Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

Dreamshound

Bitcoin Miner? checker.exe infection

Препоръчан отговор


Здравейте,

от вече 2 дни имам проблеми с лаптопа като периодично независимо какво правя на компютъра, изведнъж всичко блокира, екранът причернява и след няколко секунди се оправя като изписва, че Display drivers na nVidia са крашнали и са се възстановили. Също така процесорът на компютъра беше доста натоварен, затова след влизане в Task Manager открих въпросният checker.exe, който забавяше цялата машина. След прекратяване на процеса и запомняне на точното му местонахождение мислех, че след delete всичко ще се оправи... E, отново ставаше същото само че преди да изпише, че драйвърите отново са крашнали ми изписваше, че checker.exe е спрял да работи или нещо такова (на windows 8 съм). Също така откакто имам този проблем, лаптопът ми издава странно бучене, някакви звуци, които мисля, че идват от видеокартата. Бях потърсил решения по форума в следната тема: http://www.kaldata.com/forums/topic/202776-checkerexe-%D0%B3%D1%80%D0%B5%D1%88%D0%BA%D0%B0/ но решение при мен не открих. Бих ви благодарил, ако някой ми обясни по-подробно и нагледно какво да направя за проблема и неговото разрешаване. Благодаря ви!

 

// Не мога да публикувам DDS файл, тъй като съм на Windows 8.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

[*]Моля изтеглете Farbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.

[*]Стартирайте файла FRST.exe (или FRST64.exe)

[*]Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.

[*]Сложете всички отметки.

[*]Натиснете бутона SCAN.

[*]Ще се създадат два лог файл с името - FRST.txt и Addition.txt на десктопа.

[*]Прикачете лог файловете в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Незнам защо си разваляте хубавия Windows с излишни глупости. :)

 

1.Деинсталирайте Mcafee, защото Windows 8 има вградена антивирусна наречена Windows Defender (и двете ще си пречат).

2.Избягвайте програми за оптимизация (като RegCleanPro и т.н.).

3.Сега изтеглете прикачения файл =>  fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата.

4. Публикувано изображение Изтеглете Malwarebytes' Anti-Malware

  • [*]Кликнете два пъти върху
mbam-setup.exe, за да инсталирате програмата. [*]Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish. [*]Ако има намерени обновявания, тя ще ги изтегли и инсталира. [*]Стартирайте програмата и изберете "Perform Quick Scan", след това кликнете на Scan. [*]Сканирането ще отнеме малко време, затова моля да бъдете търпеливи. [*]Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата. [*]Уверете се, че на всички редове има отметки (ако няма на някои обекти ги поставете ръчно), и кликнете на Remove Selected. [*]Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. [*]Прикачете този лог в следващия си коментар в темата.

Забележка: Ако MalwareBytes'Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поискада рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

 

 

 

5.Публикувано изображение
Моля изтеглете AdwCleaner от Xplode и го запазете на вашия десктоп.

  • [*]Кликнете с двукратен клик на мишката върху
AdwCleaner.exe за да стартирате инструмента.(За потребителите на Vista/Windows 7/8 изберете с десен бутон върху иконата на инструмента и натиснете Run as administrator. [*]Натиснете бутона Scan. [*]Проверката ще започне...бъдете търпеливи докато тя завърши. [*]След като проверката приключи, натиснете бутона Clean. [*]Натиснете OK на диалоговия прозорец, който ще се появи подканвайки Ви да затворите всички активни приложения. [*]Натиснете OK отново за да позволите на AdwCleaner да рестартира компютъра и да довърши почистващия процес. [*]След рестарта ще се появи автоматично лог файл с името (AdwCleaner[s0].txt). [*]Прикачете съдържанието му в следващия си коментар [*]Копие на лог файла можеш да намериш и в папката C:AdwCleaner.

 

 

 

6.Публикувано изображение Моля изтеглете Junkware Removal Tool на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извърших всички стъпки успешно, не ми е причернявал екрана засега. Добавих снимка на някакви известия, които една от програмите започна да изписва, прикачени са и логовете.

post-342238-0-72193400-1380744815_thumb.

mbam-log-2013-10-02 (22-50-40).txt

JRT.txt

Fixlog.txt

AdwCleanerS0.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Съобщението не е свързано с вирусна антивност поне що се отнася до IP адреса блокиран от MBAM.

Причинява се от Pandora. Ако не я използвате, просто я деинсталирайте.

