg.com.br agbasky.com mokingbirdgives.org top90.ro bank42.mi.ads.mp.mydas.mobi ad.uk.doubleclick.net --> Potentially malicious! 127.0.0.1 bannerconnect.com ad.doubleclick.net lnkgo.com goldboat.net s.thetvpool.com adserver.click4cash.de count230.51yes.com chinchwaddevasthantrust.org webwatcherdata.com --> Potentially malicious! 127.0.0.1 tablethealthphysicians.net kesenai.org registry.cu.cc list.ru gduobyc.freewww.biz doubleclick.com www.mokono.com ak1.abmr.net visitor.benchmarkemail.com --> Potentially malicious! 127.0.0.1 banners63.hpg.com.br fixavpu.ru afe6882e298064090f884696cb48c3b5.info cakuxeco.tk federetoktyt.net opt-media.com derinobi.com capa01.com www3.doubleclick.net --> Potentially malicious! 127.0.0.1 jkhteqa.com www.doubleclick.net fipscertifiedenables.ru basijkarmandan.danaportal.ir ads112.hpg.com.br spe.atdmt.com alertpay.net.au 78.6.87.194.dynamic.dol.ru delivery6.trafficjunky.net --> Potentially malicious! 127.0.0.1 advert241.hpg.com.br searchportal.information.com modinali.com 08.185.87.49.liveadvert.com si.netmng.com shoponlinefilmsite.cn banners.babylon-x.com ns1.123go.net ad.terra.doubleclick.net --> Potentially malicious! 127.0.0.1 talliedclassit.info 4.luca-volonte.org update.powercare.co.kr elanablimka.github.com xn--szobafests-j7a.eu ad.n2434.doubleclick.net db0.net-filter.com antik-dom.ru createsend5.com --> Potentially malicious! 127.0.0.1 adlantic.nl protaxet.com adf.ero-advertising.com nt002.cn ads.iafrica.com alkarmel.com.jo statcounter.com banners130.hpg.com.br jabbawockeez.us --> Potentially malicious! 127.0.0.1 201.6.87.194.dynamic.dol.ru adnet.asahi.com l1.zedo.com ad114.paycount.com ads228.hpg.com.br wzus.ask.com sgisolution.com.br ad.be.doubleclick.net daeyoolife.com --> Potentially malicious! 127.0.0.1 centanysenrere.com ad.nz.doubleclick.net tcr111.tynt.com torstarcollect.247realmedia.com bigtopleads.cn 18hhhgh3.justdied.com img.dt00.net quintaavenue.com susnoj.cn --> Potentially malicious! 127.0.0.1 9f9473183778647a979b99045b901711.info visit.playerevaluator.com ad.kr.doubleclick.net bank07.mi.ads.mp.mydas.mobi mondayswizardnet.info 69.6.87.194.dynamic.dol.ru 372kzsds7661.com taokakao.com hitcents.com --> Potentially malicious! 127.0.0.1 mmsrierihon.com c6h.at dncdh.ws doubleclick.net e.yieldmanager.net static.ndoverdrive.net www.008.free-counter.co.uk taskiran.net 87.6.87.194.dynamic.dol.ru --> Potentially malicious! 127.0.0.1 fawcztqwomnnjnrtseirkrcp.biz c2.statcounter.com comics.ign.us.intellitxt.com text-link-ads.com top.one.ru msnbc.112.2o7.net 2faa5e9617513ac0df0a8ee150c0864b.info berfry43bgrbf.vv.cc stats.groupninetyfour.com --> Potentially malicious! 127.0.0.1 homeemployed.com ad-x.com ads2.advance.de www.counter6.sextracker.be mappery.com log10.doubleverify.com u96s.info evoloutainary.co.cc ad.ch.doubleclick.net --> Potentially malicious! 127.0.0.1 doubleclick.net newwave.orge.pl apex-ad.com ultimatetrafficpack.com chanchala.cz click-under.info w612.nb.host127-0-0-1.com uneugroup.com ads246.hpg.com.br --> Potentially malicious! 127.0.0.1 u093.76.spylog.com adserv.evo-x.de cash2002.de nabilams.org gpaper118.112.2o7.net mediavisor.doubleclick.net s.clicktale.net u.outbrain.com www.spinbox.net --> Potentially malicious! 127.0.0.1 creatives.doubleclick.net zlnobdqpfnvworzpayylpvolle.ru lrogs.info admarvel.com ads.web.cs.com web2.deja.com adlev.neodatagroup.com count511.51yes.com adserver.zylom.com --> Potentially malicious! 127.0.0.1 verygood2013.ru geoloc62.geovisite.com angelaonfl.ru geotarget.info prestamistape.us banners16.hpg.com.br submenusonlineoriented.info c28.statcounter.com i-clicks.net --> Potentially malicious! 127.0.0.1 ad.hu.doubleclick.net count265.51yes.com stetomoney.org advert53.hpg.com.br banner.trifle.net www.123webmarketing.com af9b7985802bc09fb9e19663.merseine.nu netbiosmediocre.org ads.tripod.lycos.es --> Potentially malicious! 127.0.0.1 penguinplanning.com wielerclinics.nl ompassik.ru bank56.mi.ads.mp.mydas.mobi www.magentanews.com bigdeal777.com ad.ve.doubleclick.net stats0.one.ru sabnorway.com --> Potentially malicious! 127.0.0.1 ads.adultfriendfinder.com demandware.edgesuite.net go.adify.com u053.48.spylog.com gerincmuhely.hu pagead2.googlesyndication.com meethotties.mobi zendekor.com.tr c44.statcounter.com --> Potentially malicious! 127.0.0.1 tvinfo.ivwbox.de doubleclick.com ywh18olly.rr.nu noexcuseentertainment.com takru.com www4.yesadvertising.com ads.technoratimedia.com shopfilmworld.cn ziffdavisglobal.112.2o7.net --> Potentially malicious! 127.0.0.1 www.marketingtips.com ads6.focalink.com ad.nl.doubleclick.net smert-test.ru wt1888.com adplacers.com ad123.hpg.com.br mobilcom.ivwbox.de 08.185.87.151.liveadvert.com --> Potentially malicious! 127.0.0.1 jsbjlsdjlkb234jblkba8899sjkb.com media.adlegend.com azbuka001.pro kreditsikacsre.ru tyryfpix.ru odnklog.net mjhcymist.freewww.biz m.doubleclick.com nfwcleizdgexdcqoblpncuxcqonz.ru --> Potentially malicious! 127.0.0.1 adserv007.adtech.fr henshiwuliao.com adscomplete.info ad.ph.doubleclick.net qokzierihon.com webcreditreport.com logv13.xiti.com adpepper.dk m77s.cn --> Potentially malicious! 127.0.0.1 aboutnorth2012.ru ns2.doubleclick.net security-laboratory.ru ad1.emediate.dk ads134.hpg.com.br gusanito-postal.org count381.51yes.com ap34.pro banner.relcom.ru --> Potentially malicious! 127.0.0.1 ad.ma.doubleclick.net a.coughstuffs.com buenos-varilias.com age-ega.ru in.getclicky.com websitehostingsouthafrica.com count337.51yes.com vijetha.co.in thorpeinstitute.com --> Potentially malicious! 127.0.0.1 ultsearch.com freipres.ivwbox.de 4879cd460080edbe30f5e03a3c6e179d.info a1000000.mayhemavz.pro cnetnews.112.2o7.net counter11.sextracker.com ads.as4x.tmcs.net ad.ro.doubleclick.net b4118165b89a10b5f3da449626e5e9e9.org --> Potentially malicious! 127.0.0.1 sieg-vergaser.de ads190.hpg.com.br anon.doubleclick.speedera.net ad35.paycount.com faststudiodvwalked.ru berdonet2011.dlinkddns.com yoraclick.com snamedb.com jibertytciako.pl --> Potentially malicious! 127.0.0.1 meredithjacobonline.com rx-white.com description2011.ru k.iinfo.cz adimages.go.com ng3.ads.warnerbros.com casinomahjongsikkim.com ad.de.doubleclick.net worgukiw.ru --> Potentially malicious! 127.0.0.1 flexbeta.us.intellitxt.com canwest.112.207.net execulink.112.2o7.net homevisions.com traffichome.de s.vidsmak.com banner1.50megs.com 208.185.87.90.liveadvert.com ad.at.doubleclick.net --> Potentially malicious! 127.0.0.1 ws8.surf-town.net ad.il.doubleclick.net static.fragbite.com armonipiyanodersi.com kottaslama.org directstuff.com affiliate.doubleyourdating.com ad.grafika.cz verygoods2010.ru --> Potentially malicious! 127.0.0.1 unuere.freewww.biz ads.forbes.com ad.tr.doubleclick.net adteractive.com 179.6.87.194.dynamic.dol.ru ads.amarillo.com count551.51yes.com rabbitharky.net vw-freaks.net --> Potentially malicious! 127.0.0.1 208.185.87.146.liveadvert.com tcdykfjrtweypzxbqyrsfidecmln.com thewebs.ru analytics.ero-advertising.com ad.ero.nl xk9.ru itsptp.com banner.grupos.com.br c41.statcounter.com --> Potentially malicious! 127.0.0.1 www.ssangyong.co.il ads.yupimsn.com convertervocal.net track.gawker.com rxbuy-itewhuli.ru cellus-usa.com ad.about.com doubleclick.ne.jp textcube.com --> Potentially malicious! 127.0.0.1 banners.bol.com.br count729.51yes.com advert.hpg.com.br workathometeacher.com ads.cgnetworks.com geoloc12.geovisite.com gpaper112.112.2o7.net ad60.paycount.com ad.th.doubleclick.net --> Potentially malicious! 127.0.0.1 c4.statcounter.com gyneco-saint-andre.fr ad204.paycount.com trackalyzer.com ad4.api.ero-advertising.com textad.net yiiw.in vsii.spinbox.net bomsabor.com.br --> Potentially malicious! 127.0.0.1 usi-groupinc.net aqsf.knxhsn.eu 9843c4f1f195375184625a1525cf83b9.info adbucks.com avigorstats.pro msn.ivwbox.de bannersng.yell.com ad.sk.doubleclick.net 08.185.87.08.liveadvert.com --> Potentially malicious! 127.0.0.1 www.fusespot.com banners.bol.com.br banners234.hpg.com.br smt-enterprises.com bopwyeb.ru ad2.doubleclick.net whpdn.freewww.biz hugo.lenuerry.com oascentral.adage.com --> Potentially malicious! 127.0.0.1 banners.moviegoods.com fineclicks.com xq0.ru bqgqucwoeyswvgcigqknyllbyytiblf.net count.rin.ru count596.51yes.com c14.statcounter.com great-antispy2012.com pzydthkbdjbxkfinhurwcyd.com --> Potentially malicious!

127.0.0.1 www.qdigital.co.il sigeta.org oascentral.villagevoice.com bands-inc.com se.cqcounter.com ads.bmais.net imagec14.247realmedia.com pmraiugdqhyhmqccfacupypmzor.com www.widgetadvertising.biz 127.0.0.1 admex.com dis.criteo.com bazarafcantoscabiz.com utm.trk.popularscreensavers.com lycoscollect.realmedia.com count44.51yes.com burstmedia.com amberandrobertmedia.com ecall09edytu.rr.nu 127.0.0.1 208.185.87.193.liveadvert.com cash4popup.de m1.nedstatbasic.net ad1.ero-advertising.com webnoivos.com 3ddown.com pirate.1000houses.biz perseusgroupllc.cc pub.chez.com 127.0.0.1 zeroclan.net damisystem.com alexandre.peis.free.fr pairpull.ru lerelais.com 39.6.87.194.dynamic.dol.ru palazziogt.ru adsweb.tiscali.de ads.returnpath.net 127.0.0.1 programmpower.ru muchbetter.ru buttonjp.org ads82.hpg.com.br web-counter-online.ru trayscoffeecup.org snhbe.ru testossteron.ru ads8.c.no1.asap-asp.net 127.0.0.1 awakenedwithin.com iv.doubleclick.net www.counter14.sextracker.be gpaper149.112.2o7.net cdn.allegedmedia.com middlemanether.ru esjkedsafe.com rodijo.com.au eloqua.com 127.0.0.1 bf410f0b5dda6f72725a191d7086d05c.org 193.6.87.194.dynamic.dol.ru banners185.hpg.com.br geoloc92.geovisite.com geoloc36.geovisite.com coupons-inc.com adtrade.net ads.v3.com ad.moscowtimes.ru 127.0.0.1 a.vidtruck.com 3322.org i5.createsend5.com icredoname10012.com bank42.clicks.mp.mydas.mobi allforpeople.net gpaper169.112.2o7.net xn--iimizmzik-v9a79h.com datais.com 127.0.0.1 accountsiq.us stat.tudou.com banner.clubdicecasino.com ads.kinxxx.com onlinestoredsnow.info a6q7.com zanox.com serokolservice.com ad.hpg.com.br 127.0.0.1 adbunker.com justwebads.com office.partnerearning.com untesmakina.com wapclub.biz eu-se.euroinnov.eu windowsneratepack.info speed-tube.net linker.eightfoldlogic.com 127.0.0.1 a.fandango.com 208.185.87.40.liveadvert.com zs.ffshrine.org ads.motormedia.nl deryam.biz switch6.castup.net ads244.hpg.com.br ad.nttnavi.co.jp 404.dummywebsitedatabase.com 127.0.0.1 teamltg.com cache.adviva.net seamrippers.org prague-luxury-hotel.com adnedat.ru prosperplug.info reachjunction.com banner.elisa.net telenorstartsiden.112.2o7.net 127.0.0.1 mi-web12.prod.millennialmedia.com vg01.met.vgwort.de rank8.de bioticshypermodular.org topazinsaat.com.tr mokono.com www2.portdetective.com clicknvote.com banners152.hpg.com.br 127.0.0.1 feedoms.org.uk peopleopera.cn smscolony.com shockingrates.com storeoffers.info gpaper193.112.2o7.net hitfarm.com grapeshot.co.uk tourskorea.com 127.0.0.1 count979.51yes.com ads.hideyourarms.com wetifjam.ru gyhhdykust.org ads.iwon.com ads.asiafriendfinder.com ad.keenspace.com galaxien.com theartsgarage.com 127.0.0.1 banners238.hpg.com.br realmedia.com ad00.hpg.com.br www.backtype.com neurodermitistextilien.de cyxwtkcetscuwaevsxczxxkhccu.info lb.trellian.com 208.185.87.123.liveadvert.com inrxyxuwhkjwfeytucauaqpvt.com 127.0.0.1 adreporting.com u005.33.spylog.com onepassnetwork.com svmerosao.sites.uol.com.br clickhelp.net ad207.hpg.com.br media-a.vpptechnologies.com lprshcsmijfovp.com ace.advertising.com 127.0.0.1 tendonsof.com geoloc46.geovisite.com count660.51yes.com ynkicyr.ru iserverupdates.com winmyminiads.com 216.6.87.194.dynamic.dol.ru www.bettingmarket.com gpaper174.112.2o7.net 127.0.0.1 germannewslinks.info adserver.sharewareonline.com count100.51yes.com trafficfile.com spaceyourfilesbig.chickenkiller.com bank44.clicks.mp.mydas.mobi 239.6.87.194.dynamic.dol.ru r32r32fg34g33g43f3.nl.ai mrskincash.com 127.0.0.1 8bec584679a2faabc60bd6aed5a1e175.info mycomputer.superstats.com banner.hyl.no brumund.de xml.fusionxml.com www.qrcodetrackers.com reisprei.ivwbox.de b066421814a96881d6c7c01c0c164107.org indo-production-fixer.com [...]