Колкото до Windows Defender - явно тя е намерила файла чак след като FRSТ се е опитал да го изтрие и затова го няма и в лога де:

 

C:Usersnosen_000AppDataRoamingMicrosoftDTProc.exe => No running process found HKCUSoftwareMicrosoftWindowsCurrentVersionRunIntegrated Driver => Value not found.

 

Може да ми покажете снимка на карантината от Windows Defender за всеки случай.

 

Направете нова проверка с FRST и прикачете новите логове.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Деинсталирах Pandora-та от контролния панел. Потърсих за DTProc.exe в C:Usersnosen_000AppDataRoamingMicrosoft, но такова там нямаше. Също така не намерих тази директория: HKCUSoftwareMicrosoftWindowsCurrentVersionRunIntegrated Driver

Направих нов scan и логът е качен.

Ето снимка от карантината на Windows Defender, не съм предприемал никакви действия:

 

post-342238-0-88590500-1380782262_thumb.

FRST.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

То какви действия да сте предприемали...то се вижда, че Windows Defender ги е бутнал под карантината. (няма нужда да ги търсите ръчно - както казах, щом ги няма в лога значи Windows Defender си е свършил работата след като сме указали на FRST къде да търси и чак тогава е прогледнал). :)

Кликнете все пак на всеки един ред на заразите за да видя тяхния File Path.

 

Колкото до лога на FRST - то лога е чист с изключение на следните 3 настройки, които могат да се оправят единствено чрез настройките на самия браузър:

 

CHR DefaultSearchURL: (SearchGol) - http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=42411E85DE8B3523&affID=120695&tt=021013_ctrl&tsp=5023

CHR DefaultSuggestURL: (SearchGol) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

 

https://support.google.com/chrome/answer/3296214?hl=en

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Само че то беше написано, че при висок риск е хубаво да Windows Defender да премахне заплахата, затова и ги изтрих и не видях Path на файловете. Надявам се, че все пак няма заплаха от това... Ресетнах браузъра си, спазвайки опътването. След като вече и логовете са чисти предполагам, че компютърът ми вече е извън заплаха. Екранът вече не причернява, лаптопът си върви с обичайната бързина без проблеми. Само остана да попитам в една друга тема, линкната в първия ми пост, бях прочел, че този така наречен checker.exe предизвиква видеокартата да дава проблеми и да започва да издава някакви звуци. Засега моята не ми дава проблеми, но чувам звуци от лаптопа подобни на как да опиша... някакво развалено радио... сложно е да опиша, но са доста странни и чести звуците с минутна продължителност. Възможно ли е в моя случай това да се е предизвикало от този checker.exe или това вече си е отделен проблем на машината, тъй като този странен звук продължава да се появява от време на време.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Та вирусът явно наистина е премахнат, но продължавам да чувам тези странни звуци от машината. Също така откакто е оправен проблемът, лаптопът е много по-бавен, забива доста често - под забива имам предвид, че за няколко секунди всичко блокира и нищо не можеш да натиснеш, да отвориш, да затвориш. Сякаш съм седнал на компютрите от училище, които ще се предстваят по-добре от моя лаптоп. Някой да си има на идея дали е софтуерет или хардуерен проблема?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Извинявам се за забавянето, но съм настинал и не ми бе до форуми.

Направете нова проверка с FRST и прикачете новите лог файлове в следващия си коментар.

Бтв в Safe Mode имате ли подобни проблеми?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За мен проблема се дължи на огромния брой приложения зареждащи се с Windows и работещи във фонов режим.

 

Деинсталирайте следните програми:

 

AnVir Task Manager Free => вече не ви трябва

Java 7 Update 10 (64-bit) (Version: 7.0.100) => желателно е да инсталирате последната версия Java 7 Update 40
Java 7 Update 10 (x32 Version: 7.0.100)
Java Auto Updater (x32 Version: 2.1.9.0)

Java SE Development Kit 7 Update 10 (64-bit) (Version: 1.7.0.100)

Malwarebytes Anti-Malware, версия 1.75.0.1300 (x32 Version: 1.75.0.1300) =>  Съветвам ви да деинсталирате MBAM, да почистите след него с това - mbam-clean.exe.

Рестартирайте системата и след това инсталирайте последната версия оттук - (като не активирате защитата в реално време по време на инсталацията).

Т.е. не слагайте отметка тук:

Публикувано изображение

 

Това ще намали броя на процесите и услугите с още няколко.

NVIDIA 3D Vision Driver 306.14 (Version: 306.14) => ако не използвате 3D функционалността на драйвърите...
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0614)

Skype Click to Call (x32 Version: 6.12.13601) => ако не използвате добавката към браузърите

Winamp Detector Plug-in (HKCU Version: 1.0.0.1) => ако не сте го използвали никога

 

След това да премахнем някои остатъци от тулбарите + някои програми от това да зареждат с Windows:

 

Първо да направим бекъп на регистрите:

  • [*]Изтеглете и инсталирайте
Tweaking.com-Registry Backup [*]Отворете Tweaking.com-Registry Backup и натиснете Backup Now. [*]Затворете приложението.

Сега изтеглете прикачения файл => fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата.

 

Направете една дефрагментация с MyDefrag. Изтеглете програмата и я инсталирайте.

 

Изберете System Disk Monthly => Посочете системния и recovery дяловете и натиснете Run

 

Публикувано изображение

 

Може да отнеме доста време...след като приключи ще изпише Finished и можете да затворите програмата от X-са

 

Публикувано изображение

 

След това рестартирайте системата и пишете дали проблемите остават.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извърших всички стъпки, включително и дефрагментацията, която отне доста време. Засега компютърът не дава проблеми, скоростта си е отлична. Прикачил съм логовете. Ще наблюдавам как ще се представи сега машината и да се надяваме, че проблеми няма да има :)

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да не сте стартирали скрипта два пъти? Показва, че елементите не са намерени...

Както и да е...можете и ръчно да премахнете нежеланите програми да зареждат с Windows с помощта на start => msconfig.exe или на програмата Autoruns

 

Пишете как е положението после за да знам дали да маркирам темата като решена.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Еми нека засега си остане отворена темата и в рамките на няколко дни, ако не се появи проблем, нека бъде затворена. Благодаря много за помощта. Не знам какво бих правил, ако не беше форума и разбира се вашата помощ. :)

Иначе звукът от лаптопа все още не спира. Опитах да го запиша с Voice Memos от iPhone. Малко тихичко се чува, но все пак да придобиете представа за звука. http://dox.bg/files/dw?a=6abf46095e

 

// Постнах за всеки случай и в раздел хардуер за проблема ми - http://www.kaldata.com/forums/topic/217292-%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC-%D1%81-asus-g75vx/

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Линка не работи:

 

HTTP Status 404

 

А иначе...опитайте в Safe Mode да видите дали звуците продължават:

 

http://www.redmondpie.com/how-to-boot-into-windows-8-safe-mode/

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Бучи нещо си наистина - може би трябва да се занесе на сервиз и да се отвори за да се види дали не е от някой вентилатор...ама не може да е съвпадение все на хора с bitcoin miner-и да се случва, защото не сте първия с този проблем след почистването.Нещо като модем се чува от времето, когато нета минаваше през Dial-Up...

 

Трябва по-метода на изключването да караме....

 

1.Ако в Safe Mode няма проблеми или ако можете да опитате с LiveCD на Ubuntu, значи или се е омазала нещо Операционната Система и преинсталация ще реши проблема или имаме още за почистване.

2.Ако и в Safe Mode/Ubuntu има проблеми значи проблема е хардуерен и е за профилактика в сервиз.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Всъщност нека да повторим част от скрипта, защото не е сработил:

 

Сега изтеглете прикачения файл => http://file.bg/f261332ryFdD и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Мисля, че този път стана, но програмата не поиска да рестартира компютъра ми? Да няма някакъв проблем?

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не, няма проблеми...просто е добре да рестартираш ръчно за да може тези програми които са зареждали досега с Windows да не се активират и това да намали броя на излишните процеси.

Колкото до звука - пробвахте ли в Safe Mode или с LiveCD на ubuntu за да знам дали проблема е хардуерен или софтуерен...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Еми всъщност пуснах компютъра в safe mode и нямаше никакви проблеми. Но пък в другата тема ми написаха, че звукът може би идва от твърдият диск. Направих следното http://windows.microsoft.com/bg-bg/windows-vista/check-your-hard-disk-for-errors и Windows ми изписа, че е коригирал някакви грешки по Disc D. Засега проблеми не са се появявали. Все още чакам, за да видя дали ще се появят...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Еми всъщност пуснах компютъра в safe mode и нямаше никакви проблеми. Но пък в другата тема ми написаха, че звукът може би идва от твърдият диск. Направих следното http://windows.microsoft.com/bg-bg/windows-vista/check-your-hard-disk-for-errors и Windows ми изписа, че е коригирал някакви грешки по Disc D. Засега проблеми не са се появявали. Все още чакам, за да видя дали ще се появят...