¤¤¤ Reset HOSTS: ¤¤¤ 127.0.0.1 localhost

Finished : << RKreport[0]_H_07222013_182632.txt >> RKreport[0]_S_07222013_165425.txt;RKreport[0]_S_07222013_182603.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Хм..нещо не се е получило това което исках..Сигурен ли сте че маркирахте  Fix Hosts.....?

 
Публикувано изображение 1.Изтеглете програмата AVZ 4.41 и разархивирайте avz4.zip например в папка (c:antivir).

Публикувано изображение 2.Стартирайте програмата и изпълнете:

File => Standard scripts => в отворилия се прозорец маркирайте позиция 7 => Execute selected scripts:
 
Публикувано изображение

Публикувано изображение



Публикувано изображение След завършване на сканирането компютъра ви ще се рестартира..!
Ще се създаде архив KL_syscure.zip в същата папка където е разархивирана програмата.
Моля, прикачете този архив във следващия си пост..!

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.

  Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org

Database version: v2013.07.22.06

Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Dzhemal :: DZHEMAL-HP [administrator]

22.7.2013 г. 19:35:03 ч. mbam-log-2013-07-22 (19-35-03).txt

Scan type: Full scan (C:|D:|G:|H:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 416749 Time elapsed: 1 hour(s), 16 minute(s), 24 second(s)

Memory Processes Detected: 0 (No malicious items detected)

Memory Modules Detected: 0 (No malicious items detected)

Registry Keys Detected: 0 (No malicious items detected)

Registry Values Detected: 0 (No malicious items detected)

Registry Data Items Detected: 0 (No malicious items detected)

Folders Detected: 1 C:ProgramDataIBUpdaterService (PUP.InstallBrain) -> Quarantined and deleted successfully.

Files Detected: 1 C:ProgramDataIBUpdaterServicerepository.xml (PUP.InstallBrain) -> Quarantined and deleted successfully.

(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

...и последни проверки..:
 
Публикувано изображениеМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):

  • [*]Затворете всички стартирани програми и браузъри [*]Кликнете два пъти върху
adwcleaner.exe за да стартирате инструмента. [*]Този път маркирайте Delete [*]Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта. [*]Моля, да публикувате съдържанието на този лог в отговора си [*]Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s1].txt.

Публикувано изображение
 
Публикувано изображение Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

Публикувано изображение

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

eто съдаржанието от първата:

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 21:08:55 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dzhemal - DZHEMAL-HP # Boot Mode : Normal # Running from : C:UsersDzhemalDesktopadwcleaner.exe # Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:END File Deleted : C:user.js Folder Deleted : C:Program Files (x86)BabylonToolbar Folder Deleted : C:Program Files (x86)BS_Player Folder Deleted : C:Program Files (x86)Common FilesSoftware Update Utility Folder Deleted : C:Program Files (x86)Conduit Folder Deleted : C:Program Files (x86)ConduitEngine Folder Deleted : C:Program Files (x86)file scout Folder Deleted : C:Program Files (x86)MyAshampoo Folder Deleted : C:Program Files (x86)Smiley Bar for Facebook Folder Deleted : C:Program Files (x86)uTorrentBar Folder Deleted : C:Program Files (x86)Winamp Toolbar Folder Deleted : C:ProgramDataBabylon Folder Deleted : C:ProgramDataWinamp Toolbar Folder Deleted : C:UsersDzhemalAppDataLocalConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowBS_Player Folder Deleted : C:UsersDzhemalAppDataLocalLowConduit Folder Deleted : C:UsersDzhemalAppDataLocalLowConduitEngine Folder Deleted : C:UsersDzhemalAppDataLocalLowuTorrentBar Folder Deleted : C:UsersDzhemalAppDataRoamingBabylon Folder Deleted : C:UsersDzhemalAppDataRoamingfile scout Folder Deleted : C:UsersDzhemalAppDataRoamingPerformerSoft Folder Deleted : C:UsersDzhemalAppDataRoamingStatusWinks

***** [Registry] *****

Key Deleted : HKCUSoftwareAppDataLowSoftwareBS_Player Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwareconduitEngine Key Deleted : HKCUSoftwareAppDataLowSoftwareConduitSearchScopes Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampoo Key Deleted : HKCUSoftwareAppDataLowSoftwareMyAshampootoolbar Key Deleted : HKCUSoftwareAppDataLowSoftwareSmartBar Key Deleted : HKCUSoftwareAppDataLowSoftwareuTorrentBar Key Deleted : HKCUSoftwareAppDataLowToolbar Key Deleted : HKCUSoftwareBabylonToolbar Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwarefilescout Key Deleted : HKCUSoftwareInstallCore Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKCUSoftwareSoftonic Key Deleted : HKCUSoftwareWinamp Toolbar Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSoftwareBabylon Key Deleted : HKLMSoftwareBabylonToolbar Key Deleted : HKLMSoftwareBS_Player Key Deleted : HKLMSOFTWAREClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLMSOFTWAREClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Key Deleted : HKLMSOFTWAREClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4} Key Deleted : HKLMSOFTWAREClassesAppID{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesAppID{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{562B9317-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLMSOFTWAREClassesAppID{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLMSOFTWAREClassesAppID{B27D9527-3762-4D71-963D-FB7A94FDD678} Key Deleted : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLMSOFTWAREClassesAppID{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesAppIDAddonsFramework.DLL Key Deleted : HKLMSOFTWAREClassesAppIDButtonSite.DLL Key Deleted : HKLMSOFTWAREClassesAppIDdnu.EXE Key Deleted : HKLMSOFTWAREClassesAppIDescort.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortApp.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescortEng.DLL Key Deleted : HKLMSOFTWAREClassesAppIDescorTlbr.DLL Key Deleted : HKLMSOFTWAREClassesAppIDesrv.EXE Key Deleted : HKLMSOFTWAREClassesAppIDPropertySync.EXE Key Deleted : HKLMSOFTWAREClassesAppIDScriptHost.DLL Key Deleted : HKLMSOFTWAREClassesAppIDwinamptbServer.exe Key Deleted : HKLMSOFTWAREClassesb Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd Key Deleted : HKLMSOFTWAREClassesBabylon.dskBnd.1 Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore Key Deleted : HKLMSOFTWAREClassesbbylnApp.appCore.1 Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr Key Deleted : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLMSOFTWAREClassesConduit.Engine Key Deleted : HKLMSOFTWAREClassesdnUpdate Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUIBrowser.1 Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController Key Deleted : HKLMSOFTWAREClassesdnUpdater.DownloadUpdController.1 Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane Key Deleted : HKLMSOFTWAREClassesescort.escortIEPane.1 Key Deleted : HKLMSOFTWAREClassesescort.escrtBtn.1 Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc Key Deleted : HKLMSOFTWAREClassesesrv.BabylonESrvc.1 Key Deleted : HKLMSOFTWAREClassesProd.cap Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool.1 Key Deleted : HKLMSOFTWAREClassesToolbar.CT1750559 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2475029 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2786678 Key Deleted : HKLMSOFTWAREClassesTypeLib{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLMSOFTWAREClassesTypeLib{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLMSOFTWAREClassesTypeLib{507591C2-2F4E-46A7-92D6-E6CFF82E5F26} Key Deleted : HKLMSOFTWAREClassesTypeLib{538CD77C-BFDD-49B0-9562-77419CAB89D1} Key Deleted : HKLMSOFTWAREClassesTypeLib{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLMSOFTWAREClassesTypeLib{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLMSOFTWAREClassesTypeLib{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLTBSearch.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand Key Deleted : HKLMSOFTWAREClassesWinampTb.AOLToolBand.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader Key Deleted : HKLMSOFTWAREClassesWinampTb.Downloader.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarInfo.1 Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams Key Deleted : HKLMSOFTWAREClassesWinampTb.ToolbarParams.1 Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper Key Deleted : HKLMSOFTWAREClassesWinampTbServer.AolToolbarHelper.1 Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareconduitEngine Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerExtensions{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingMyBabylontb_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSoftwareMyAshampoo Key Deleted : HKLMSoftwareMyAshampootoolbar Key Deleted : HKLMSoftwareuTorrentBar Key Deleted : HKLMSoftwareV9Software Key Deleted : HKLMSoftwareWinamp Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{055DD326-956C-4827-9467-A172509E81B3} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{57BCA5FA-5DBB-45A2-B558-1755C3F6253B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{6EF4E91D-DDD5-4478-BCA7-DA04435934C0} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{A97B89CD-B65C-49DD-AF46-2B772C627456} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B38D6EDE-390B-4620-8365-29E16459EBDA} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C4760CCD-3316-47EB-B95C-C3C52DAEEA3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FC00F469-83F2-480D-8E45-E0BEF0B761F7} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FE178B09-C8AA-4734-804D-1849BCCA0C29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{27598766-07DA-4D2C-BA3D-94E7BCB76FB1} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{3EEC087D-DB13-4786-BE94-73B35E52481C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{A8C2644D-BF72-4A89-A88C-D85F565F2F46} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{CEB29294-02C7-44B2-AEEF-3C02FFC2F3B3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{D6B7CB41-15B5-466F-AF4B-951DBDD9C331} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{DDDFD019-5321-4150-9713-B5CD90665C3B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBabylonToolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallConduit Engine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallconduitEngine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallMyAshampoo Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSmiley Bar for Facebook Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSoftwareUpdUtility Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstalluTorrentBar Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallV9Software Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallWinamp Toolbar Key Deleted : HKLMSOFTWAREClassesCLSID{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLMSOFTWAREClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020} Key Deleted : HKLMSOFTWAREClassesInterface{0F54B66A-21CF-4548-AE59-A6B83EE6676F} Key Deleted : HKLMSOFTWAREClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Key Deleted : HKLMSOFTWAREClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Key Deleted : HKLMSOFTWAREClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Key Deleted : HKLMSOFTWAREClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Key Deleted : HKLMSOFTWAREClassesInterface{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLMSOFTWAREClassesInterface{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLMSOFTWAREClassesInterface{51A971CA-D36E-4D13-A799-2CF0A491D04D} Key Deleted : HKLMSOFTWAREClassesInterface{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Key Deleted : HKLMSOFTWAREClassesInterface{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLMSOFTWAREClassesInterface{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D} Key Deleted : HKLMSOFTWAREClassesInterface{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLMSOFTWAREClassesInterface{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Key Deleted : HKLMSOFTWAREClassesInterface{841FD004-57A2-4B49-BBDB-5897394619DB} Key Deleted : HKLMSOFTWAREClassesInterface{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLMSOFTWAREClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} Key Deleted : HKLMSOFTWAREClassesInterface{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLMSOFTWAREClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Key Deleted : HKLMSOFTWAREClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Key Deleted : HKLMSOFTWAREClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29} Key Deleted : HKLMSOFTWAREClassesInterface{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLMSOFTWAREClassesInterface{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLMSOFTWAREClassesInterface{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLMSOFTWAREClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Key Deleted : HKLMSOFTWAREClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Key Deleted : HKLMSOFTWAREClassesInterface{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLMSOFTWAREClassesInterface{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLMSOFTWAREClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317} Key Deleted : HKLMSOFTWAREClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14} Key Deleted : HKLMSOFTWAREClassesInterface{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLMSOFTWAREClassesInterface{E1164984-B567-47BD-A7FF-240C2594404A} Key Deleted : HKLMSOFTWAREClassesInterface{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Key Deleted : HKLMSOFTWAREClassesInterface{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLMSOFTWAREClassesInterface{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLMSOFTWAREClassesInterface{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLMSOFTWAREClassesInterface{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [statuswinks@StatusWinks] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [internet Browsers] *****

- Internet Explorer v10.0.9200.16635

*************************

AdwCleaner[s1].txt - [27691 octets] - [22/07/2013 21:08:55]

########## EOF - C:AdwCleaner[s1].txt - [27752 octets] ##########

Ето и 2-рия лог :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.2.0 (07.21.2013:1) OS: Windows 7 Home Premium x64 Ran by Dzhemal on Ї®­ 22.07.2013 Ј. at 21:29:00,23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{494AA071-15E8-4F7D-8B60-F178E86123EF} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{597b1823-7ff0-4cd3-8095-9d8cba514992} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{903E9084-8050-4C90-870A-226613C1C2F5}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{112DEDAE-AACB-4217-88A6-2F53DF270033} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{49F79A1A-F707-45FB-9F04-B5149FB8C73E} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{4E188446-8975-4AEE-BF0F-99359E63F83B} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{7112ED04-E42F-4476-B1BC-493EC219E104} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C0DBBED7-D31C-49E7-A66E-ECA7D75D555F} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{C1080434-84E8-4382-99C9-441D4EE74AF9} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{D6A97776-4525-4561-BCBD-082048FB87E4} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{DF07B432-CF3F-45CD-A22F-A94417196611} Successfully deleted: [Empty Folder] C:UsersDzhemalappdatalocal{EBDDC513-4459-478F-A088-727459BDECDB}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Ї®­ 22.07.2013 Ј. at 21:37:46,64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

И как е положението със системата ви....наблюдавате ли първоначалните проблеми..?

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

в мометна нямам проблем с абв-то влизам си без проблем, и другите банери не ми се отварят, но лаптопа някак си зарежда мн бавно. Трябва ли да го рестарт???

Така след рестарт, системата се държи стабилно , зарежда си добре и проблемите мисля, че вече ги няма :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прекрасно..! :)
 
Публикувано изображение Изтеглете Security Check (автор: screen317) от тук или от тук и го запишете на десктопа.

  • [*]Кликнете два пъти върху
SecurityCheck.exe и следвайте инструкциите. [*]Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt. [*]Копирайте съдържанието на checkup.txt с Копирай (Copy) и с Постави (Paste) го поставете в следващия си коментар.

След това стартирайте PatchMyPC и инсталирайте всички ъпдейти, които инструмента предложи.
 
 
Публикувано изображение Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools => натиснете бутона Run Инструмента ще се самоизтрие след като приключи своята задача!
 

Публикувано изображение Изтрийте всичко друго което е останало след процедурите (използвано в лечението).Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..!:)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

от security check log-a излезна само това :

 UNSUPPORTED OPERATING SYSTEM! ABORTED!  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

Това е от мен..Пожелавам ви лека вечер и безопасен интернет..! :)

 

Ейй голем си брат :):) Много благодаря, жив и здрав и всичко хубаво да ти се случва.