Пич ако питаш ,в един форум  заначи питаш там ,ако питаш в 5 форума , прави 5 различни решения , които дават един и съсщи резултат след дъги дискусии,човека те е уважил отговорил ,а ти отговаряш Направих следното, е как да получиш по вече помощ

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Еми всъщност пуснах компютъра в safe mode и нямаше никакви проблеми. Но пък в другата тема ми написаха, че звукът може би идва от твърдият диск. Направих следното http://windows.microsoft.com/bg-bg/windows-vista/check-your-hard-disk-for-errors и Windows ми изписа, че е коригирал някакви грешки по Disc D. Засега проблеми не са се появявали. Все още чакам, за да видя дали ще се появят...

 

Момент...проверката за грешки я направихте преди или след като проверихте положението в Safe Mode...Ако е преди това, може тя да е помогнала, но ако е след това едва ли CHKDSK е повлиява на резултатите. В смисъл хубаво е да се направи и да се провери за лоши сектори, както и да се следят останалите параметри на хардиска като S.M.A.R.T. и т.н. но ако в Safe Mode е нямало проблеми и сте заредили в Safe Mode преди да извършите проверката за грешки, значи едва ли тя е помогнала затова, а по-скоро имаме друг проблем...най-вероятно софтуерен причинен от бацила (ако е разбитал дадени настройки)...Ако обаче звука наистина е от хардиска и тези звуци се чуват и в Safe Mode (тук по-добре колегите от хардуерния раздел ще кажат) тогава положението е зле и това говори за износване на механиката и края на жизнения цикъл на хардиска. Но няма как да се чуе точно от къде е звука, без да се отвори лаптопа, защото може и някой вентилатор да се нуждае от смазка или просто лаптопа да е за почистване/профилактика. Но пък от друга страна BitCoinMiner не товари хардиска по-никакъв начин (освен ако няма нова версия, която да му задава доста I/O операции)...главно е насочен към CPU/GPU компонентите и следователно вече темата ще излезне извън моята компетентност...и ще се насочи към хардуерната област. Аз затова исках/м да определим дали проблемите ги има в Safe Mode или ако заредите в LiveCD на Ubuntu за теста или след CHKDSK-а направен от вас...ако ги няма значи имаме какво да чистим още или поне една преинсталация ще ви реши проблема...ако ги има и там значи сте за хардуерния раздел. Това е.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Подобни теми

    • от мирослав24
      Здравейте,изникна ми проблем с браузърите-основно ползвам комодо и по-рядко опера.От няколко дни обаче комодо-то се затваря самостоятелно докато съм в нета.Спря да отваря адрес ,който ползвам за работа(vpn тунел с CISCO софтуер).Реших да направя ъпдейт,свързва се,но излиза надпис че ъпдета не може да се направи.Деинсталирах старата версия и инсталирах чисто ново комодо от страницата им.Сега пък е адски бавен и отново не ми отваря тунела.Опера-та ми работи с адреса,но също се крашва изведнъж.Друг проблем е с офис пакета-опциите на падащите менюта спряха да се поддават на команди.Незнам дали е хардуерен проблем или наличие на гадинка,затова реших да пиша първо в този форум.Изпращам логовете след сканинг:
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
      Ran by m (administrator) on M-PC (15-03-2019 12:53:55)
      Running from C:\Users\m\Downloads
      Loaded Profiles: m & UpdatusUser (Available Profiles: m & user & UpdatusUser)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1")
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe
      (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe [4749784 2018-10-11] (Adaware Software -> )
      HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe
      HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
      HKLM-x32\...\Run: [] => [X]
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.)
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\MountPoints2: {53615ed9-b5c5-11e8-9221-001966873225} - F:\SETUP.EXE
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-09-13]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-09-15]
      ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () [File not signed]
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EF05353F-1AB4-4F63-852E-FDF507B7D414}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3677490310-1812953499-2719145278-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10419__180911&q={searchTerms}
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FireFox:
      ========
      FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-09-13] [Legacy] [not signed]
      FF HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe [587832 2018-10-11] (Adaware Software -> )
      R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2307768 2016-05-05] (Comodo Security Solutions -> Comodo)
      R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
      R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Windows -> Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 atc; C:\Windows\System32\DRIVERS\atc.sys [1283464 2018-06-08] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
      R1 bdfwfpf; C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [127312 2016-06-16] (Bitdefender SRL -> BitDefender LLC)
      R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> )
      S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2018-09-11] (Disc Soft Ltd -> Disc Soft Ltd)
      R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [187688 2018-05-02] (Bitdefender SRL -> BitDefender LLC)
      R0 Ignis; C:\Windows\System32\drivers\ignis.sys [304448 2017-08-29] (Bitdefender SRL -> Bitdefender)
      R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
      R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One month (created) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-15 12:53 - 2019-03-15 12:55 - 000012581 _____ C:\Users\m\Downloads\FRST.txt
      2019-03-15 12:53 - 2019-03-15 12:53 - 002433536 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
      2019-03-15 12:53 - 2019-03-15 12:53 - 000000000 ____D C:\FRST
      2019-03-13 10:33 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
      2019-03-13 10:33 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
      2019-03-13 10:33 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
      2019-03-13 10:33 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2019-03-13 10:33 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
      2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
      2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
      2019-03-13 10:33 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2019-03-13 10:33 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2019-03-13 10:33 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
      2019-03-13 10:33 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
      2019-03-13 10:33 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
      2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
      2019-03-13 10:33 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
      2019-03-13 10:33 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2019-03-13 10:33 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
      2019-03-13 10:33 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2019-03-13 10:33 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
      2019-03-13 10:33 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
      2019-03-13 10:32 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2019-03-13 10:32 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2019-03-13 10:32 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2019-03-13 10:32 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2019-03-13 10:32 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2019-03-13 10:32 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2019-03-13 10:32 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2019-03-13 10:32 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2019-03-13 10:32 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2019-03-13 10:32 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2019-03-13 10:32 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2019-03-13 10:32 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2019-03-13 10:32 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
      2019-03-13 10:32 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2019-03-13 10:32 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2019-03-13 10:32 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2019-03-13 10:32 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2019-03-13 10:32 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2019-03-13 10:32 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2019-03-13 10:32 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2019-03-13 10:32 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2019-03-13 10:32 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2019-03-13 10:32 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2019-03-13 10:32 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2019-03-13 10:32 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2019-03-13 10:32 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2019-03-13 10:32 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2019-03-13 10:32 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2019-03-13 10:32 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2019-03-13 10:32 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2019-03-13 10:32 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2019-03-13 10:32 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2019-03-13 10:32 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2019-03-13 10:32 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2019-03-13 10:32 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2019-03-13 10:32 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2019-03-13 10:32 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2019-03-13 10:32 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2019-03-13 10:32 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2019-03-13 10:32 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2019-03-13 10:32 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2019-03-13 10:32 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2019-03-13 10:32 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2019-03-13 10:32 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2019-03-13 10:32 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2019-03-13 10:32 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2019-03-13 10:32 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2019-03-13 10:32 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2019-03-13 10:32 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2019-03-13 10:32 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2019-03-13 10:32 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2019-03-13 10:32 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2019-03-13 10:32 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2019-03-13 10:32 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2019-03-13 10:32 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2019-03-13 10:32 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2019-03-13 10:32 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2019-03-13 10:32 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2019-03-13 10:32 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2019-03-13 10:32 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2019-03-13 10:32 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2019-03-13 10:32 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2019-03-13 10:32 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2019-03-13 10:32 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2019-03-13 10:32 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2019-03-13 10:32 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2019-03-13 10:32 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
      2019-03-13 10:32 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2019-03-13 10:32 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
      2019-03-13 10:32 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2019-03-13 10:32 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
      2019-03-13 10:32 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2019-03-13 10:32 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
      2019-03-13 10:32 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
      2019-03-13 10:32 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
      2019-03-13 10:32 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
      2019-03-13 10:32 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
      2019-03-13 10:32 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2019-03-13 10:32 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
      2019-03-13 10:32 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