Лека вечер и от мен :)

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Горещи теми в момента

  • Подобни теми

    • от mamasve
      Здравейте , 
      имам вирус на компютъра , който постоянно ми инсталира икона на десктопа Panda viewer и когато отворя който и да е браузър започва да ме пренасочва към всевъзможни сайтове и практически не мога да си ползвам компа вече . Помощ , моля ! 
    • от AHybuC
      Здравейте!
      От тази сутрин не съм способен нормално да стартирам компютъра си. Веднага щом зареди Windows-a, появява се прозорче, в което пише "Windows has encountered a critical problem and will restart automatically in one minute" и както съобщението гласи, след една минута се рестартирва компютъра. Понякога дори се появява директно синия екран, още преди да е успял да зареди Windows-a, с код на грешката 0x000000F4. Направих пълно сканиране с Malwarebytes и Kaspersky Rescue CD 10, отстраниха проблемите, които откриха, но проблемът с рестартирването е все още присъстващ. Редно е да спомена, че в Safe Mode не изпитвам автоматични рестартирвания. Също така, премахнах отметката от Startup and Recovery -> System Failure -> Automatically Restart, но продължават да са налични рестартирванията, само че отметката я бях премахнал, докато бях в Safe Mode. Не знам дали това е от значение, но все пак исках да спомена това.
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.04.2018
      Ran by IvailoCOMP (administrator) on IVAILOCOMP-PC (18-04-2018 19:02:33)
      Running from C:\Users\IvailoCOMP\Desktop
      Loaded Profiles: IvailoCOMP (Available Profiles: IvailoCOMP)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Safe Mode (with Networking)
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
      (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [] => [X]
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoSMBalloonTip] 0
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\..\Interfaces\{1290CD49-798E-4B6B-9CB6-A0F176F07BD0}: [DhcpNameServer] 192.168.1.1 192.168.1.1
      Internet Explorer:
      ==================
      BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
      BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
      BHO: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll => No File
      BHO: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
      BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
      BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
      FireFox:
      ========
      FF ProfilePath: C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default [2018-04-18]
      FF Homepage: Mozilla\Firefox\Profiles\qhtq97on.default -> google.bg
      FF NewTab: Mozilla\Firefox\Profiles\qhtq97on.default -> about:home
      FF Session Restore: Mozilla\Firefox\Profiles\qhtq97on.default -> is enabled.
      FF NewTabOverride: Mozilla\Firefox\Profiles\qhtq97on.default -> Enabled: newtaboverride@agenedia.com
      FF Extension: (Adblocker X) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\@adblock57.xpi [2018-04-11]
      FF Extension: (MEGA) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\firefox@mega.co.nz.xpi [2018-04-13]
      FF Extension: (UniverseView Extension) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\firefox@universeview.ext.xpi [2017-03-01]
      FF Extension: (h264ify) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\jid1-TSgSxBhncsPBWQ@jetpack.xpi [2017-08-03]
      FF Extension: (New Tab Override) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\newtaboverride@agenedia.com.xpi [2018-02-04]
      FF Extension: (Greasemonkey) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17]
      FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\features\{15eba6de-45fd-4321-9dcb-85b0a795c148}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-04-08] [Legacy]
      FF SearchPlugin: C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\searchplugins\yahoo-lavasoft.xml [2016-07-21]
      FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-28] [Legacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-11] ()
      FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2017-03-22] (Nexon)
      FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
      FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
      FF Plugin: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [No File]
      FF Plugin: @Webzen.com/NPBrowserExt -> C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
      FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: @fancyguo.com/FancyGame,version=1.0.0.1 -> C:\Users\IvailoCOMP\AppData\Local\Fancy\npfancygame.dll [2015-05-10] (Hongfeng Hengyu (Beijing) Tech Ltd.)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\IvailoCOMP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: xyzgl-plugin@xyz-soft.com -> C:\Program Files\Alfheim\npxyzgl.dll [2012-06-13] (XYZ-SOFT Inc.)
      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S2 CachemanService; C:\Program Files\Cacheman\CachemanServ.exe [210944 2009-05-16] (Outertech) [File not signed]
      S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [382504 2017-05-17] (EasyAntiCheat Ltd)
      S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1353720 2015-07-08] (ESET)
      S2 EslWireHelper; D:\Games\EslWire\service\WireHelperSvc.exe [614416 2014-01-28] ()
      S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [133632 2012-07-25] (Microsoft Corporation) [File not signed]
      S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [930240 2016-06-14] (NVIDIA Corporation)
      R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2283432 2017-06-29] (LogMeIn Inc.)
      S2 HiPatchService; D:\Program Files\Hi-Rez Studios\HiPatchService.exe [9728 2017-05-11] (Hi-Rez Studios) [File not signed]
      S2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-05-27] (LogMeIn, Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4707104 2018-03-27] (Malwarebytes)
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
      S3 npggsvc; C:\Windows\system32\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
      S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
      S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2904000 2016-06-14] (NVIDIA Corporation)
      S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016704 2016-06-14] (NVIDIA Corporation)
      S2 OracleOraDb11g_home1TNSListener; D:\app\IvailoCOMP\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe [512000 2010-03-31] (Oracle Corporation) [File not signed]
      S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1453384 2018-04-08] (Overwolf LTD)
      S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-10-13] ()
      S3 Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [94208 2012-07-25] (Microsoft Corporation) [File not signed]
      S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
      S3 apf004; C:\Windows\system32\apf004.sys [15112 2015-02-14] ()
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-11-22] (DT Soft Ltd)
      S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
      S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
      S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [132152 2015-07-14] (ESET)
      R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [31008 2015-02-12] (<Turtle Entertainment>)
      S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [42496 2007-05-15] (Eugene V. Muzychenko) [File not signed]
      R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [167656 2018-04-18] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-04-18] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-04-18] (Malwarebytes)
      S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2016-06-14] (NVIDIA Corporation)
      S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation)
      S3 SDGame; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
      S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
      S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [59776 2006-08-11] (Protection Technology (StarForce))
      S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [33664 2016-03-11] (The OpenVPN Project)
      S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
      U4 CiSvc; no ImagePath
      U4 Messenger; no ImagePath
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-18 19:02 - 2018-04-18 19:04 - 000014732 _____ C:\Users\IvailoCOMP\Desktop\FRST.txt
      2018-04-18 19:02 - 2018-04-18 19:02 - 000000000 ____D C:\FRST
      2018-04-18 19:01 - 2018-04-18 19:02 - 001763840 _____ (Farbar) C:\Users\IvailoCOMP\Desktop\FRST.exe
      2018-04-18 18:29 - 2018-04-18 18:55 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2018-04-18 18:29 - 2018-04-18 18:29 - 000167656 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2018-04-18 18:28 - 2018-04-18 18:28 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-04-18 18:28 - 2018-04-18 18:28 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-04-18 18:28 - 2018-03-19 12:57 - 000058656 _____ C:\Windows\system32\Drivers\mbae.sys
      2018-04-18 18:27 - 2018-04-18 18:27 - 073254968 _____ (Malwarebytes ) C:\Users\IvailoCOMP\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4766.exe
      2018-04-18 18:22 - 2018-04-18 18:22 - 000001270 _____ C:\Users\IvailoCOMP\Desktop\asda.lnk
      2018-04-18 18:04 - 2018-04-18 18:07 - 000005192 _____ C:\Users\IvailoCOMP\Desktop\Rkill.txt
      2018-04-18 17:54 - 2018-04-18 17:54 - 000003408 ____N C:\bootsqm.dat
      2018-04-18 17:52 - 2018-04-18 17:52 - 000000000 __SHD C:\found.000
      2018-04-18 17:37 - 2018-04-18 17:37 - 000151072 _____ C:\Windows\Minidump\041818-20997-01.dmp
      2018-04-18 17:11 - 2018-04-18 17:11 - 000151312 _____ C:\Windows\Minidump\041818-23821-01.dmp
      2018-04-18 13:42 - 2018-04-18 20:07 - 000000000 ____D C:\Kaspersky Rescue Disk 10.0
      2018-04-18 10:33 - 2018-04-18 10:33 - 000001261 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
      2018-04-18 10:33 - 2018-04-18 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
      2018-04-18 10:26 - 2018-04-18 10:33 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url
      2018-04-18 10:26 - 2018-04-18 10:33 - 000000000 ____D C:\ProgramData\Ashampoo
      2018-04-18 10:14 - 2018-04-18 10:18 - 338960384 _____ C:\Users\IvailoCOMP\Desktop\kav_rescue_10.iso
      2018-04-18 10:12 - 2018-04-18 10:12 - 000001270 _____ C:\Users\IvailoCOMP\Desktop\shutdown.exe.lnk
      2018-04-18 10:11 - 2018-04-18 18:54 - 000424982 _____ C:\Windows\ntbtlog.txt
      2018-04-18 10:10 - 2018-04-18 10:10 - 000000000 _____ C:\Users\IvailoCOMP\Desktop\New shortcut.lnk
      2018-04-18 09:57 - 2018-04-18 09:57 - 000151696 _____ C:\Windows\Minidump\041818-19999-01.dmp
      2018-04-18 09:54 - 2018-04-18 09:54 - 000151696 _____ C:\Windows\Minidump\041818-18954-01.dmp
      2018-04-18 09:40 - 2018-04-18 17:37 - 286301067 _____ C:\Windows\MEMORY.DMP
      2018-04-18 09:40 - 2018-04-18 17:37 - 000000000 ____D C:\Windows\Minidump
      2018-04-18 09:40 - 2018-04-18 09:40 - 000152656 _____ C:\Windows\Minidump\041818-29546-01.dmp
      2018-04-16 10:43 - 2018-03-31 04:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
      2018-04-16 10:43 - 2018-03-31 04:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-04-16 10:43 - 2018-03-31 04:39 - 000190144 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000190144 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000137920 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000137920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2018-04-16 10:43 - 2018-03-31 04:39 - 000067264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2018-04-16 10:43 - 2018-03-31 04:12 - 001310480 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2018-04-16 10:43 - 2018-03-31 03:51 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2018-04-16 10:43 - 2018-03-31 03:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2018-04-16 10:43 - 2018-03-31 03:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2018-04-16 10:43 - 2018-03-31 03:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2018-04-16 10:43 - 2018-03-31 03:51 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2018-04-16 10:43 - 2018-03-31 03:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2018-04-16 10:43 - 2018-03-31 03:49 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2018-04-16 10:43 - 2018-03-31 03:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2018-04-16 10:43 - 2018-03-31 03:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2018-04-16 10:43 - 2018-03-31 03:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2018-04-16 10:43 - 2018-03-28 10:18 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-04-16 10:43 - 2018-03-23 20:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-04-16 10:43 - 2018-03-23 00:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-04-16 10:43 - 2018-03-23 00:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2018-04-16 10:43 - 2018-03-23 00:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2018-04-16 10:43 - 2018-03-22 23:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-04-16 10:43 - 2018-03-22 23:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2018-04-16 10:43 - 2018-03-22 23:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-04-16 10:43 - 2018-03-22 23:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-04-16 10:43 - 2018-03-22 23:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2018-04-16 10:43 - 2018-03-22 23:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-04-16 10:43 - 2018-03-22 23:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2018-04-16 10:43 - 2018-03-22 23:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2018-04-16 10:43 - 2018-03-22 23:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-04-16 10:43 - 2018-03-22 23:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-04-16 10:43 - 2018-03-22 23:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2018-04-16 10:43 - 2018-03-22 23:42 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-04-16 10:43 - 2018-03-22 23:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-04-16 10:43 - 2018-03-22 23:36 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2018-04-16 10:43 - 2018-03-22 23:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-04-16 10:43 - 2018-03-22 23:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2018-04-16 10:43 - 2018-03-22 23:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-04-16 10:43 - 2018-03-22 23:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2018-04-16 10:43 - 2018-03-22 23:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-04-16 10:43 - 2018-03-22 23:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2018-04-16 10:43 - 2018-03-22 23:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-04-16 10:43 - 2018-03-22 23:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2018-04-16 10:43 - 2018-03-22 23:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-04-16 10:43 - 2018-03-22 23:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-04-16 10:43 - 2018-03-22 23:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-04-16 10:43 - 2018-03-22 23:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-04-16 10:43 - 2018-03-22 23:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-04-16 10:43 - 2018-03-22 23:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-04-16 10:43 - 2018-03-22 23:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2018-04-16 10:43 - 2018-03-22 22:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-04-16 10:43 - 2018-03-22 22:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-04-16 10:43 - 2018-03-22 22:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-04-16 10:43 - 2018-03-10 20:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
      2018-04-16 10:43 - 2018-03-09 21:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2018-04-16 10:43 - 2018-03-09 21:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2018-04-16 10:43 - 2018-03-09 20:31 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-04-16 10:43 - 2018-03-06 21:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2018-04-16 10:43 - 2018-03-06 21:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2018-04-16 10:43 - 2018-03-06 21:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
      2018-04-16 10:43 - 2018-02-22 06:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
      2018-04-16 10:43 - 2018-02-19 00:34 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-04-16 10:43 - 2018-02-10 21:49 - 000162496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000154304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000104640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000057024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000053440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000051904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000046272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000032448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000027840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000021696 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
      2018-04-16 10:43 - 2018-02-10 21:49 - 000013504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000011840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
      2018-04-16 10:43 - 2018-02-10 21:48 - 000274624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
      2018-04-16 10:43 - 2018-02-10 21:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
      2018-04-16 10:43 - 2018-02-10 21:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
      2018-04-16 10:43 - 2018-02-10 20:36 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
      2018-04-16 10:43 - 2018-02-10 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
      2018-04-16 10:43 - 2018-02-10 20:36 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
      2018-04-16 10:43 - 2018-02-10 20:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
      2018-04-16 10:43 - 2018-02-10 20:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
      2018-04-16 10:43 - 2018-02-02 21:54 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2018-04-16 10:43 - 2018-02-02 21:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2018-04-16 10:43 - 2018-02-02 21:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
      2018-04-16 10:43 - 2018-02-02 21:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2018-04-16 10:43 - 2018-02-02 21:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2018-04-16 10:43 - 2018-02-02 21:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-04-16 10:43 - 2018-02-02 20:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
      2018-04-16 10:43 - 2018-01-25 17:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-15 22:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2018-04-16 10:43 - 2018-01-12 19:29 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2018-04-16 10:43 - 2018-01-12 19:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
      2018-04-16 10:43 - 2018-01-12 19:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
      2018-04-16 10:43 - 2018-01-12 19:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
      2018-04-16 10:43 - 2018-01-12 19:05 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2018-04-16 10:43 - 2018-01-12 19:05 - 000025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2018-04-16 10:43 - 2018-01-12 19:05 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2018-04-16 10:43 - 2018-01-11 19:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:54 - 001214184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000712936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-04-16 10:43 - 2018-01-01 04:50 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-04-16 10:43 - 2018-01-01 04:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