      2019-03-13 10:32 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2019-03-13 10:32 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
      2019-03-13 10:32 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2019-03-13 10:32 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
      2019-03-13 10:32 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
      2019-03-13 10:32 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
      2019-03-13 10:32 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2019-03-13 10:32 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2019-03-13 10:32 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2019-03-13 10:31 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2019-03-13 10:31 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2019-03-13 10:31 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2019-03-13 10:31 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2019-03-13 10:31 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2019-03-13 10:31 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2019-03-13 10:31 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2019-03-13 10:31 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2019-03-13 10:31 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2019-03-13 10:31 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2019-03-13 10:31 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2019-03-13 10:31 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2019-03-13 10:31 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
      2019-03-13 10:31 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2019-03-13 10:31 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2019-03-13 10:31 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2019-03-13 10:31 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2019-03-13 10:31 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2019-03-13 10:31 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2019-03-13 10:31 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
      2019-03-13 10:31 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
      2019-03-13 10:31 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
      2019-03-13 10:31 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2019-03-13 10:31 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2019-03-13 10:31 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2019-03-13 10:31 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2019-03-13 10:31 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2019-03-13 10:31 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
      2019-03-13 10:31 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2019-03-13 10:31 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2019-03-13 10:31 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
      2019-03-13 10:31 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
      2019-03-13 10:31 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
      2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
      2019-03-13 10:31 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
      2019-03-13 10:31 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
      2019-03-13 10:31 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
      2019-03-13 10:31 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
      2019-03-13 10:31 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2019-03-13 10:31 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2019-03-08 12:37 - 2019-03-08 12:37 - 000000000 ____H C:\Users\user\Documents\Default.rdp
      2019-03-08 12:29 - 2019-03-08 12:29 - 000001230 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
      2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
      2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\Program Files (x86)\Comodo
      2019-03-08 12:25 - 2019-03-08 12:25 - 054376048 _____ (Comodo) C:\Users\m\Downloads\dragonsetup.exe
      2019-03-01 08:33 - 2019-03-02 13:15 - 000043520 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xls
      2019-02-28 12:42 - 2019-03-02 13:14 - 000023796 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xlsx
      2019-02-26 12:42 - 2019-02-26 12:42 - 352749717 _____ C:\Windows\MEMORY.DMP
      2019-02-26 12:42 - 2019-02-26 12:42 - 001097368 _____ C:\Windows\Minidump\022619-15984-01.dmp
      2019-02-26 12:42 - 2019-02-26 12:42 - 000000000 ____D C:\Windows\Minidump
      2019-02-25 14:15 - 2019-02-25 14:15 - 000065024 _____ C:\Users\user\Desktop\кИРО.xls
      2019-02-25 14:11 - 2019-02-25 14:11 - 000025088 _____ C:\Users\user\Desktop\ГОШО КИРОВ.xls
      2019-02-14 08:54 - 2019-01-12 04:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2019-02-14 08:54 - 2019-01-12 04:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2019-02-14 08:54 - 2019-01-01 18:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2019-02-14 08:54 - 2019-01-01 18:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2019-02-14 08:54 - 2019-01-01 18:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
      2019-02-14 08:54 - 2019-01-01 18:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2019-02-14 08:54 - 2019-01-01 18:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2019-02-14 08:54 - 2019-01-01 18:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
      2019-02-14 08:54 - 2019-01-01 17:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2019-02-14 08:54 - 2019-01-01 17:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
      2019-02-14 08:54 - 2019-01-01 17:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
      2019-02-14 08:54 - 2018-12-04 18:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
      2019-02-14 08:54 - 2018-12-04 18:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
      2019-02-14 08:54 - 2018-12-04 17:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
      2019-02-14 08:54 - 2018-12-04 17:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
      2019-02-14 08:54 - 2018-12-02 18:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
      ==================== One month (modified) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-15 12:31 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-03-15 12:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2019-03-15 12:26 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
      2019-03-14 09:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
      2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-03-14 08:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-03-14 08:06 - 2009-07-14 06:45 - 000433672 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ___SD C:\Windows\system32\CompatTel
      2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ____D C:\Windows\system32\appraiser
      2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
      2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
      2019-03-13 15:08 - 2018-09-17 10:26 - 000000000 ____D C:\Windows\system32\MRT
      2019-03-13 15:03 - 2018-09-11 14:54 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2019-03-13 13:08 - 2018-12-20 13:23 - 000034304 _____ C:\Users\user\Desktop\ГОВЕДА КРУШАРЕ СЕЛЯНИ.xls
      2019-03-13 12:00 - 2018-11-28 11:25 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2019-03-13 12:00 - 2018-09-13 07:33 - 000004464 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-03-13 12:00 - 2018-09-13 07:32 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2019-03-13 12:00 - 2018-09-13 07:32 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\system32\Macromed
      2019-03-13 11:00 - 2018-09-13 14:16 - 000004452 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2019-03-12 12:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
      2019-03-08 12:29 - 2018-09-11 15:25 - 000000000 ____D C:\Users\m\AppData\Local\Comodo
      2019-03-08 12:20 - 2018-09-14 14:25 - 000003998 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1536927954
      2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-58d5-1
      2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-3521-0
      2019-02-22 11:23 - 2018-09-13 13:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-02-15 08:29 - 2018-09-13 13:44 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2019-02-14 12:57 - 2018-09-11 15:57 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      ==================== Files in the root of some directories =======
      2018-09-13 07:27 - 2018-09-13 07:27 - 000007613 _____ () C:\Users\m\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2010-09-27 10:56 - 2010-09-27 10:56 - 000016505 _____ () C:\Users\m\AppData\Local\Temp\DelayInst.exe
      2019-03-08 12:31 - 2016-02-05 11:34 - 002043440 _____ (Comodo Security Solutions, Inc.) C:\Users\m\AppData\Local\Temp\dragon_restart_helper.exe
      2009-07-17 19:12 - 2009-07-17 19:12 - 001957206 _____ (Adobe Systems Incorporated) C:\Users\m\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
      2010-09-27 10:56 - 2010-09-27 10:56 - 000221315 _____ () C:\Users\m\AppData\Local\Temp\installservice.exe
      1999-12-20 14:04 - 1999-12-20 14:04 - 000056832 ____R () C:\Users\m\AppData\Local\Temp\mpegc.dll
      2012-10-02 02:44 - 2012-10-02 02:44 - 000178824 ____R (Microsoft Corporation) C:\Users\m\AppData\Local\Temp\ose00000.exe
      2011-03-04 11:52 - 2011-03-04 11:52 - 000056832 _____ () C:\Users\m\AppData\Local\Temp\vpnclient_setup.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\dllhost.exe => File is digitally signed
      C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-03-14 08:58
      ==================== End of FRST.txt ============================
      Addition.txt
    • от sv3tlio
      Здравейте на всички! Ще гледам да съм максимално кратък и ще карам направо. Както виждате от заглавието на темата имам проблем с Хромиум. Като цяло проблемът ми е доста сходен с този : https://www.kaldata.com/forums/topic/270658-след-зареждане-на-windows-се-стартира-chromium/ . Същата работа е при мен. Преди около седмица си изтеглих BS Player, и от тогава се появи и този Chromium. BS Player-ът го изтеглих баш от сайта им, не от някакво измислено място, но явно и от там няма гаранция. Както и да е. Всеки път като се включи компютъра, било то след рестарт, или обикновено включване (това е само след пълно изключване на компютъра, когато го включа след "режим на готовност", този проблем го няма) веднага ми отваря Chromium и по-точно раздела history. На пръв поглед е все едно гледам Chrome, но не е. Отначало когато за пръв път се появи имаше историята от Chrome + каквито видео файлове съм пускал. Примерно влизал съм в еди си кой сайт, гледал съм еди си кой филм. Помъчих се да го деинсталирам обаче не става (ще приложа снимки какво точно ми излиза). 

      След като щракна върху Промени/премахни, пък ми излиза това: 

       И така до безкрайност. Писах "Chromium" в търсачката на компютъра (едно кученце). То търси, търси, чете някакви книжки, гледа с една лупа и накрая ми показа къде стоят файловете на този ми ти Chromium. Изтрих ги, нямаше никакъв ефект. После с Ctrl+alt+del влязох в "Процеси" и от там изтрих редовете на които пишеше chromium.exe. Тук беше и най-големият ми напредък, щото историята от Chrome + видео файловете отваряни откакто този компютър е станал компютър ги нямаше. Обаче остана това, че всеки път като включа компютъра и ми изкача нов прозорец в Chromium, ами освен това усещам как ми бави и самият Chrome - той е браузърът ми по подразбиране. Само да вметна, деинсталирах BS Player, Google Chrome, Mozilla Firefox, Avast също махнах за малко, барем се оправи, но не постигнах желаният от мен ефект. В темата която постнах по-горе от човека със същия проблем, пробвах да изтегля препоръчаният му fixlist, обаче ми дава грешка в страницата. Аз даже първо мислех, да си постна проблема там като коментар, ама викам айде да не спамя на човека темата, по-добре сякаш да отворя нова. Пък ако модераторите решат, че темата ми нещо е извън правилата, моля да бъда извинен за невежеството си. Та общо взето това е, бих се радвал на всякаква помощ. Лека вечер от мен!
       
    • от Fabry
      През няколко минути се появява странно съобщение от системата - на прикачената снимка е . Ако някой помогне, ще съм задължен !