      2018-04-16 10:43 - 2018-01-01 04:43 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
      2018-04-16 10:43 - 2018-01-01 04:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-04-16 10:43 - 2018-01-01 04:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2018-04-16 10:43 - 2018-01-01 04:38 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2018-04-16 10:43 - 2018-01-01 04:38 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
      2018-04-16 10:43 - 2018-01-01 04:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
      2018-04-16 10:43 - 2018-01-01 04:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
      2018-04-16 10:43 - 2018-01-01 04:36 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-04-16 10:43 - 2018-01-01 04:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2018-04-16 10:43 - 2017-12-05 18:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
      2018-04-16 10:43 - 2017-12-05 18:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2018-04-14 17:05 - 2018-04-15 21:31 - 000003238 _____ C:\Users\IvailoCOMP\Desktop\Стражева Кула 14.04.2018.txt
      2018-04-14 14:36 - 2016-06-18 07:13 - 039293587 ____N C:\Users\IvailoCOMP\Desktop\MPS-temi.pdf
      2018-04-11 21:09 - 2018-04-15 22:57 - 000000340 _____ C:\Users\IvailoCOMP\Desktop\Програма за четене на Библията.txt
      2018-04-11 20:05 - 2018-04-11 20:05 - 000724759 _____ C:\Users\IvailoCOMP\Desktop\sbr_BL.pdf
      2018-04-11 02:08 - 2018-03-14 20:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-04-11 02:08 - 2018-03-14 20:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-04-11 02:08 - 2018-03-14 16:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2018-04-09 21:55 - 2018-04-09 21:55 - 000003743 _____ C:\Users\IvailoCOMP\Desktop\Ще бъде ли тя добра съпруга.txt
      2018-04-01 23:39 - 2018-04-01 23:39 - 010353227 _____ C:\Users\IvailoCOMP\Desktop\yp2_BL.pdf
      2018-03-23 22:10 - 2018-03-23 22:10 - 002276028 _____ C:\Users\IvailoCOMP\Desktop\Илиянка.rar
      2018-03-23 22:02 - 2018-03-23 22:14 - 000000000 ____D C:\Users\IvailoCOMP\Desktop\Илиянка
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-18 19:00 - 2010-11-21 00:01 - 000785704 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-04-18 19:00 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
      2018-04-18 18:57 - 2016-11-18 12:35 - 000000000 ____D C:\Users\IvailoCOMP\AppData\LocalLow\Mozilla
      2018-04-18 18:51 - 2013-11-21 16:12 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-04-18 18:51 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-04-18 18:06 - 2014-10-30 10:05 - 000000000 ____D C:\Windows\pss
      2018-04-18 17:58 - 2017-11-23 09:54 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\LogMeIn Hamachi
      2018-04-18 10:38 - 2013-11-21 16:17 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\BitComet
      2018-04-18 10:34 - 2013-11-21 16:05 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\Ashampoo
      2018-04-18 10:34 - 2013-11-21 16:05 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\Ashampoo
      2018-04-18 10:32 - 2013-11-21 16:00 - 000000000 ____D C:\Program Files\Ashampoo
      2018-04-18 10:19 - 2013-11-22 16:19 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\DAEMON Tools Lite
      2018-04-18 01:15 - 2009-07-14 07:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-04-18 01:15 - 2009-07-14 07:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-04-18 01:09 - 2013-12-23 20:48 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\Skype
      2018-04-17 23:11 - 2016-02-29 01:23 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\CrashDumps
      2018-04-17 10:17 - 2009-07-14 07:33 - 000452024 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-04-17 10:13 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
      2018-04-16 22:13 - 2013-11-21 17:15 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\vlc
      2018-04-15 10:51 - 2013-11-21 16:04 - 000000000 ____D C:\Windows\system32\Macromed
      2018-04-12 19:52 - 2016-07-07 19:51 - 000000000 ____D C:\Program Files\Common Files\Overwolf
      2018-04-12 19:52 - 2013-12-14 11:50 - 000000000 ____D C:\Program Files\Overwolf
      2018-04-12 01:04 - 2014-12-11 09:05 - 000000000 ____D C:\Windows\system32\appraiser
      2018-04-11 11:04 - 2017-07-31 12:21 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2018-04-11 11:04 - 2017-07-31 12:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2018-04-11 03:13 - 2014-07-15 11:08 - 000000000 ____D C:\Windows\system32\MRT
      2018-04-11 03:06 - 2017-10-11 01:18 - 133987696 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2018-04-11 03:06 - 2014-07-15 11:08 - 133987696 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2018-04-08 17:50 - 2018-03-01 23:22 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\.minecraft
      2018-03-29 09:46 - 2013-12-21 10:14 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2018-03-28 11:20 - 2016-11-16 21:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-03-26 12:53 - 2018-02-26 10:26 - 000000000 ____D C:\Users\IvailoCOMP\Desktop\Songs
      ==================== Files in the root of some directories =======
      2016-03-26 15:29 - 2016-03-28 23:17 - 000000646 _____ () C:\Users\IvailoCOMP\AppData\Roaming\MPQEditor.ini
      2013-11-21 17:59 - 2017-11-03 12:59 - 000007599 _____ () C:\Users\IvailoCOMP\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2017-09-29 10:49 - 2017-10-30 16:41 - 000000000 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\88653d972532a3bfb1eacaae78f1f650.dll
      2017-09-29 10:49 - 2017-10-30 14:33 - 000000088 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\a4c3de51ada6927383f066bdc8c54e16.dll
      2018-04-08 08:12 - 2018-04-08 08:12 - 058834376 _____ (Skype Technologies S.A.) C:\Users\IvailoCOMP\AppData\Local\Temp\SkypeSetup.exe
      2018-03-01 23:34 - 2018-03-01 23:23 - 000069259 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\Uninstall.exe
      2017-08-13 10:55 - 2017-08-13 10:55 - 000750560 _____ (adaware) C:\Users\IvailoCOMP\AppData\Local\Temp\WCU002.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2016-05-09 08:13
      ==================== End of FRST.txt ============================
      Addition.txt
    • от desperado88
      Здравейте, от няколко дена лаптопа ми започна да работи много бавно, Malwarebytes постоянно ми блокира Уебсайт, който аз не го отварям.Явно вируса кара системата автоматично да зарежда този уебсайт.След сканиране с Malwarebytes изчистих около 500 най различни вируса, сред които и Trojan.BitCoinMiner.За съжаление системата все още е инфектирана.Прилагам и снимка от Malwarebytes със блокирания уебсайт.
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
      Ran by Denis (administrator) on DENIS-PC (15-04-2018 13:26:58)
      Running from C:\Users\Denis\Desktop
      Loaded Profiles: Denis (Available Profiles: Denis)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Английски (Съединени щати)
      Internet Explorer Version 11 (Default browser: Opera)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
      (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
      (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      (Intel Corporation) C:\Windows\System32\igfxTray.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera_crashreporter.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Opera Software) C:\Program Files\Opera\52.0.2871.64\opera.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\mobsync.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-13] (AVAST Software)
      HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1663992 2017-06-25] ()
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-2840518248-2148612227-1552303534-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
      HKU\S-1-5-21-2840518248-2148612227-1552303534-1000\...\Run: [xACRX1n5Od.exe] => C:\Program Files\Windows Photo Viewer\ZYZV3IM54U2LXOJ32IAQ2X\xACRX1n5Od.exe 
      HKU\S-1-5-21-2840518248-2148612227-1552303534-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (SUPERAntiSpyware)
      HKU\S-1-5-21-2840518248-2148612227-1552303534-1000\...\MountPoints2: {03fa777c-d793-11e7-aaf8-2c337a8d8b7c} - G:\Lenovo_Suite.exe
      HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2017-12-05]
      ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
      Tcpip\..\Interfaces\{268216B3-DCC9-4E85-BC1A-BE63B8E8A6F5}: [DhcpNameServer] 192.168.50.1
      Internet Explorer:
      ==================
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-01] (AVAST Software)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-01] (AVAST Software)
      FireFox:
      ========
      FF DefaultProfile: du8cfbta.default
      FF ProfilePath: C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\du8cfbta.default [2018-04-15]
      FF user.js: detected! => C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\du8cfbta.default\user.js [2017-06-30]
      FF Homepage: Mozilla\Firefox\Profiles\du8cfbta.default -> hxxps://www.malwarebytes.org/restorebrowser/
      FF Extension: (Avast SafePrice) - C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\du8cfbta.default\Extensions\sp@avast.com.xpi [2018-04-04]
      FF Extension: (Avast Online Security) - C:\Users\Denis\AppData\Roaming\Mozilla\Firefox\Profiles\du8cfbta.default\Extensions\wrc@avast.com.xpi [2018-04-01]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
      Chrome: 
      =======
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      Opera: 
      =======
      OPR Extension: (Adblocker for Youtube™) - C:\Users\Denis\AppData\Roaming\Opera Software\Opera Stable\Extensions\epeomjakeffkfofnidikcpbacmfliolc [2018-04-01]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-13] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-13] (AVAST Software)
      R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
      S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
      R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-18] (Realtek Semiconductor)
      R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-17] (Synaptics Incorporated)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Corporation)
      S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
      S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-13] (AVAST Software)
      S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-04-01] (AVAST Software)
      S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-04-01] (AVAST Software)
      S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-04-01] (AVAST Software)
      S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-04-01] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-13] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-13] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-13] (AVAST Software)
      S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-13] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-13] (AVAST Software)
      S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-13] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-13] (AVAST Software)
      S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-13] (AVAST Software)
      S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-13] (AVAST Software)
      R1 butldsk; C:\Windows\System32\drivers\butldsk.sys [192408 2018-03-21] ()
      S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Windows (R) Win 7 DDK provider)
      R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2017-06-19] (Windows (R) Win 7 DDK provider)
      R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-04-01] (Malwarebytes)
      R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [294104 2014-08-19] (Realtek Semiconductor Corp.)
      R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3502296 2014-08-04] (Realtek Semiconductor Corporation )
      R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
      R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [97320 2015-05-28] (Intel Corporation)
      U3 aswbdisk; no ImagePath
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-15 13:26 - 2018-04-15 13:27 - 000011629 _____ C:\Users\Denis\Desktop\FRST.txt
      2018-04-14 21:08 - 2018-04-14 21:25 - 000000064 _____ C:\Users\Denis\Desktop\rufus.ini
      2018-04-14 21:06 - 2018-04-14 21:08 - 000967800 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Denis\Desktop\rufus-2.18p.exe
      2018-04-13 07:28 - 2018-04-13 07:28 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
      2018-04-13 07:27 - 2018-04-13 07:26 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2018-04-12 22:49 - 2018-03-14 20:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-04-12 22:49 - 2018-03-14 20:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-04-12 22:49 - 2018-03-14 16:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-04-12 22:49 - 2018-03-14 16:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2018-04-11 10:53 - 2018-04-11 10:53 - 000000000 ____D C:\Users\Denis\Downloads\Turkce
      2018-04-11 10:52 - 2018-04-11 11:52 - 000000000 ____D C:\Users\Denis\Downloads\Нова папка (2)
      2018-04-08 16:31 - 2018-04-15 13:26 - 000000000 ____D C:\FRST
      2018-04-08 16:28 - 2018-04-08 16:28 - 002403328 _____ (Farbar) C:\Users\Denis\Desktop\FRST64.exe
      2018-04-02 16:51 - 2018-03-09 06:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2018-04-02 16:51 - 2018-03-09 06:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2018-04-02 16:51 - 2018-03-09 06:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2018-04-02 16:51 - 2018-03-09 05:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2018-04-02 16:51 - 2018-03-09 05:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2018-04-02 16:51 - 2018-03-09 05:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2018-04-02 16:51 - 2018-03-09 05:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2018-04-02 16:51 - 2018-03-09 05:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2018-04-02 16:51 - 2018-03-09 05:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2018-04-02 16:51 - 2018-03-09 05:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2018-04-02 16:51 - 2018-03-09 05:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-04-02 16:51 - 2018-03-09 05:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2018-04-02 16:51 - 2018-03-09 05:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2018-04-02 16:51 - 2018-03-09 05:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2018-04-02 16:51 - 2018-03-09 05:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2018-04-02 16:51 - 2018-03-09 05:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2018-04-02 16:51 - 2018-03-09 05:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2018-04-02 16:51 - 2018-03-09 05:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2018-04-02 16:50 - 2018-03-28 11:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-04-02 16:50 - 2018-03-28 11:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2018-04-02 16:50 - 2018-03-28 11:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2018-04-02 16:50 - 2018-03-09 06:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2018-04-02 16:50 - 2018-03-09 06:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-04-02 16:50 - 2018-03-09 06:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2018-04-02 16:50 - 2018-03-09 06:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2018-04-02 16:50 - 2018-03-09 06:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2018-04-02 16:50 - 2018-03-09 05:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2018-04-02 16:50 - 2018-03-09 05:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2018-04-02 16:50 - 2018-03-09 05:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2018-04-02 16:50 - 2018-03-09 05:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2018-04-02 16:50 - 2018-03-09 05:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2018-04-02 16:50 - 2018-03-09 05:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2018-04-02 16:50 - 2018-02-19 00:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-04-01 14:11 - 2018-04-01 14:11 - 000000000 ____D C:\Users\Denis\AppData\Local\AVAST Software
      2018-04-01 12:40 - 2018-02-10 11:44 - 025740288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-04-01 12:40 - 2018-02-10 10:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2018-04-01 12:40 - 2018-02-10 10:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-04-01 12:40 - 2018-02-10 10:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-04-01 12:40 - 2018-02-10 10:16 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2018-04-01 12:40 - 2018-02-10 10:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2018-04-01 12:40 - 2018-02-10 10:09 - 005782016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-04-01 12:40 - 2018-02-10 10:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-04-01 12:40 - 2018-02-10 10:06 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-04-01 12:40 - 2018-02-10 10:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-04-01 12:40 - 2018-02-10 10:01 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2018-04-01 12:40 - 2018-02-10 09:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2018-04-01 12:40 - 2018-02-10 09:48 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2018-04-01 12:40 - 2018-02-10 09:33 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2018-04-01 12:40 - 2018-02-10 09:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-04-01 12:40 - 2018-02-10 09:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2018-04-01 12:40 - 2018-02-10 08:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2018-04-01 12:40 - 2018-02-10 08:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2018-04-01 12:40 - 2018-02-10 08:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2018-04-01 12:40 - 2018-02-10 08:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2018-04-01 12:40 - 2018-02-10 08:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2018-04-01 12:40 - 2018-02-10 08:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2018-04-01 12:40 - 2018-02-10 08:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2018-04-01 12:40 - 2018-02-10 08:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2018-04-01 12:40 - 2018-02-10 08:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2018-04-01 12:40 - 2018-02-10 08:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2018-04-01 12:40 - 2018-02-10 08:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2018-04-01 12:40 - 2018-02-10 08:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2018-04-01 12:40 - 2018-02-10 08:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2018-04-01 12:39 - 2018-02-10 22:52 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-04-01 12:39 - 2018-02-10 22:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2018-04-01 12:39 - 2018-02-10 10:30 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2018-04-01 12:39 - 2018-02-10 10:19 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-04-01 12:39 - 2018-02-10 10:16 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-04-01 12:39 - 2018-02-10 10:10 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2018-04-01 12:39 - 2018-02-10 10:06 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-04-01 12:39 - 2018-02-10 10:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2018-04-01 12:39 - 2018-02-10 09:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-04-01 12:39 - 2018-02-10 09:52 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2018-04-01 12:39 - 2018-02-10 09:51 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-04-01 12:39 - 2018-02-10 09:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-04-01 12:39 - 2018-02-10 09:46 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-04-01 12:39 - 2018-02-10 09:45 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2018-04-01 12:39 - 2018-02-10 09:36 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-04-01 12:39 - 2018-02-10 09:36 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-04-01 12:39 - 2018-02-10 09:34 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-04-01 12:39 - 2018-02-10 09:34 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-04-01 12:39 - 2018-02-10 09:32 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-04-01 12:39 - 2018-02-10 09:14 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-04-01 12:39 - 2018-02-10 09:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2018-04-01 12:39 - 2018-02-10 09:02 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-04-01 12:39 - 2018-02-10 08:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2018-04-01 12:39 - 2018-02-10 08:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2018-04-01 12:39 - 2018-02-10 08:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2018-04-01 12:39 - 2018-02-10 08:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2018-04-01 12:39 - 2018-02-10 08:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2018-04-01 12:39 - 2018-02-10 08:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2018-04-01 12:39 - 2018-02-10 08:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2018-04-01 12:39 - 2018-02-10 08:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2018-04-01 12:39 - 2018-02-10 08:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2018-04-01 12:39 - 2018-02-10 08:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2018-04-01 12:39 - 2018-02-10 08:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2018-04-01 12:39 - 2018-02-10 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2018-04-01 12:39 - 2018-02-10 08:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2018-04-01 12:39 - 2018-02-10 08:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2018-04-01 12:39 - 2018-01-12 19:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-04-01 12:39 - 2018-01-12 19:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
      2018-04-01 12:39 - 2018-01-12 19:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
      2018-04-01 12:39 - 2018-01-11 19:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-04-01 12:39 - 2018-01-05 19:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-04-01 12:39 - 2018-01-05 19:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2018-04-01 12:39 - 2018-01-01 05:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-04-01 12:39 - 2018-01-01 05:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
      2018-04-01 12:39 - 2018-01-01 05:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-04-01 12:39 - 2018-01-01 05:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
      2018-04-01 12:39 - 2018-01-01 05:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
      2018-04-01 12:39 - 2018-01-01 05:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
      2018-04-01 12:39 - 2018-01-01 05:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
      2018-04-01 12:39 - 2018-01-01 05:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-04-01 12:39 - 2018-01-01 05:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2018-04-01 12:39 - 2018-01-01 05:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
      2018-04-01 12:39 - 2018-01-01 04:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2018-04-01 12:39 - 2018-01-01 04:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
      2018-04-01 12:39 - 2018-01-01 04:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-04-01 12:39 - 2018-01-01 04:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-04-01 12:39 - 2018-01-01 04:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-04-01 12:39 - 2017-12-05 20:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2018-04-01 12:39 - 2017-12-05 20:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
      2018-04-01 12:39 - 2017-12-05 20:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2018-04-01 12:39 - 2017-12-05 19:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
      2018-04-01 12:38 - 2018-02-10 10:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2018-04-01 12:38 - 2018-02-10 08:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2018-04-01 12:38 - 2018-02-10 08:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2018-04-01 12:38 - 2018-01-12 19:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2018-04-01 12:38 - 2018-01-12 19:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2018-04-01 12:38 - 2018-01-12 19:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2018-04-01 12:38 - 2018-01-12 19:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
      2018-04-01 12:38 - 2018-01-12 19:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
      2018-04-01 12:38 - 2018-01-12 19:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2018-04-01 12:38 - 2018-01-12 19:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2018-04-01 12:38 - 2018-01-12 19:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2018-04-01 12:38 - 2018-01-11 19:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2018-04-01 12:38 - 2018-01-11 19:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2018-04-01 12:38 - 2018-01-05 19:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2018-04-01 12:38 - 2018-01-05 19:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2018-04-01 12:38 - 2018-01-05 19:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-04-01 12:38 - 2018-01-05 19:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-04-01 12:38 - 2018-01-05 19:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2018-04-01 12:38 - 2018-01-05 19:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2018-04-01 12:38 - 2018-01-05 19:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
      2018-04-01 12:38 - 2018-01-05 19:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
      2018-04-01 12:38 - 2018-01-05 19:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
      2018-04-01 12:38 - 2018-01-05 18:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2018-04-01 12:38 - 2018-01-01 05:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-04-01 12:38 - 2018-01-01 05:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2018-04-01 12:38 - 2018-01-01 05:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
      2018-04-01 12:38 - 2018-01-01 05:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
      2018-04-01 12:38 - 2018-01-01 05:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
      2018-04-01 12:38 - 2018-01-01 05:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2018-04-01 12:38 - 2018-01-01 05:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
      2018-04-01 12:38 - 2018-01-01 05:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
      2018-04-01 12:38 - 2018-01-01 05:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2018-04-01 12:38 - 2018-01-01 05:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
      2018-04-01 12:38 - 2018-01-01 04:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
      2018-04-01 12:38 - 2018-01-01 04:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-04-01 12:38 - 2018-01-01 04:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
      2018-04-01 12:38 - 2018-01-01 04:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
      2018-04-01 12:38 - 2018-01-01 04:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-04-01 12:38 - 2018-01-01 04:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
      2018-04-01 12:38 - 2018-01-01 04:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
      2018-04-01 12:38 - 2018-01-01 04:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
      2018-04-01 12:38 - 2018-01-01 04:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
      2018-04-01 12:38 - 2018-01-01 04:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
      2018-04-01 12:38 - 2018-01-01 04:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
      2018-04-01 12:38 - 2018-01-01 04:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
      2018-04-01 12:38 - 2018-01-01 04:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-04-01 12:38 - 2018-01-01 04:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-04-01 12:38 - 2018-01-01 04:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2018-04-01 12:38 - 2017-12-05 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
      2018-04-01 12:38 - 2017-12-05 20:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2018-04-01 12:38 - 2017-12-05 18:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
      2018-04-01 12:30 - 2018-04-01 12:30 - 000000000 ____D C:\Users\Denis\AppData\Roaming\AVAST Software
      2018-04-01 12:28 - 2018-04-01 12:28 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2018-04-01 12:28 - 2018-04-01 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2018-04-01 12:26 - 2018-04-13 07:28 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2018-04-01 12:25 - 2018-04-13 07:28 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2018-04-01 12:25 - 2018-04-13 07:26 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2018-04-01 12:25 - 2018-04-01 12:21 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
      2018-04-01 12:25 - 2018-04-01 12:21 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2018-04-01 12:25 - 2018-04-01 12:21 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
      2018-04-01 12:25 - 2018-04-01 12:21 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
      2018-04-01 12:23 - 2018-04-01 12:23 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
      2018-04-01 11:45 - 2018-04-13 03:45 - 000000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 91abd3e0-5990-4aa4-ba5f-3e0e60b47fa2.job
      2018-04-01 11:45 - 2018-04-13 02:00 - 000000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2636bd95-9cca-4d29-aa0d-132b9a2981d6.job
      2018-04-01 11:45 - 2018-04-01 11:45 - 000003584 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2636bd95-9cca-4d29-aa0d-132b9a2981d6
      2018-04-01 11:45 - 2018-04-01 11:45 - 000003510 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 91abd3e0-5990-4aa4-ba5f-3e0e60b47fa2
      2018-04-01 11:45 - 2018-04-01 11:45 - 000001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
      2018-04-01 11:45 - 2018-04-01 11:45 - 000000000 ____D C:\Users\Denis\AppData\Roaming\SUPERAntiSpyware.com
      2018-04-01 11:45 - 2018-04-01 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      2018-04-01 11:44 - 2018-04-06 16:04 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
      2018-04-01 11:44 - 2018-04-01 11:44 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
      2018-04-01 11:42 - 2018-04-01 11:44 - 032580552 _____ (SUPERAntiSpyware) C:\Users\Denis\Desktop\SUPERAntiSpywarePro.exe
      2018-04-01 11:38 - 2018-04-01 11:38 - 000000000 ____D C:\Windows\system32\appmgmt
      2018-04-01 11:31 - 2018-04-01 11:31 - 000000000 ____D C:\Users\Denis\AppData\Local\Chromium
      2018-04-01 11:03 - 2018-04-01 11:03 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-04-01 11:03 - 2018-04-01 11:03 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-04-01 11:03 - 2018-04-01 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-04-01 11:02 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
      2018-04-01 11:00 - 2018-04-01 11:00 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-04-01 11:00 - 2018-04-01 11:00 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-04-01 10:58 - 2018-04-01 10:58 - 000000000 ____D C:\Program Files\5TK02URXOS
      2018-04-01 10:56 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\w1ue4fa2w2e
      2018-04-01 10:55 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\udvovefa0ze
      2018-04-01 10:55 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\h2g3qje1ew5
      2018-04-01 10:55 - 2018-04-01 10:57 - 000000000 ____D C:\Program Files\VS2P538RN4
      2018-04-01 10:51 - 2018-04-01 10:51 - 000000290 __RSH C:\Users\Denis\ntuser.pol
      2018-04-01 10:48 - 2018-04-07 14:06 - 000000000 ____D C:\ProgramData\10b45edb-3473-4b10-b57e-0ad402f4c858
      2018-04-01 10:46 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\yoasfgt1ylr
      2018-04-01 10:46 - 2018-04-01 10:46 - 000000000 ____D C:\Program Files\JC60L5XO5O
      2018-04-01 10:46 - 2018-04-01 10:46 - 000000000 ____D C:\Program Files\7JP1TF3RPR
      2018-04-01 10:45 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\qzoaexvthyw
      2018-04-01 10:45 - 2018-04-01 11:34 - 000000000 ____D C:\Users\Denis\AppData\Roaming\l4vhnklvv4b
      2018-04-01 10:42 - 2018-04-01 10:42 - 000000000 ____D C:\Users\Denis\AppData\Roaming\4fypyupwbhn
      2018-04-01 10:41 - 2018-04-07 14:05 - 000000000 ____D C:\Browse
      2018-04-01 10:41 - 2018-04-01 11:33 - 000000000 ____D C:\Applications
      2018-04-01 10:41 - 2018-04-01 10:41 - 000000000 ____D C:\Winsys
      2018-04-01 10:40 - 2018-04-01 11:10 - 000000000 ____D C:\Program Files (x86)\Sikimi
      2018-04-01 10:40 - 2018-04-01 10:40 - 000000000 ____D C:\Program Files\My Program
      2018-04-01 10:38 - 2018-04-01 11:10 - 000000000 ____D C:\Users\Denis\AppData\Local\GenericTools
      2018-04-01 10:38 - 2018-04-01 10:38 - 001986226 _____ C:\Users\Denis\AppData\Local\Inis.tst
      2018-04-01 10:37 - 2018-04-01 11:04 - 000929792 _____ C:\Users\Denis\AppData\Local\sham.db
      2018-04-01 10:37 - 2018-04-01 10:37 - 000140800 _____ C:\Users\Denis\AppData\Local\installer.dat
      2018-04-01 10:36 - 2018-04-01 15:43 - 000000000 ____D C:\ProgramData\AVAST Software
      2018-04-01 10:36 - 2018-04-01 10:36 - 000000000 ____D C:\Program Files\AVAST Software
      2018-03-31 17:51 - 2018-04-11 07:29 - 000000000 ____D C:\Users\Denis\Downloads\BangBros18 - Emma Hix - Blonde Makes Juan Fuck Her Hard
      2018-03-31 17:51 - 2018-03-31 17:51 - 000000000 ____D C:\Users\Denis\Downloads\VW Golf 4 (1997+)
      2018-03-25 20:22 - 2018-03-25 20:24 - 000000000 ____D C:\Users\Denis\Desktop\gh
      2018-03-24 00:04 - 2018-03-24 00:04 - 000043872 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
      2018-03-24 00:04 - 2018-03-24 00:04 - 000036736 _____ (Connectify) C:\Windows\system32\Drivers\cfywlan1.sys
      2018-03-24 00:01 - 2018-03-24 00:02 - 016026232 _____ (Connectify) C:\Users\Denis\Desktop\Connectify2018Installer.exe
      2018-03-21 11:38 - 2018-03-21 11:38 - 000192408 _____ C:\Windows\system32\Drivers\butldsk.sys
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-15 13:26 - 2018-01-12 17:39 - 000000000 ____D C:\Users\Denis\AppData\Roaming\AIMP
      2018-04-15 10:43 - 2009-07-14 07:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-04-15 10:43 - 2009-07-14 07:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-04-15 10:35 - 2017-12-06 14:35 - 000000000 __SHD C:\Users\Denis\IntelGraphicsProfiles
      2018-04-15 10:35 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-04-14 21:31 - 2017-12-02 22:27 - 000003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1512242838
      2018-04-14 21:31 - 2017-12-02 22:24 - 000000000 ____D C:\Program Files\Opera
      2018-04-14 21:25 - 2017-12-02 23:41 - 000004738 __RSH C:\ProgramData\ntuser.pol
      2018-04-14 21:07 - 2009-07-14 08:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-04-14 21:07 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
      2018-04-13 03:22 - 2017-12-07 12:43 - 000000000 ____D C:\Windows\system32\appraiser
      2018-04-13 03:06 - 2017-12-07 15:19 - 000000000 ____D C:\Windows\system32\MRT
      2018-04-13 03:01 - 2017-12-07 15:19 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2018-04-13 03:01 - 2017-12-02 20:46 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2018-04-11 10:53 - 2017-12-11 23:51 - 000000000 ____D C:\Users\Denis\Downloads\new
      2018-04-10 18:05 - 2018-01-21 13:58 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2018-04-10 18:05 - 2018-01-21 13:58 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2018-04-10 18:05 - 2018-01-21 13:58 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2018-04-10 18:05 - 2018-01-21 13:58 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2018-04-10 18:05 - 2018-01-21 13:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-04-10 18:05 - 2018-01-21 13:58 - 000000000 ____D C:\Windows\system32\Macromed
      2018-04-10 18:01 - 2018-03-01 14:27 - 000000000 ___HD C:\Users\Denis\Desktop\.picasaoriginals
      2018-04-07 15:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache
      2018-04-07 10:30 - 2017-12-28 15:27 - 000000000 ____D C:\Users\Denis\AppData\Roaming\EurekaLog
      2018-04-06 23:02 - 2017-12-02 22:26 - 000000000 ____D C:\Users\Denis\AppData\Roaming\uTorrent
      2018-04-06 18:40 - 2017-12-25 17:35 - 000000000 ____D C:\Users\Denis\AppData\LocalLow\Mozilla
      2018-04-06 18:32 - 2017-12-25 17:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-04-02 16:28 - 2009-07-14 07:45 - 000268392 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-04-01 16:05 - 2017-12-07 11:14 - 000774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      2018-04-01 11:32 - 2017-12-02 20:48 - 000001393 _____ C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2018-04-01 11:23 - 2017-12-28 15:53 - 000000000 ____D C:\ProgramData\Ashampoo
      2018-04-01 10:51 - 2017-12-02 20:47 - 000000000 ____D C:\Users\Denis
      2018-04-01 10:46 - 2009-07-14 06:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2018-04-01 10:39 - 2009-07-14 08:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2018-04-01 10:38 - 2017-12-27 16:26 - 000000000 ____D C:\Program Files (x86)\Google
      ==================== Files in the root of some directories =======
      2018-04-01 10:38 - 2018-04-01 10:38 - 001986226 _____ () C:\Users\Denis\AppData\Local\Inis.tst
      2018-04-01 10:37 - 2018-04-01 10:37 - 000140800 _____ () C:\Users\Denis\AppData\Local\installer.dat
      2018-04-01 10:37 - 2018-04-01 11:04 - 000929792 _____ () C:\Users\Denis\AppData\Local\sham.db
      Some files in TEMP:
      ====================
      2017-10-24 03:51 - 2017-10-24 03:51 - 000164424 _____ (Microsoft Corporation) C:\Users\Denis\AppData\Local\Temp\atl110.dll
      2015-09-22 20:06 - 2015-09-22 20:06 - 002382216 _____ (Mooii) C:\Users\Denis\AppData\Local\Temp\GoogleSetup.exe
      2017-10-24 03:51 - 2017-10-24 03:51 - 000069632 _____ () C:\Users\Denis\AppData\Local\Temp\HwInfo.dll
      2016-10-07 06:26 - 2016-10-07 06:26 - 000270336 _____ () C:\Users\Denis\AppData\Local\Temp\NSISPromotionEx.dll
      2018-04-01 10:41 - 2018-04-01 10:52 - 048475773 _____ (My Company, Inc.                                            ) C:\Users\Denis\AppData\Local\Temp\setupsb.exe
      2017-12-03 00:07 - 2017-08-29 03:30 - 000070656 _____ () C:\Users\Denis\AppData\Local\Temp\ShellHook.dll
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-04-15 11:30
      ==================== End of FRST.txt ============================

      Addition.txt
    • от pyrpyl
      Здравейте, от няколко дни антивирусната при стартиране ми изкарва следното съобщение(прилагам снимка).
       
       
      След премахването на файла, при стартирането следващият път ми изкарва същото съобщение и така...... Не виждам видима промяна в работата на машината. Прилагам логовете от сканирането
       
      :Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
      Ran by Pyrpyl_HP (administrator) on PYRPYL_HP-PC (11-04-2018 18:30:44)
      Running from C:\Download
      Loaded Profiles: Pyrpyl_HP (Available Profiles: Pyrpyl_HP)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
      (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
      (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
      (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
      (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (Symantec) C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
      (IrisTech) C:\Users\Pyrpyl_HP\AppData\Local\Iris\Iris.exe
      (Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
      (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
      (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
      (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      () C:\Windows\SysWOW64\x86.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\usrreq.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-30] (Intel Corporation)
      HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-07] (IDT, Inc.)
      HKLM\...\Run: [Keyboard Suite Daemon] => C:\Windows\system32\xManager\PELKBD.EXE
      HKLM\...\Run: [TPMXKST KB Suite Daemon] => C:\Windows\system32\xManager\PKSKBD.EXE
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
      HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [388344 2013-12-25] (IVT Corporation)
      HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-10] (Intel Corporation)
      HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
      HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
      HKLM-x32\...\Run: [x86] => C:\Windows\SysWOW64\x86.exe [26624 2013-08-09] ()
      HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
      HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [777392 2016-12-15] (Avira Operations GmbH & Co. KG)
      HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2018-02-01] (PDF Complete Inc)
      HKLM\...\RunOnce: [Uninstall] => C:\Windows\system32\pmuninst.exe /DeleteSelf********䄐z**້䈁**匙﷡߾*************Ȃ***້䈁**********䢖睄********Ȃ***ĵ***********້䈁**ᕰv߾*p*********************************』***墑睃**້䈁**ᕰv߾*ꑀ***�睅******ゔv߾* (the data entry has 311 more characters).
      Winlogon\Notify\igfxcui: igfxdev.dll [X]
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\Run: [Iris] => C:\Users\Pyrpyl_HP\AppData\Local\Iris\Iris.exe [7589376 2017-01-01] (IrisTech)
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2102112 2017-11-09] (Sony)
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [1362432 2018-03-18] (Adobe Systems Incorporated)
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\MountPoints2: {0561ff80-a839-11e7-9000-a01d48a8ba41} - F:\Password.exe
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\MountPoints2: {13bd9843-7c87-11e6-89f9-fc4dd454ccdd} - F:\LaunchU3.exe -a
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\MountPoints2: {2ddd6712-3309-11e7-a61c-a01d48a8ba41} - F:\Startme.exe
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\MountPoints2: {f2deb810-5a1a-11e5-91fa-a01d48a8ba41} - F:\AutoRun.exe
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Corporation) <==== ATTENTION
      GroupPolicy: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 172.16.1.1
      Tcpip\..\Interfaces\{E3DE5057-8568-4811-8439-B2FF78B3C830}: [DhcpNameServer] 172.16.1.1
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ruse-news.com/
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
      HKU\S-1-5-21-993510031-3225739286-1372905849-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
      SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
      BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
      Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
      Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
      FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin HKU\S-1-5-21-993510031-3225739286-1372905849-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pyrpyl_HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> hxxp://ruse-news.com/
      CHR StartupUrls: Default -> "hxxp://ruse-news.com/"
      CHR Profile: C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default [2018-04-11]
      CHR Extension: (Документи) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
      CHR Extension: (YouTube) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-16]
      CHR Extension: (Adblock Plus) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
      CHR Extension: (Google Търсене) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
      CHR Extension: (Tampermonkey) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-09]
      CHR Extension: (Електронни таблици от Google) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-16]
      CHR Extension: (Google Документи офлайн) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
      CHR Extension: (Gmail) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-16]
      CHR Extension: (Chrome Media Router) - C:\Users\Pyrpyl_HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-24]
      CHR HKLM-x32\...\Chrome\Extension: [bcppagjoiockigjlojpeiggninmghfim] - C:\Program Files (x86)\Bigasoft\Video Downloader\extensions\3.8.14.5499\BVDChromeExt.crx [2015-05-02]
      Opera: 
      =======
      StartMenuInternet: (HKLM) Opera - G:\Programs\Opera 12.17\Opera.exe hxxp://www.oursurfing.com/?type=sc&ts=1430546455&z=b64b22ea9949ec1e8149b57g7z9cfebwfz1qbz0q1e&from=exp&uid=HGSTXHTS541010A9E680_JDA000CCHDDD2SHDDD2SX
      StartMenuInternet: (HKLM) OperaStable - G:\Programs\Opera\Launcher.exe
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1053968 2016-12-15] (Avira Operations GmbH & Co. KG)
      R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [871584 2016-12-15] (Avira Operations GmbH & Co. KG)
      R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [465832 2016-12-15] (Avira Operations GmbH & Co. KG)
      R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [465832 2016-12-15] (Avira Operations GmbH & Co. KG)
      R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1047744 2016-12-15] (Avira Operations GmbH & Co. KG)
      R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-27] (IVT Corporation)
      R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT Corporation)
      S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelperx64.exe [2227216 2010-02-12] (Symantec)
      R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
      R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
      R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation)
      R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [362880 2018-01-24] (Intel Corporation)
      R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
      R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
      S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
      R2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
      R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
      R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1795136 2018-02-01] (PDF Complete Inc)
      R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
      R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-11-07] (IDT, Inc.) [File not signed]
      R3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
      R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
      R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2201440 2017-11-09] (Sony)
      S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{7C6B734B-F40D-4C7E-9C4C-95715C0D84F9}
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
      R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [114608 2014-11-24] (Avira GmbH)
      R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [141376 2014-11-24] (Avira GmbH)
      R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [167704 2016-12-15] (Avira Operations GmbH & Co. KG)
      R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [139272 2016-12-15] (Avira Operations GmbH & Co. KG)
      R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
      R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-07-27] (Avira Operations GmbH & Co. KG)
      S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-21] (Bluestack System Inc. )
      S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
      S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-16] (Ralink Corporation)
      R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
      S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
      S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
      S3 FileDisk; C:\Users\Pyrpyl_HP\AppData\Local\Temp\filedisk.sys [9216 2004-08-09] (Bo Brantén) [File not signed] <==== ATTENTION
      R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
      S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
      R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
      R3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539848 2014-02-12] (Ralink Technology Corp.)
      R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
      R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
      R2 NPF; C:\Windows\SysWOW64\Drivers\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
      S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19912 2009-12-21] ()
      S3 pwdspio; C:\Windows\system32\pwdspio.sys [13264 2009-12-21] ()
      S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
      S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
      R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-06-16] (Sunplus)
      R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
      S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
      S3 massfilter; system32\drivers\massfilter.sys [X]
      S3 SliceDisk5; \??\C:\Users\Pyrpyl_HP\AppData\Local\Temp\FindAndMount\slicedisk-x64.sys [X] <==== ATTENTION
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      U2 V2iMount; no ImagePath
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
      S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
      S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-11 18:30 - 2018-04-11 18:30 - 000000000 ____D C:\FRST
      2018-04-09 08:57 - 2018-04-09 08:57 - 000000000 ____D C:\iVMS-4200
      2018-04-07 16:43 - 2018-04-07 16:43 - 000000000 ____D C:\Users\Pyrpyl_HP\AppData\Local\cache
      2018-04-07 09:19 - 2018-04-07 09:19 - 000937343 _____ C:\Users\Pyrpyl_HP\Desktop\zzp_jan_2017.pdf
      2018-03-24 19:28 - 2018-03-24 19:28 - 000776380 _____ C:\Users\Pyrpyl_HP\Desktop\rez_240318.pdf
      2018-03-23 07:26 - 2018-04-11 18:05 - 000000000 __SHD C:\Users\Pyrpyl_HP\IntelGraphicsProfiles
      2018-03-23 00:45 - 2018-04-11 18:03 - 000065536 _____ C:\Windows\system32\spu_storage.bin
      2018-03-23 00:11 - 2018-03-23 00:11 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2018-03-23 00:03 - 2017-04-28 01:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
      2018-03-23 00:03 - 2017-04-12 16:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
      2018-03-23 00:00 - 2018-02-14 04:48 - 025739264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-03-23 00:00 - 2018-02-14 04:34 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2018-03-23 00:00 - 2018-02-14 04:21 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-03-23 00:00 - 2018-02-14 04:21 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2018-03-23 00:00 - 2018-02-14 04:21 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-03-23 00:00 - 2018-02-14 04:15 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2018-03-23 00:00 - 2018-02-14 04:12 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-03-23 00:00 - 2018-02-14 04:11 - 005780992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-03-23 00:00 - 2018-02-14 04:11 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-03-23 00:00 - 2018-02-14 04:10 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-03-23 00:00 - 2018-02-14 04:05 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2018-03-23 00:00 - 2018-02-14 03:56 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2018-03-23 00:00 - 2018-02-14 03:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2018-03-23 00:00 - 2018-02-14 03:38 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-03-23 00:00 - 2018-02-14 03:36 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-03-23 00:00 - 2018-02-14 03:36 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2018-03-23 00:00 - 2018-02-14 03:35 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-03-23 00:00 - 2018-02-14 03:29 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-03-23 00:00 - 2018-02-14 03:26 - 020274176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2018-03-23 00:00 - 2018-02-14 03:06 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2018-03-23 00:00 - 2018-02-14 03:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-03-23 00:00 - 2018-02-14 03:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2018-03-23 00:00 - 2018-02-14 03:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2018-03-23 00:00 - 2018-02-14 03:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2018-03-23 00:00 - 2018-02-14 02:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2018-03-23 00:00 - 2018-02-14 02:57 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2018-03-23 00:00 - 2018-02-14 02:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2018-03-23 00:00 - 2018-02-14 02:43 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2018-03-23 00:00 - 2018-02-14 02:42 - 004498944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2018-03-23 00:00 - 2018-02-14 02:39 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2018-03-23 00:00 - 2018-02-14 02:35 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2018-03-23 00:00 - 2018-02-14 02:35 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2018-03-23 00:00 - 2018-02-14 02:34 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2018-03-23 00:00 - 2018-02-14 02:22 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2018-03-23 00:00 - 2018-02-14 02:16 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2018-03-23 00:00 - 2017-10-12 03:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
      2018-03-23 00:00 - 2017-10-12 03:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
      2018-03-23 00:00 - 2017-05-10 18:29 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2018-03-23 00:00 - 2017-05-10 18:29 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
      2018-03-23 00:00 - 2017-05-10 18:14 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2018-03-23 00:00 - 2017-05-10 18:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
      2018-03-23 00:00 - 2017-05-10 18:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
      2018-03-23 00:00 - 2017-05-10 18:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
      2018-03-22 23:59 - 2018-02-14 22:48 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-03-22 23:59 - 2018-02-14 21:57 - 000347288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2018-03-22 23:59 - 2018-02-14 04:34 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2018-03-22 23:59 - 2018-02-14 04:23 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-03-22 23:59 - 2018-02-14 04:22 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2018-03-22 23:59 - 2018-02-14 04:21 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-03-22 23:59 - 2018-02-14 04:14 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2018-03-22 23:59 - 2018-02-14 04:11 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2018-03-22 23:59 - 2018-02-14 04:10 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-03-22 23:59 - 2018-02-14 04:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-03-22 23:59 - 2018-02-14 03:56 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2018-03-22 23:59 - 2018-02-14 03:55 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-03-22 23:59 - 2018-02-14 03:53 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-03-22 23:59 - 2018-02-14 03:50 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-03-22 23:59 - 2018-02-14 03:49 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2018-03-22 23:59 - 2018-02-14 03:40 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-03-22 23:59 - 2018-02-14 03:38 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-03-22 23:59 - 2018-02-14 03:17 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-03-22 23:59 - 2018-02-14 03:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2018-03-22 23:59 - 2018-02-14 03:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2018-03-22 23:59 - 2018-02-14 03:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2018-03-22 23:59 - 2018-02-14 03:02 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2018-03-22 23:59 - 2018-02-14 03:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2018-03-22 23:59 - 2018-02-14 02:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2018-03-22 23:59 - 2018-02-14 02:50 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2018-03-22 23:59 - 2018-02-14 02:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2018-03-22 23:59 - 2018-02-14 02:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2018-03-22 23:59 - 2018-02-14 02:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2018-03-22 23:59 - 2018-02-14 02:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2018-03-22 23:59 - 2018-02-14 02:43 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2018-03-22 23:59 - 2018-02-14 02:42 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2018-03-22 23:59 - 2018-02-14 02:37 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2018-03-22 23:59 - 2018-02-14 02:18 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2018-03-22 23:59 - 2018-01-15 22:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2018-03-22 23:59 - 2018-01-15 22:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2018-03-22 23:59 - 2018-01-12 19:46 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2018-03-22 23:59 - 2018-01-12 19:44 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-03-22 23:59 - 2018-01-12 19:44 - 001894120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-03-22 23:59 - 2018-01-12 19:44 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2018-03-22 23:59 - 2018-01-12 19:44 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2018-03-22 23:59 - 2018-01-12 19:44 - 000371432 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2018-03-22 23:59 - 2018-01-12 19:44 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2018-03-22 23:59 - 2018-01-12 19:44 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-03-22 23:59 - 2018-01-12 19:44 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2018-03-22 23:59 - 2018-01-12 19:44 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2018-03-22 23:59 - 2018-01-12 19:40 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-03-22 23:59 - 2018-01-12 19:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2018-03-22 23:59 - 2018-01-12 19:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2018-03-22 23:59 - 2018-01-12 19:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
      2018-03-22 23:59 - 2018-01-12 19:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 19:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
      2018-03-22 23:59 - 2018-01-12 19:16 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2018-03-22 23:59 - 2018-01-12 19:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2018-03-22 23:59 - 2018-01-12 19:15 - 000032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2018-03-22 23:59 - 2018-01-12 19:11 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2018-03-22 23:59 - 2018-01-12 19:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2018-03-22 23:59 - 2018-01-12 19:11 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2018-03-22 23:59 - 2018-01-12 19:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2018-03-22 23:59 - 2018-01-12 19:07 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2018-03-22 23:59 - 2018-01-12 19:06 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2018-03-22 23:59 - 2018-01-12 19:03 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-03-22 23:59 - 2018-01-12 19:02 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2018-03-22 23:59 - 2018-01-12 19:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2018-03-22 23:59 - 2018-01-12 19:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2018-03-22 23:59 - 2018-01-12 19:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2018-03-22 23:59 - 2018-01-12 19:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2018-03-22 23:59 - 2018-01-12 18:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2018-03-22 23:59 - 2018-01-12 18:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2018-03-22 23:59 - 2018-01-12 18:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2018-03-22 23:59 - 2018-01-12 18:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2018-03-22 23:59 - 2018-01-12 18:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2018-03-22 23:59 - 2018-01-12 18:56 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 18:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 18:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-12 18:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2018-03-22 23:59 - 2018-01-11 19:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2018-03-22 23:59 - 2018-01-11 19:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2018-03-22 23:59 - 2018-01-11 19:09 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-03-22 23:59 - 2018-01-05 19:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2018-03-22 23:59 - 2018-01-05 19:31 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2018-03-22 23:59 - 2018-01-05 19:30 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-03-22 23:59 - 2018-01-05 19:30 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-03-22 23:59 - 2018-01-05 19:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2018-03-22 23:59 - 2018-01-05 19:25 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-03-22 23:59 - 2018-01-05 19:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2018-03-22 23:59 - 2018-01-05 19:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2018-03-22 23:59 - 2018-01-05 19:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
      2018-03-22 23:59 - 2018-01-05 19:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
      2018-03-22 23:59 - 2018-01-05 19:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
      2018-03-22 23:59 - 2018-01-05 18:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2018-03-22 23:59 - 2018-01-01 05:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-03-22 23:59 - 2018-01-01 05:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
      2018-03-22 23:59 - 2018-01-01 05:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-03-22 23:59 - 2018-01-01 05:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-03-22 23:59 - 2018-01-01 05:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2018-03-22 23:59 - 2018-01-01 05:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
      2018-03-22 23:59 - 2018-01-01 05:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
      2018-03-22 23:59 - 2018-01-01 05:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
      2018-03-22 23:59 - 2018-01-01 05:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
      2018-03-22 23:59 - 2018-01-01 05:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
      2018-03-22 23:59 - 2018-01-01 05:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2018-03-22 23:59 - 2018-01-01 05:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2018-03-22 23:59 - 2018-01-01 05:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-03-22 23:59 - 2018-01-01 05:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
      2018-03-22 23:59 - 2018-01-01 05:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
      2018-03-22 23:59 - 2018-01-01 05:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2018-03-22 23:59 - 2018-01-01 05:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
      2018-03-22 23:59 - 2018-01-01 04:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2018-03-22 23:59 - 2018-01-01 04:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
      2018-03-22 23:59 - 2018-01-01 04:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-03-22 23:59 - 2018-01-01 04:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
      2018-03-22 23:59 - 2018-01-01 04:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
      2018-03-22 23:59 - 2018-01-01 04:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-03-22 23:59 - 2018-01-01 04:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
      2018-03-22 23:59 - 2018-01-01 04:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
      2018-03-22 23:59 - 2018-01-01 04:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
      2018-03-22 23:59 - 2018-01-01 04:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
      2018-03-22 23:59 - 2018-01-01 04:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
      2018-03-22 23:59 - 2018-01-01 04:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
      2018-03-22 23:59 - 2018-01-01 04:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
      2018-03-22 23:59 - 2018-01-01 04:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
      2018-03-22 23:59 - 2018-01-01 04:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-03-22 23:59 - 2018-01-01 04:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-03-22 23:59 - 2018-01-01 04:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-03-22 23:59 - 2018-01-01 04:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-03-22 23:59 - 2018-01-01 04:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-03-22 23:59 - 2018-01-01 04:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2018-03-22 23:59 - 2017-12-21 09:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-03-22 23:59 - 2017-12-05 20:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2018-03-22 23:59 - 2017-12-05 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
      2018-03-22 23:59 - 2017-12-05 20:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2018-03-22 23:59 - 2017-12-05 19:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
      2018-03-22 23:59 - 2017-12-05 18:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
      2018-03-22 23:59 - 2017-11-04 18:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
      2018-03-22 23:59 - 2017-11-04 18:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
      2018-03-22 23:59 - 2017-11-04 18:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
      2018-03-22 23:59 - 2017-11-04 18:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
      2018-03-22 23:59 - 2017-11-02 19:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
      2018-03-22 23:59 - 2017-11-02 19:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
      2018-03-22 23:59 - 2017-11-02 19:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
      2018-03-22 23:59 - 2017-11-02 19:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
      2018-03-22 23:59 - 2017-11-02 18:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
      2018-03-22 23:59 - 2017-11-02 18:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
      2018-03-22 23:59 - 2017-11-02 18:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
      2018-03-22 23:59 - 2017-11-02 17:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
      2018-03-22 23:59 - 2017-10-18 05:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
      2018-03-22 23:59 - 2017-10-18 05:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
      2018-03-22 23:59 - 2017-10-17 02:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
      2018-03-22 23:59 - 2017-10-17 01:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
      2018-03-22 23:59 - 2017-10-17 00:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
      2018-03-22 23:59 - 2017-10-12 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
      2018-03-22 23:59 - 2017-10-12 03:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
      2018-03-22 23:59 - 2017-10-12 03:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
      2018-03-22 23:59 - 2017-10-12 03:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
      2018-03-22 23:59 - 2017-10-12 03:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
      2018-03-22 23:59 - 2017-10-12 03:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
      2018-03-22 23:59 - 2017-10-12 03:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
      2018-03-22 23:59 - 2017-10-12 03:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
      2018-03-22 23:59 - 2017-10-12 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
      2018-03-22 23:59 - 2017-10-12 03:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
      2018-03-22 23:59 - 2017-10-12 03:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
      2018-03-22 23:59 - 2017-10-12 03:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
      2018-03-22 23:59 - 2017-10-12 03:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
      2018-03-22 23:59 - 2017-10-12 03:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
      2018-03-22 23:59 - 2017-10-12 03:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
      2018-03-22 23:59 - 2017-10-12 03:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
      2018-03-22 23:59 - 2017-10-12 03:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
      2018-03-22 23:59 - 2017-10-12 03:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
      2018-03-22 23:59 - 2017-09-13 18:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2018-03-22 23:59 - 2017-09-13 18:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
      2018-03-22 23:59 - 2017-09-13 18:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
      2018-03-22 23:59 - 2017-09-13 18:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
      2018-03-22 23:59 - 2017-09-13 18:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
      2018-03-22 23:59 - 2017-09-13 18:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
      2018-03-22 23:59 - 2017-09-13 18:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2018-03-22 23:59 - 2017-09-13 18:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
      2018-03-22 23:59 - 2017-09-13 18:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
      2018-03-22 23:59 - 2017-09-13 18:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
      2018-03-22 23:59 - 2017-09-13 18:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
      2018-03-22 23:59 - 2017-09-13 18:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2018-03-22 23:59 - 2017-09-08 18:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
      2018-03-22 23:59 - 2017-09-08 18:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
      2018-03-22 23:59 - 2017-09-08 17:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2018-03-22 23:59 - 2017-09-08 17:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2018-03-22 23:59 - 2017-09-07 18:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
      2018-03-22 23:59 - 2017-09-07 18:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2018-03-22 23:59 - 2017-09-07 16:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2018-03-22 23:59 - 2017-08-19 18:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2018-03-22 23:59 - 2017-08-19 18:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2018-03-22 23:59 - 2017-08-19 18:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
      2018-03-22 23:59 - 2017-08-19 18:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2018-03-22 23:59 - 2017-08-19 18:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2018-03-22 23:59 - 2017-08-19 18:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
      2018-03-22 23:59 - 2017-08-19 18:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2018-03-22 23:59 - 2017-08-19 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2018-03-22 23:59 - 2017-08-19 18:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2018-03-22 23:59 - 2017-08-19 18:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2018-03-22 23:59 - 2017-08-19 17:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2018-03-22 23:59 - 2017-08-19 17:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2018-03-22 23:59 - 2017-08-16 18:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
      2018-03-22 23:59 - 2017-08-16 18:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
      2018-03-22 23:59 - 2017-08-14 20:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
      2018-03-22 23:59 - 2017-08-14 20:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
      2018-03-22 23:59 - 2017-08-14 00:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
      2018-03-22 23:59 - 2017-08-14 00:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
      2018-03-22 23:59 - 2017-08-14 00:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
      2018-03-22 23:59 - 2017-08-11 09:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
      2018-03-22 23:59 - 2017-08-11 09:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
      2018-03-22 23:59 - 2017-08-11 09:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
      2018-03-22 23:59 - 2017-08-11 09:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
      2018-03-22 23:59 - 2017-08-11 09:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
      2018-03-22 23:59 - 2017-08-11 09:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
      2018-03-22 23:59 - 2017-08-11 09:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
      2018-03-22 23:59 - 2017-08-11 09:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
      2018-03-22 23:59 - 2017-08-11 09:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
      2018-03-22 23:59 - 2017-08-11 09:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
      2018-03-22 23:59 - 2017-08-11 09:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
      2018-03-22 23:59 - 2017-08-11 09:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
      2018-03-22 23:59 - 2017-08-11 09:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
      2018-03-22 23:59 - 2017-08-11 09:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
      2018-03-22 23:59 - 2017-08-11 09:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
      2018-03-22 23:59 - 2017-08-11 09:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
      2018-03-22 23:59 - 2017-08-11 09:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
      2018-03-22 23:59 - 2017-08-11 09:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
      2018-03-22 23:59 - 2017-08-11 09:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
      2018-03-22 23:59 - 2017-08-11 09:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
      2018-03-22 23:59 - 2017-08-11 09:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
      2018-03-22 23:59 - 2017-08-11 08:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
      2018-03-22 23:59 - 2017-07-29 17:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
      2018-03-22 23:59 - 2017-07-21 17:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
      2018-03-22 23:59 - 2017-07-21 17:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
      2018-03-22 23:59 - 2017-07-21 17:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
      2018-03-22 23:59 - 2017-07-21 17:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
      2018-03-22 23:59 - 2017-07-14 18:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2018-03-22 23:59 - 2017-07-14 18:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
      2018-03-22 23:59 - 2017-07-14 18:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2018-03-22 23:59 - 2017-07-14 17:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2018-03-22 23:59 - 2017-07-14 17:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2018-03-22 23:59 - 2017-07-14 17:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
      2018-03-22 23:59 - 2017-07-07 18:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
      2018-03-22 23:59 - 2017-07-07 18:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
      2018-03-22 23:59 - 2017-07-07 18:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
      2018-03-22 23:59 - 2017-07-06 07:56 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
      2018-03-22 23:59 - 2017-07-01 16:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
      2018-03-22 23:59 - 2017-07-01 16:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
      2018-03-22 23:59 - 2017-06-13 01:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
      2018-03-22 23:59 - 2017-06-13 01:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
      2018-03-22 23:59 - 2017-06-13 01:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
      2018-03-22 23:59 - 2017-06-13 01:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
      2018-03-22 23:59 - 2017-06-13 01:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
      2018-03-22 23:59 - 2017-06-13 01:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
      2018-03-22 23:59 - 2017-06-13 01:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
      2018-03-22 23:59 - 2017-06-13 01:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
      2018-03-22 23:59 - 2017-06-13 01:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
      2018-03-22 23:59 - 2017-06-13 01:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
      2018-03-22 23:59 - 2017-06-13 01:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
      2018-03-22 23:59 - 2017-06-13 01:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
      2018-03-22 23:59 - 2017-06-13 01:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
      2018-03-22 23:59 - 2017-06-13 01:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
      2018-03-22 23:59 - 2017-06-02 11:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
      2018-03-22 23:59 - 2017-05-16 18:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2018-03-22 23:59 - 2017-05-16 18:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
      2018-03-22 23:59 - 2017-05-16 18:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
      2018-03-22 23:59 - 2017-05-12 19:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
      2018-03-22 23:59 - 2017-05-12 18:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
      2018-03-22 23:59 - 2017-05-12 18:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
      2018-03-22 23:59 - 2017-05-10 18:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
      2018-03-22 23:59 - 2017-05-10 18:29 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2018-03-22 23:59 - 2017-05-10 18:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
      2018-03-22 23:59 - 2017-05-10 18:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
      2018-03-22 23:59 - 2017-05-10 18:13 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
      2018-03-22 23:59 - 2017-05-10 18:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2018-03-22 23:59 - 2017-05-10 18:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2018-03-22 23:59 - 2017-05-10 18:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2018-03-22 23:59 - 2017-05-10 18:13 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
      2018-03-22 23:59 - 2017-05-10 18:13 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
      2018-03-22 23:59 - 2017-05-10 18:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
      2018-03-22 23:59 - 2017-05-10 18:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
      2018-03-22 23:59 - 2017-05-07 18:33 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
      2018-03-22 23:59 - 2017-05-07 18:29 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
      2018-03-22 23:59 - 2017-03-30 18:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
      2018-03-22 23:59 - 2017-03-30 17:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
      2018-03-22 23:56 - 2015-12-16 21:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
      2018-03-22 23:56 - 2015-12-16 21:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
      2018-03-22 23:56 - 2015-12-16 21:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
      2018-03-22 23:56 - 2015-12-16 21:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
      2018-03-22 23:56 - 2015-12-16 21:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
      2018-03-22 23:56 - 2015-12-16 21:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
      2018-03-22 23:55 - 2016-08-29 18:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
      2018-03-22 23:55 - 2016-08-29 17:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
      2018-03-22 23:47 - 2018-02-13 21:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-03-22 23:47 - 2018-02-13 21:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-03-22 23:47 - 2018-02-13 17:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-03-22 23:47 - 2018-02-13 17:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-11 18:30 - 2015-12-28 23:01 - 000000000 ____D C:\Download
      2018-04-11 18:27 - 2018-01-09 09:39 - 000367616 ___SH C:\Users\Pyrpyl_HP\Desktop\Thumbs.db
      2018-04-11 18:12 - 2009-07-14 07:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-04-11 18:12 - 2009-07-14 07:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-04-11 18:09 - 2009-07-14 08:13 - 000784286 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-04-11 18:09 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
      2018-04-11 18:05 - 2014-09-21 10:54 - 000000000 ____D C:\ProgramData\PDFC
      2018-04-11 18:04 - 2018-03-04 13:25 - 000000000 ____D C:\Users\Pyrpyl_HP\AppData\Local\Viber
      2018-04-11 18:04 - 2015-12-19 13:15 - 000000482 _____ C:\Windows\Tasks\Wise Memory Optimizer Task.job
      2018-04-11 18:04 - 2015-09-13 18:26 - 000065536 _____ C:\Windows\system32\Ikeext.etl
      2018-04-11 18:04 - 2014-09-20 18:12 - 000000000 ____D C:\Users\Pyrpyl_HP
      2018-04-11 18:04 - 2014-09-20 16:41 - 000000208 _____ C:\Windows\Tasks\AutoKMS.job
      2018-04-11 18:04 - 2013-12-27 18:06 - 000001077 _____ C:\Windows\SysWOW64\bscs.ini
      2018-04-11 18:04 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-04-11 18:03 - 2017-11-01 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iVMS-4200 Station
      2018-04-11 18:03 - 2014-08-20 13:33 - 000000000 ____D C:\Users\Pyrpyl_HP\AppData\Local\bluesoleil
      2018-04-11 18:03 - 2009-07-14 08:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
      2018-04-11 18:02 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\registration
      2018-04-09 05:49 - 2017-10-29 11:48 - 000000000 ____D C:\Program Files\iVMS-4200 Station
      2018-03-23 20:20 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache
      2018-03-23 07:36 - 2014-12-14 11:55 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-03-23 07:26 - 2016-07-09 09:45 - 000000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
      2018-03-23 07:26 - 2014-09-20 08:47 - 000000000 ____D C:\Intel
      2018-03-23 07:24 - 2009-07-14 07:45 - 000442096 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-03-23 07:21 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
      2018-03-23 07:21 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
      2018-03-23 07:20 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\Setup
      2018-03-23 07:20 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\migwiz
      2018-03-23 07:19 - 2014-12-10 16:38 - 000000000 ____D C:\Windows\system32\appraiser
      2018-03-23 00:46 - 2014-09-20 19:04 - 000768596 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      2018-03-23 00:38 - 2014-09-20 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      2018-03-23 00:37 - 2014-09-20 22:31 - 000000000 ____D C:\Program Files\Microsoft Silverlight
      2018-03-23 00:37 - 2014-09-20 22:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
      2018-03-23 00:37 - 2014-09-20 18:09 - 000000000 ____D C:\Program Files\Intel
      2018-03-23 00:27 - 2014-09-20 19:14 - 000000000 ____D C:\Windows\system32\MRT
      2018-03-23 00:11 - 2014-09-20 19:14 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2018-03-18 18:21 - 2014-08-20 13:55 - 000000000 ____D C:\Users\Pyrpyl_HP\AppData\Local\Adobe
      2018-03-18 18:20 - 2017-03-17 22:56 - 000004490 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2018-03-18 18:20 - 2014-08-20 13:55 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2018-03-18 18:20 - 2014-08-20 13:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2018-03-18 18:20 - 2014-08-20 13:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-03-18 18:20 - 2014-08-20 13:55 - 000000000 ____D C:\Windows\system32\Macromed
      2018-03-17 10:01 - 2016-05-07 09:41 - 000000000 ____D C:\Users\Pyrpyl_HP\AppData\Roaming\ViberPC
      ==================== Files in the root of some directories =======
      2017-01-04 22:48 - 2017-01-10 08:07 - 000000146 _____ () C:\Users\Pyrpyl_HP\AppData\Roaming\gamma_ramp.reg
      2014-09-01 11:18 - 2014-09-01 11:18 - 000001248 _____ () C:\Users\Pyrpyl_HP\AppData\Roaming\OZWDNTC
      2014-09-01 11:18 - 2014-09-01 11:18 - 000001248 _____ () C:\Users\Pyrpyl_HP\AppData\Roaming\ZRZYR
      2015-01-18 00:28 - 2015-01-18 00:28 - 000003584 _____ () C:\Users\Pyrpyl_HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-10-17 22:18 - 2014-10-17 22:18 - 001065984 _____ () C:\Users\Pyrpyl_HP\AppData\Local\file__0.localstorage
      2014-12-11 14:08 - 2017-12-15 23:25 - 000007601 _____ () C:\Users\Pyrpyl_HP\AppData\Local\Resmon.ResmonCfg
      2017-03-17 18:54 - 2017-03-26 11:30 - 000000552 _____ () C:\Users\Pyrpyl_HP\AppData\Local\TroubleshooterConfig.json
      2017-01-04 22:48 - 2017-01-04 22:48 - 000017408 _____ () C:\Users\Pyrpyl_HP\AppData\Local\WebpageIcons.db
      2016-06-10 07:30 - 2016-06-10 07:30 - 000000000 _____ () C:\Users\Pyrpyl_HP\AppData\Local\{C101F823-7CF0-464A-9871-F23C7FFC200B}
      Some files in TEMP:
      ====================
      2017-07-16 17:47 - 2017-07-16 17:47 - 000000000 ____D () C:\Users\Pyrpyl_HP\AppData\Local\Temp\avgnt.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-04-08 00:07
      ==================== End of FRST.txt ============================
       
       
       
       
       
       
       
      Addition.txt
    • от мирослав24
      Здравейте,всеки път като стартирам компютъра ми се появява инсталатор и ми пише че ми липсва BPD Software и се налага много пъти да отказвам всеки прозорец който се появи.На това отгоре и принтера ми не печата като му дам задачата,но пък пусна ли му тест страница я печата.На прозореца със задачи на принтера стои надписа-Offline.Деинсталирах софтуера му,инсталирах наново ,но по някаква причина не довърши нацяла инсталацията.Опитах да деинсталирам пак-този път и деиснталатора му не можа да се включи.Третото което забелязах браузъра стана бавен и като има оворени 5-6 страници му трябва около минута на превлюча от едната на другата .Прилагам резултатите от сканиране с FRST:
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
      Ran by User1 (administrator) on PC1 (26-03-2018 11:32:15)
      Running from C:\Documents and Settings\User1\Desktop
      Loaded Profiles: User1 (Available Profiles: User1 & User2 & Administrator)
      Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      () C:\WINDOWS\tsnpstd3.exe
      () C:\WINDOWS\vsnpstd3.exe
      () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe
      () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [262144 2006-06-19] ()
      HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [827392 2006-09-19] ()
      HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [8063200 2016-07-18] ()
      HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Messenger (Yahoo!)] => "F:\SKYPE_~1\yahoo\Messenger\YahooMessenger.exe" -quiet
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [395640 2011-05-02] (BitTorrent, Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Google Update] => C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-12-02] (Google Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
      HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-14] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [1319936 2017-12-08] (Adobe Systems Incorporated)
      Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-09-02]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk [2018-03-26]
      ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{0227FD86-8C54-4C88-8029-3F44137A8ADF}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_152\bin\ssv.dll [2017-12-08] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_152\bin\jp2ssv.dll [2017-12-08] (Oracle Corporation)
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-08] ()
      FF Plugin: @java.com/DTPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\dtplugin\npDeployJava1.dll [2017-12-08] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\plugin2\npjp2.dll [2017-12-08] (Oracle Corporation)
      FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.)
      FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-08] (Adobe Systems Incorporated) [File not signed]
      S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
      R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
      R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
      R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
      R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo)
      R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
      R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
      S3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
      R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
      S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-01-12] (Oracle Corporation)
      R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
      R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
      R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [664040 2016-07-18] ()
      S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
      S3 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
      R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
      R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
      R3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
      R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
      R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
      R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
      R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
      R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-06-18] (Advanced Micro Devices)
      S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
      S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
      R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed]
      R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
      R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [175008 2016-04-28] (BitDefender LLC)
      R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-19] (HP)
      R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-19] (HP)
      R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-19] (HP)
      R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
      R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4368896 2006-08-15] (Realtek Semiconductor Corp.) [File not signed]
      R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
      R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
      R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
      R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
      S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
      R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
      R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
      R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
      R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
      R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
      S3 SNPSTD3; C:\WINDOWS\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.)
      R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
      R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
      S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-04-28] (BitDefender S.R.L.)
      S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
      R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
      R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
      S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
      S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
      S3 catchme; \??\C:\DOCUME~1\User1\LOCALS~1\Temp\catchme.sys [X]
      S4 IntelIde; no ImagePath
      S2 StarOpen; no ImagePath
      S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
      S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-03-26 11:32 - 2018-03-26 11:32 - 000014199 _____ C:\Documents and Settings\User1\Desktop\FRST.txt
      2018-03-26 11:31 - 2018-03-26 11:32 - 000000000 ____D C:\FRST
      2018-03-26 11:31 - 2018-03-26 11:31 - 001764352 _____ (Farbar) C:\Documents and Settings\User1\Desktop\FRST.exe
      2018-03-24 12:57 - 2018-03-24 12:57 - 000025128 _____ C:\Documents and Settings\User1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2018-03-24 12:49 - 2018-03-26 11:08 - 000002704 _____ C:\WINDOWS\SchedLgU.Txt
      2018-03-24 12:49 - 2018-03-24 12:49 - 000146016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-03-24 12:46 - 2018-03-24 12:46 - 000000000 ____D C:\SecurityCheck
      2018-03-24 12:46 - 2018-03-24 12:46 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
      2018-03-24 12:46 - 2018-03-24 12:46 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\HP Product Assistant
      2018-03-23 14:34 - 2018-03-23 14:42 - 000155923 _____ C:\WINDOWS\hpwins12.dat
      2018-03-15 13:23 - 2018-03-15 13:23 - 000420352 _____ C:\Documents and Settings\User2\Desktop\ценова листа-март 2018.xls
      2018-03-14 12:57 - 2018-03-16 15:10 - 000059904 _____ C:\Documents and Settings\User2\Desktop\Животни родени 2017 Valta.xls
      2018-03-08 12:19 - 2018-03-08 12:19 - 000163394 _____ C:\Documents and Settings\User2\Desktop\Крушаре милк.htm
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-03-26 11:32 - 2015-07-18 13:46 - 000000000 ____D C:\Documents and Settings\User1\Local Settings\temp
      2018-03-26 11:17 - 2016-02-20 13:25 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield
      2018-03-26 11:17 - 2015-06-22 14:14 - 000000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
      2018-03-26 11:17 - 2014-01-31 13:39 - 000002051 _____ C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
      2018-03-26 11:17 - 2011-05-02 12:46 - 000000000 ____D C:\Documents and Settings\User1\Application Data\uTorrent
      2018-03-26 11:17 - 2011-05-02 10:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-03-26 10:55 - 2013-03-08 15:11 - 000001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003UA.job
      2018-03-26 10:21 - 2015-04-26 09:48 - 000000000 ____D C:\Documents and Settings\User2\Application Data\Skype
      2018-03-26 09:01 - 2011-05-02 13:28 - 000000000 ____D C:\Documents and Settings\User2\Local Settings\Temp
      2018-03-26 08:09 - 2011-05-02 13:03 - 000509828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-03-26 08:07 - 2001-08-23 12:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
      2018-03-24 13:18 - 2011-05-02 12:10 - 000000178 ___SH C:\Documents and Settings\User1\ntuser.ini
      2018-03-24 12:48 - 2011-09-09 16:58 - 000000000 ____D C:\Documents and Settings\Administrator
      2018-03-24 12:48 - 2011-05-02 13:28 - 000000000 ____D C:\Documents and Settings\User2
      2018-03-24 12:48 - 2011-05-02 12:10 - 000000000 ____D C:\Documents and Settings\User1
      2018-03-24 12:48 - 2011-05-02 10:20 - 000000000 ___SD C:\Documents and Settings\LocalService
      2018-03-24 12:48 - 2011-05-02 10:17 - 000000000 ___SD C:\Documents and Settings\NetworkService
      2018-03-24 12:48 - 2011-05-02 10:09 - 000000000 ____D C:\WINDOWS\Registration
      2018-03-24 12:46 - 2017-09-02 13:00 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\HP
      2018-03-24 12:46 - 2017-09-02 12:58 - 000000000 ____D C:\Program Files\HP
      2018-03-24 12:46 - 2016-02-20 13:29 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Unchecky
      2018-03-24 12:46 - 2011-05-02 12:58 - 000000000 ____D C:\WINDOWS\inf
      2018-03-24 11:48 - 2017-01-16 13:16 - 000000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
      2018-03-24 11:48 - 2011-05-02 10:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2018-03-23 13:55 - 2013-03-08 15:11 - 000001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003Core.job
      2018-03-22 16:28 - 2015-06-22 14:14 - 000000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
      ==================== Files in the root of some directories =======
      2011-05-02 13:33 - 2014-09-24 16:20 - 000014848 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-01-01 13:07 - 2014-01-01 13:07 - 000000036 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\housecall.guid.cache
      2011-05-15 13:35 - 2011-05-15 13:35 - 000000056 _____ () C:\Documents and Settings\All Users\Application Data\ezsidmv.dat
      2017-09-02 12:57 - 2018-03-26 11:15 - 000006476 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
      Some files in TEMP:
      ====================
      2018-03-23 13:51 - 2007-05-22 04:45 - 001140312 ____N (Hewlett-Packard) C:\Documents and Settings\User1\Local Settings\temp\hpzmsi01.exe
      2018-03-23 13:51 - 2007-05-22 04:39 - 001099352 ____N (Hewlett-Packard) C:\Documents and Settings\User1\Local Settings\temp\hpzscr01.exe
      2017-12-20 06:57 - 2017-12-20 06:57 - 001864256 _____ (Oracle Corporation) C:\Documents and Settings\User1\Local Settings\temp\jre-8u161-windows-au.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => MD5 is legit
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => MD5 is legit
      C:\WINDOWS\system32\dnsapi.dll => MD5 is legit
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      ==================== End of FRST.txt ============================
      Addition.txt
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.