    • от Людмил Любенов
      Здр-те на всички от форома,можели да ми кажете заразен ли съм със някакъв вирус,защото преди няколко седмици ми излезе грешка на декстапа ми изтрих я и сега неми се явява вече общо казано,принципно не ползвам антивирусни програми,не влизам кой знае каде,за да хвана вирус,ама все пак да ми отговорите,как съм със ОС,като цяло мерси предварително.

      FRST.txt
      Addition.txt
    • от The Negative One
      Та пуснах вече една тема - хората ме пратиха тук.Ситуацията е следната - При всяко включване на компютъра Google Chrome автоматично се е пуснал и е отворил някакъв сайт с глупости на руски език."Получи предсказание от Ванга" и прочие простотии.Та опитах да изчистя кеша и да рестартирам настройките на браузъра, но не постигнах ефект.Ще се радвам ако някой може да помогне!
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
      Ran by SHANOVr (administrator) on DESKTOP-4AUH82I (13-12-2018 12:11:15)
      Running from D:\Camera\downloads D
      Loaded Profiles: SHANOVr (Available Profiles: defaultuser0 & SHANOVr)
      Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Hi-Rez Studios) D:\SteamGammEZ\HiPatchService.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (f.lux Software LLC) C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (ASUSTek) C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
      HKLM-x32\...\Run: [VirtualCloneDrive] => D:\CloneDrive\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [f.lux] => C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [EpicGamesLauncher] => D:\boiii\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803328 2018-09-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [SHANOVr] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\MountPoints2: {5911fcb2-a851-11e8-a4da-fcaa14184561} - "F:\EuroTruckSimulator2_setup.exe" 
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Tcpip\..\Interfaces\{b2172693-d883-4ed3-8b20-1cd27a17c8d4}: [DhcpNameServer] 192.168.42.129
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Internet Explorer:
      ==================
      SearchScopes: HKU\S-1-5-21-392342708-715023771-1080359625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      Chrome: 
      =======
      CHR Profile: C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default [2018-12-13]
      CHR Extension: (Slides) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Docs) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
      CHR Extension: (YouTube) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
      CHR Extension: (Adblock Plus) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-12]
      CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-11-19]
      CHR Extension: (Sheets) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Docs Offline) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
      CHR Extension: (AdBlock) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
      CHR Extension: (Chrome Media Router) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-07] ()
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-16] (EasyAntiCheat Ltd)
      U2 HiPatchService; D:\SteamGammEZ\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
      R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation)
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc.)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
      R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
      S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation)
      R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-12 15:59 - 2018-12-12 15:59 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\Google
      2018-11-28 00:07 - 2018-11-21 15:41 - 000715172 _____ C:\Users\SHANOVr\Desktop\Scan2.TIF
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-13 12:11 - 2017-04-22 22:42 - 000000000 ____D C:\FRST
      2018-12-13 12:10 - 2018-01-20 22:10 - 001425282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-12-13 12:07 - 2017-01-22 20:01 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-12-13 12:06 - 2018-01-20 22:09 - 000003098 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
      2018-12-13 12:05 - 2018-01-20 21:57 - 000000000 ____D C:\Users\SHANOVr
      2018-12-13 12:05 - 2017-01-22 20:15 - 000000000 __SHD C:\Users\SHANOVr\IntelGraphicsProfiles
      2018-12-13 12:05 - 2017-01-22 19:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2018-12-13 12:04 - 2018-01-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-12-13 12:04 - 2018-01-20 21:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-12-13 09:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
      2018-12-12 22:54 - 2017-01-22 20:18 - 000000000 ____D C:\Program Files\Steam
      2018-12-12 09:13 - 2017-02-28 08:33 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\AIMP3
      2018-12-12 08:46 - 2017-01-23 13:27 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2018-12-10 22:50 - 2018-02-04 12:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
      2018-12-06 09:16 - 2018-01-20 21:58 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\Packages
      2018-12-03 10:25 - 2018-01-20 22:09 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392342708-715023771-1080359625-1001
      2018-12-03 10:25 - 2017-01-22 19:50 - 000002369 _____ C:\Users\SHANOVr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-11-29 08:12 - 2017-01-27 15:27 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\CrashDumps
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-11-23 12:33 - 2018-10-19 09:15 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\ElevatedDiagnostics
      ==================== Files in the root of some directories =======
      2017-02-06 20:32 - 2017-02-06 20:32 - 000000017 _____ () C:\Users\SHANOVr\AppData\Local\resmon.resmoncfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-12-08 22:12
      ==================== End of FRST.txt ============================
       
      Addition.txt
  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване