Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Вируси в системата ми.Моля за помощ.


Препоръчан отговор

Купих си лаптопа преди около 4 години от тогава до сега съм с антивирусната на аваст . До сега никога не съм имал проблеми с нея както и с лаптопа ми като цяло, но това беше до преди месец . Преди месец антивирусната ме уведомяваше, че има вирус в компютъра ми и по точно беше някакъв троянец, сканирах компютъра и да имах 13 заразени файла. Изчистих ги и всичко беше по старо му няколко дни, но след това стана още по зле през 2/3 минути антивирусната започна да ме уведомява че имам заразени файлове, засечени мауери и какво ли още не. Сканирах отново компютъра, но този път нито един заразен файл, а антивирусната продължаваше постоянно да ме информира, а като сканирам нищо и не знам как да махна тези вируси. За толкова години тази антивирусна не ми е правила никакви проблеми, дайте съвет какво да правя и на някой от вас случвало ли се е ? Благодарско предварително :)

Линк към коментара
Сподели в други сайтове

Съвета веднага ти го давам. Посети тази тема и спазвай стъпките там, за да могат колегите от HJT Team да ти помогнат

Линк към коментара
Сподели в други сайтове

welcome.gif Здравейте и добре дошли във  форума..! :)
 



2.3 Заглавието на темата трябва да е ясно и точно, да не е съставено единствено от главни букви и да описва максимално съдържанието на самата тема. Теми със заглавия от една дума или от рода на "Помощ!", "Имам проблем", "Спешно" и т.н. се изтриват без предупреждение.

 
Моля, коригирайте си заглавието на темата..! Благодаря ..! :)
 
Та на въпроса...За да анализираме системата ви и да се опитаме да разберем какъв е проблема  е нужно да прочетете темата Системата ми е инфектирана - Какво да правя сега?  Да направите необходимите сканирания и дневниците FRST.txt да копирате в следващия си пост, а Addition.txt  да прикачите в следващия си коментар (погледнете опцията Прикачени файлове, когато публикувате мнение).

Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014
Ran by Daniela (administrator) on DANIELA-PC on 21-09-2014 10:09:36
Running from C:\Users\Daniela\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\HomeTab\WBrokerHandler.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\HomeTab\WSearchDefender.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [30208 2005-12-07] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-05-18] ()
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4282728 2012-08-21] (AVAST Software)
HKLM-x32\...\Run: [sSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools)
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [unlockerAssistant] => "E:\Нова папка\Unlocker\UnlockerAssistant.exe" -H
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "E:\hamachi-2-ui.exe" --auto-start
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [GoogleChromeAutoLaunch_3DE63956E2201FD427025F5C0956CFCB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-08-30] (Google Inc.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2012-12-13] (BitTorrent, Inc.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [speedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\MountPoints2: {7c92020e-1821-11e1-acc2-1c75083e0ce8} - G:\Autorun.exe
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Winlogon: [shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe <==== ATTENTION 
AppInit_DLLs-x32: c:\progra~2\sw-boo~1\assist~1.dll => "c:\progra~2\sw-boo~1\assist~1.dll" File Not Found
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (GadgetBox)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27&q={searchTerms}
SearchScopes: HKLM-x32 - %SearchDefender_IESearchEngineGuid% URL = http://search.gboxapp.com/?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - %SearchDefender_IESearchEngineGuid% URL = http://search.gboxapp.com/?q={searchTerms}
SearchScopes: HKCU - {0170B447-E7C0-48D8-92E9-047C0A3847AD} URL = http://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=4&cc=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=119294&babsrc=SP_ss_gin2g&mntrId=98FD1C659D75299F
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = 
SearchScopes: HKCU - {C66E5937-5DBA-4D6E-ACC9-C96D77588AC2} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb119/?search={searchTerms}&loc=IB_DS&a=6R8ljT4hdv&i=26
BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\Daniela\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Apps Hat -> {11111111-1111-1111-1111-110411851159} -> C:\Program Files (x86)\Apps Hat\Apps Hat-bho64.dll No File
BHO: prIcechOOp -> {1f37861d-6083-4d42-b07c-fbae43d94104} -> C:\Program Files (x86)\prIcechOOp\LdG8Oi0EVxoqOJ.x64.dll No File
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HomeTab -> {9fdfb66c-713b-4201-83a6-5b78ae227b41} -> C:\Program Files\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: YoutubeAaDBluOOcke -> {d9c2f5c2-ac9d-40c2-b87c-fb54a624adc4} -> C:\Program Files (x86)\YoutubeAaDBluOOcke\oOiJM0TNeOsk0Q.x64.dll ()
BHO-x32: MyWebSearch Search Assistant BHO -> {00A6FAF1-072E-44cf-8957-5838F569A31D} -> C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL No File
BHO-x32: Yahoo! Toolbar Helper -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll No File
BHO-x32: mwsBar BHO -> {07B18EA1-A523-4961-B6BB-170DE4475CCA} -> C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll No File
BHO-x32: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\Daniela\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Apps Hat -> {11111111-1111-1111-1111-110411851159} -> C:\Program Files (x86)\Apps Hat\Apps Hat-bho.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll No File
BHO-x32: prIcechOOp -> {1f37861d-6083-4d42-b07c-fbae43d94104} -> C:\Program Files (x86)\prIcechOOp\LdG8Oi0EVxoqOJ.dll No File
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll No File
BHO-x32: TBSB01620 Class -> {58124A0B-DC32-4180-9BFF-E0E21AE34026} -> C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
BHO-x32: uTorrentControl2 Toolbar -> {687578b9-7132-4a7a-80e4-30ee31099e03} -> C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll No File
BHO-x32: TheBflix Class -> {817987DC-F550-4F3C-8F71-524D9618D158} -> C:\ProgramData\TheBflix\bhoclass.dll No File
BHO-x32: CertifiedToolbar -> {8d3ec233-b92d-4187-a506-284127cfba2d} -> C:\Users\Daniela\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (Simplytech Ltd.)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HomeTab -> {9fdfb66c-713b-4201-83a6-5b78ae227b41} -> C:\Program Files (x86)\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: YoutubeAaDBluOOcke -> {d9c2f5c2-ac9d-40c2-b87c-fb54a624adc4} -> C:\Program Files (x86)\YoutubeAaDBluOOcke\oOiJM0TNeOsk0Q.dll ()
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: SMTTB2009 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll ()
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Program Files\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - DealBulldog Toolbar Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (GadgetBox)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - CertifiedToolbar - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Daniela\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll (Simply Tech LTD.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll No File
Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Web Search
FF Homepage: about:home
FF Keyword.URL: hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=6.7&ts=1363721054992.000008&tguid=62606-6533-1377170197378-6933173D000EF9AADE22D705CE526BF9&st=chrome&q=
FF SearchEngineOrder.user_pref("browser.search.order.1S", "WebSearch");: user_pref("browser.search.order.1S", "WebSearch");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\BabylonMngr.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\GadgetBox.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\webssearches.xml
FF Extension: Apps Hat - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected]0afdf81a4.com [2014-05-17]
FF Extension: Bcool - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-05-06]
FF Extension: Fast Start - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2014-08-29]
FF Extension: Babylon - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2011-11-26]
FF Extension: softonic.com - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-06-14]
FF Extension: GadgetBox - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-12-13]
FF Extension: TheBflix - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-03-04]
FF Extension: My Web Search - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-03-13]
FF Extension: Yontoo - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2013-03-18]
FF Extension: No Name - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\staged [2014-09-05]
FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [2013-03-19]
FF Extension: uTorrentControl2 Community Toolbar - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} [2014-05-17]
FF Extension: DealBulldog Toolbar Toolbar - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2012-07-09]
FF Extension: HomeTab - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07} [2014-09-14]
FF Extension: IMinent Toolbar - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012-08-10]
FF Extension: CertifiedToolbar - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{dac70ad0-e58c-4d0b-9ac7-eee894ffb0fa} [2013-03-19]
FF Extension: GoPhotoIt - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-07-31]
FF Extension: OneClickDownloader - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2014-05-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF Extension: My Web Search - C:\Program Files (x86)\MyWebSearch\bar\1.bin [2012-03-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Iminent\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-12]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\extensions\[email protected]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://start.hometab.com/?1=1__PARAM__
CHR StartupUrls: Default -> "about:newtab?source=home", "hxxp://istart.webssearches.com/?type=hp&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27", "hxxp://websearch.flyandsearch.info/?pid=724&r=2014/09/05&hid=14138264460903633756&lg=EN&cc=BG"
CHR DefaultSearchKeyword: Default -> search.certified-toolbar.com_
CHR DefaultSearchProvider: Default -> Web Search
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Toolbar) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoecfpbnohmjikjhpijcnonhhhlh [2013-09-16]
CHR Extension: (Google Документи) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-05]
CHR Extension: (Google Диск) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-05]
CHR Extension: (YouTube) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-05]
CHR Extension: (NewTab Connect Tab) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coljhboelhlkbgaaolcngflenaggpeao [2014-09-14]
CHR Extension: (Google Търсене) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-05]
CHR Extension: (Babylon Toolbar) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-09-16]
CHR Extension: (Complitly plugin for chrome) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda [2013-09-16]
CHR Extension: (Social Face) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb [2014-09-05]
CHR Extension: (Web Search) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcljdicbcnmfhekdcaobgbpjjifniemh [2014-09-14]
CHR Extension: (CertifiedToolbar) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjancchhkabckonnimkjhcjhnaopfob [2013-09-16]
CHR Extension: (avast! WebRep) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-09-16]
CHR Extension: (TheBflix) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\joifgdlkhokekeaenpkaehbnjhncglbh [2013-09-16]
CHR Extension: (NewTab Connect Homepage) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio [2014-09-14]
CHR Extension: (Bcool) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kooahbpakahlhmhmcnndhooponcckcdm [2013-09-16]
CHR Extension: (priceChuopp) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndokkanodobajmfgoaphheihkkgopjkk [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (uTorrentControl2) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc [2013-09-16]
CHR Extension: (Quick start) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-08-29]
CHR Extension: (GoPhoto.it) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-05]
CHR Extension: (priceChuopp) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndokkanodobajmfgoaphheihkkgopjkk\3.9 [2014-09-05]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Daniela\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [aaaapoecfpbnohmjikjhpijcnonhhhlh] - C:\Users\Daniela\AppData\Local\APN\GoogleCRXs\aaaapoecfpbnohmjikjhpijcnonhhhlh_7.17.0.0.crx [2012-11-14]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Daniela\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [2012-06-27]
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2013-03-19]
CHR HKLM-x32\...\Chrome\Extension: [fnjancchhkabckonnimkjhcjhnaopfob] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx [2013-03-19]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-10-12]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2011-10-12]
CHR HKLM-x32\...\Chrome\Extension: [joifgdlkhokekeaenpkaehbnjhncglbh] - C:\ProgramData\TheBflix\joifgdlkhokekeaenpkaehbnjhncglbh.crx [2012-02-28]
CHR HKLM-x32\...\Chrome\Extension: [kooahbpakahlhmhmcnndhooponcckcdm] - C:\ProgramData\Bcool\kooahbpakahlhmhmcnndhooponcckcdm.crx [2012-05-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Daniela\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx [2012-07-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-08-21] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-08-29] (Cherished Technololgy LIMITED)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-06-18] (Microsoft)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-01-24] (SolidWorks) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-29] (Fuyu LIMITED) [File not signed]
S4 Yontoo Desktop Updater; C:\Users\Daniela\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-14] (Yontoo LLC)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [X]
S2 d0e87c27; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sw-boo~1\AssistantSvc.dll",service
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Hamachi2Svc; E:\hamachi-2.exe -s [X]
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-12-13] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-26] (DT Soft Ltd)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-16] (Windows ® Win 7 DDK provider)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 10:08 - 2014-09-21 10:09 - 00035679 _____ () C:\Users\Daniela\Downloads\Addition.txt
2014-09-21 10:06 - 2014-09-21 10:10 - 00040058 _____ () C:\Users\Daniela\Downloads\FRST.txt
2014-09-21 10:06 - 2014-09-21 10:09 - 00000000 ____D () C:\FRST
2014-09-21 10:04 - 2014-09-21 10:05 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64.exe
2014-09-16 08:23 - 2014-09-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-05 16:50 - 2014-09-06 19:40 - 00000000 ____D () C:\Users\Daniela\Documents\NFS Most Wanted
2014-09-05 16:46 - 2014-09-05 16:46 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Worki
2014-09-05 16:46 - 2014-09-05 16:46 - 00003209 _____ () C:\Users\Daniela\Downloads\[kickass.to]need.for.speed.most.wanted.patch.for.windows.7.64.bit.torrent
2014-09-05 16:41 - 2014-09-06 22:17 - 00000000 ____D () C:\ProgramData\YoutubeAaDBluOOcke
2014-09-05 16:41 - 2014-09-05 16:42 - 00000000 ____D () C:\ProgramData\KeepAppIt Software
2014-09-05 16:40 - 2014-09-06 22:17 - 00000000 ____D () C:\ProgramData\prIcechOOp
2014-09-05 16:40 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\5534d603321f79eb
2014-09-05 16:40 - 2014-09-05 16:41 - 00000000 ____D () C:\Program Files (x86)\YoutubeAaDBluOOcke
2014-09-05 16:40 - 2014-09-05 16:40 - 00000426 __RSH () C:\ProgramData\ntuser.pol
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator
2014-09-05 16:30 - 2014-09-05 16:30 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Working__.3427700.TPB.torrent
2014-09-05 15:49 - 2014-09-05 15:49 - 00011611 _____ () C:\Users\Daniela\Downloads\Need For Speed Most Wanted PC DVD.torrent
2014-09-04 13:34 - 2014-09-05 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 13:34 - 2014-09-04 13:34 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 12:54 - 2014-09-04 12:54 - 00000000 ____D () C:\Windows\GTA Vice City - Burn
2014-09-04 12:33 - 2014-09-04 12:33 - 00060342 _____ () C:\Users\Daniela\Downloads\GTA Vice City - Burn.torrent
2014-09-03 07:04 - 2014-09-03 07:04 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii (1).xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00273920 _____ () C:\Users\Daniela\Downloads\kvota-1-za-rabotni-mesta-v-centralnite-vedomstva.xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00108032 _____ () C:\Users\Daniela\Downloads\kvota-2-za-rabotni-mesta-v-oblastnite-administracii.xls
2014-09-02 16:14 - 2014-09-02 16:14 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii.xls
2014-09-02 14:32 - 2014-09-02 14:32 - 00001043 _____ () C:\Windows\NLSDownlevelMapping.log
2014-09-02 14:13 - 2014-09-02 14:13 - 00054191 _____ () C:\Users\Daniela\Downloads\City Car Driving v2.2.7 + Car Pack + Crack.torrent
2014-08-29 20:25 - 2014-08-29 20:25 - 00000000 ____D () C:\ProgramData\PC Optimizer Pro
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Offer
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Display Offer
2014-08-29 16:04 - 2014-08-29 16:04 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-29 16:03 - 2014-09-01 10:22 - 00000000 ____D () C:\Program Files (x86)\SpeedItup Free
2014-08-29 16:03 - 2014-08-29 16:03 - 00000040 _____ () C:\ProgramData\spds90.txt
2014-08-29 16:02 - 2014-08-29 16:02 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-29 16:02 - 2014-08-29 16:02 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-26 15:35 - 2014-08-26 15:35 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Softland
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 10:10 - 2014-09-21 10:06 - 00040058 _____ () C:\Users\Daniela\Downloads\FRST.txt
2014-09-21 10:09 - 2014-09-21 10:08 - 00035679 _____ () C:\Users\Daniela\Downloads\Addition.txt
2014-09-21 10:09 - 2014-09-21 10:06 - 00000000 ____D () C:\FRST
2014-09-21 10:05 - 2014-09-21 10:04 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64.exe
2014-09-21 09:56 - 2011-10-12 09:52 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{72ADF9CF-5EA5-4B41-92E6-2774748BC0D3}
2014-09-21 09:36 - 2012-10-19 14:03 - 00000000 ____D () C:\Users\Daniela\Documents\Euro Truck Simulator 2
2014-09-21 09:27 - 2011-10-11 18:41 - 01997322 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 09:21 - 2012-10-07 11:26 - 00001000 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 09:09 - 2011-10-12 09:46 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Skype
2014-09-21 09:08 - 2011-10-12 09:44 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\uTorrent
2014-09-21 08:55 - 2009-07-14 07:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 08:55 - 2009-07-14 07:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 08:47 - 2014-05-10 21:24 - 00026523 _____ () C:\Windows\setupact.log
2014-09-21 08:47 - 2012-10-07 11:26 - 00000996 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 08:47 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 20:35 - 2012-08-15 23:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-19 20:52 - 2014-08-16 23:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-09-19 20:50 - 2011-12-23 21:36 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-19 19:53 - 2009-07-14 08:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 08:23 - 2014-09-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-16 08:23 - 2014-08-16 08:59 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-16 08:23 - 2012-08-07 13:14 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-16 08:23 - 2011-10-12 09:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-16 08:23 - 2011-10-12 09:45 - 00000000 ____D () C:\ProgramData\Skype
2014-09-14 20:18 - 2013-08-22 14:16 - 00000000 ____D () C:\Program Files (x86)\HomeTab
2014-09-14 17:46 - 2013-12-09 21:18 - 00000000 ____D () C:\Windows\System32\Tasks\SystemSockets
2014-09-14 17:46 - 2013-08-22 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-09-14 17:46 - 2013-03-19 22:24 - 00000000 ____D () C:\Windows\System32\Tasks\ProtectedSearch
2014-09-14 17:45 - 2014-02-05 17:24 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 17:45 - 2011-10-11 18:45 - 00001431 _____ () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-14 17:45 - 2011-10-11 18:45 - 00001397 _____ () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-11 22:36 - 2013-03-19 22:24 - 00034368 _____ () C:\Windows\Launcher.exe
2014-09-07 01:22 - 2012-07-29 22:16 - 00000000 ____D () C:\Program Files (x86)\FilesFrog Update Checker
2014-09-06 22:17 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\YoutubeAaDBluOOcke
2014-09-06 22:17 - 2014-09-05 16:40 - 00000000 ____D () C:\ProgramData\prIcechOOp
2014-09-06 22:17 - 2014-01-02 16:19 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\newnext.me
2014-09-06 22:17 - 2014-01-02 16:19 - 00000000 ____D () C:\Users\Daniela\AppData\Local\genienext
2014-09-06 19:40 - 2014-09-05 16:50 - 00000000 ____D () C:\Users\Daniela\Documents\NFS Most Wanted
2014-09-06 09:29 - 2014-05-11 11:42 - 00005414 _____ () C:\Windows\PFRO.log
2014-09-06 09:29 - 2013-07-06 14:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-05 16:46 - 2014-09-05 16:46 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Worki
2014-09-05 16:46 - 2014-09-05 16:46 - 00003209 _____ () C:\Users\Daniela\Downloads\[kickass.to]need.for.speed.most.wanted.patch.for.windows.7.64.bit.torrent
2014-09-05 16:42 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\KeepAppIt Software
2014-09-05 16:42 - 2012-02-28 19:44 - 00000000 ____D () C:\ProgramData\InstallMate
2014-09-05 16:41 - 2014-09-05 16:40 - 00000000 ____D () C:\ProgramData\5534d603321f79eb
2014-09-05 16:41 - 2014-09-05 16:40 - 00000000 ____D () C:\Program Files (x86)\YoutubeAaDBluOOcke
2014-09-05 16:40 - 2014-09-05 16:40 - 00000426 __RSH () C:\ProgramData\ntuser.pol
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator
2014-09-05 16:40 - 2012-02-15 18:49 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Google
2014-09-05 16:40 - 2009-07-14 06:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-05 16:40 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-05 16:39 - 2014-01-02 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2014-09-05 16:37 - 2013-12-11 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-05 16:33 - 2014-07-04 21:22 - 00026596 _____ () C:\Windows\DirectX.log
2014-09-05 16:30 - 2014-09-05 16:30 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Working__.3427700.TPB.torrent
2014-09-05 16:30 - 2011-11-26 14:52 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\DAEMON Tools Lite
2014-09-05 15:51 - 2014-09-04 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-05 15:49 - 2014-09-05 15:49 - 00011611 _____ () C:\Users\Daniela\Downloads\Need For Speed Most Wanted PC DVD.torrent
2014-09-04 13:34 - 2014-09-04 13:34 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 12:54 - 2014-09-04 12:54 - 00000000 ____D () C:\Windows\GTA Vice City - Burn
2014-09-04 12:33 - 2014-09-04 12:33 - 00060342 _____ () C:\Users\Daniela\Downloads\GTA Vice City - Burn.torrent
2014-09-03 17:44 - 2014-08-17 00:14 - 00000000 _____ () C:\Users\Daniela\AppData\Roaming\FileOut.cns
2014-09-03 17:44 - 2014-08-17 00:14 - 00000000 _____ () C:\Users\Daniela\AppData\Roaming\FileIn.cns
2014-09-03 07:04 - 2014-09-03 07:04 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii (1).xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00273920 _____ () C:\Users\Daniela\Downloads\kvota-1-za-rabotni-mesta-v-centralnite-vedomstva.xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00108032 _____ () C:\Users\Daniela\Downloads\kvota-2-za-rabotni-mesta-v-oblastnite-administracii.xls
2014-09-02 16:14 - 2014-09-02 16:14 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii.xls
2014-09-02 14:32 - 2014-09-02 14:32 - 00001043 _____ () C:\Windows\NLSDownlevelMapping.log
2014-09-02 14:30 - 2012-11-25 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forward Development
2014-09-02 14:13 - 2014-09-02 14:13 - 00054191 _____ () C:\Users\Daniela\Downloads\City Car Driving v2.2.7 + Car Pack + Crack.torrent
2014-09-01 10:22 - 2014-08-29 16:03 - 00000000 ____D () C:\Program Files (x86)\SpeedItup Free
2014-08-31 11:03 - 2014-02-01 15:39 - 00000000 ____D () C:\Program Files (x86)\Direct Video Downloader
2014-08-29 20:25 - 2014-08-29 20:25 - 00000000 ____D () C:\ProgramData\PC Optimizer Pro
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Offer
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Display Offer
2014-08-29 16:20 - 2013-03-19 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
2014-08-29 16:05 - 2012-10-23 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-08-29 16:04 - 2014-08-29 16:04 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-29 16:03 - 2014-08-29 16:03 - 00000040 _____ () C:\ProgramData\spds90.txt
2014-08-29 16:02 - 2014-08-29 16:02 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-29 16:02 - 2014-08-29 16:02 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-28 22:43 - 2013-07-29 20:23 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-26 15:43 - 2014-08-16 09:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-26 15:36 - 2011-10-12 09:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 15:35 - 2014-08-26 15:35 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Softland
 
Some content of TEMP:
====================
C:\Users\Daniela\AppData\Local\Temp\AutoRun.exe
C:\Users\Daniela\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Daniela\AppData\Local\Temp\bdfilters.dll
C:\Users\Daniela\AppData\Local\Temp\CloudBackup1412.exe
C:\Users\Daniela\AppData\Local\Temp\CloudBackup189.exe
C:\Users\Daniela\AppData\Local\Temp\DeltaTB.exe
C:\Users\Daniela\AppData\Local\Temp\EBU47D9.EXE
C:\Users\Daniela\AppData\Local\Temp\EBU4E5E.DLL
C:\Users\Daniela\AppData\Local\Temp\PCOptimizerProSetup_CMN_1.exe
C:\Users\Daniela\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniela\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Daniela\AppData\Local\Temp\sfextra.dll
C:\Users\Daniela\AppData\Local\Temp\tbu16FD.exe
C:\Users\Daniela\AppData\Local\Temp\tbu3024.exe
C:\Users\Daniela\AppData\Local\Temp\tbu6838.exe
C:\Users\Daniela\AppData\Local\Temp\tbu8075.exe
C:\Users\Daniela\AppData\Local\Temp\tbuCEF5.exe
C:\Users\Daniela\AppData\Local\Temp\tbuE82C.exe
C:\Users\Daniela\AppData\Local\Temp\Uninstall.exe
C:\Users\Daniela\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Daniela\AppData\Local\Temp\ycomp_setup_cclean.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 00:28
 
==================== End Of Log ============================

Ето :D

Addition.txt

Линк към коментара
Сподели в други сайтове

Да,системата ви е заразена и аз ще ви помогна да разчистим зловредния софтуер...!Като за начало деинсталирайте следния софтуер по стандартния метод:
 

1ClickDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.7 Build 26473 - 1ClickDownload)
AppsHat Mobile Apps (HKCU\...\AppsHat Mobile Apps) (Version: 1.0.0.0 - Somoto Ltd.)
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version:  - BabylonToolbar)
BabylonObjectInstaller (HKLM-x32\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.3 - Babylon Ltd)
CertifiedToolbar 2.4 (HKLM-x32\...\{107c7af4-bcdb-4ba2-87d1-3cb1f7190dba}_is1) (Version: 2.4 - CertifiedToolbar)
Complitly (HKLM-x32\...\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1) (Version:  - Complitly)
DealBulldog Toolbar Toolbar (HKLM-x32\...\DealBulldog Toolbar Toolbar) (Version:  - )
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - )
GadgetBox (HKLM-x32\...\GadgetBox) (Version: 1.0 - GadgetBox)
GadgetBox Expansion (HKLM\...\{6D345027-25C7-43C1-A12A-6DE5B6D772D1}) (Version: 1.0 - )
GoforFiles (HKCU\...\GoforFiles) (Version: 1.7.1 - http://www.goforfiles.com/)
HomeTab 6.8 (HKLM-x32\...\{f8c77e88-ecbf-40f9-8e8b-fb0da19c6553}_is1) (Version: 6.8 - One Floor App)
IMinent Toolbar (HKLM-x32\...\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}) (Version: 3.26.0 - IMinent)
LiveSupport (HKLM-x32\...\LiveSupport_is1) (Version: 1.2.7.0 - PC Utilities Software Limited)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com)
My Web Search (Smiley Central) (HKLM-x32\...\MyWebSearch bar Uninstall) (Version:  - My Web Search)
prIcechOOp (HKLM-x32\...\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}) (Version: 4.2.0.1911 - pricechop)
Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version:  - Protected Search)
QuickStores-Toolbar 1.1.0 (HKLM-x32\...\QuickStores-Toolbar_is1) (Version: 1.1.0 - AB-Tools.com)
Search Assistant SoftQuick 1.66 (HKLM-x32\...\SP_a8235b05) (Version:  - )
SW-Booster (HKLM-x32\...\S-848366190) (Version: 3.2.0.1241 - PremiumSoft)
SweetIM for Messenger 3.6 (HKLM-x32\...\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}) (Version: 3.6.0008 - SweetIM Technologies Ltd.)
SweetPacks Toolbar for Internet Explorer 4.5 (HKLM-x32\...\{5B58EF61-85F2-4977-97A5-84C19F926579}) (Version: 4.5.0000 - SweetIM Technologies Ltd.)
SW-Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}) (Version:  - Certified Publisher)
TheBflix (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}) (Version:  - TheBflix)
Update Manager for SweetPacks 1.0 (HKLM-x32\...\{FB697452-8CA4-46B4-98B1-165C922A2EF3}) (Version: 1.0.0005 - SweetIM Technologies Ltd.)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED)
Yontoo 2.05 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.05 - Yontoo LLC)

 
 

СТЪПКА 1:

 

2lsf8k9.pngМоля, изтеглете и стартирайте програмата AdwCleaner(by Xplode):
 
 

  • Затворете всички стартирани програми и браузъри
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
  • Щракнете върху бутона Scan и изчакайте процесът да завърши.
  • Отбележете елемента (ите), които искате да запазите.
  • Маркирайте Clean и следвайте инструкциите.
  • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
  • Моля, да публикувате съдържанието на този лог в отговора си
  • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

 

СТЪПКА 2:

 

 

 
thisisujrt.gif Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.
 

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

     

 

mqdefault.jpg
 
 

СТЪПКА 3:

 

 

 

Моля, изтеглете ZOEK (by Smeenk) и да го запишете на вашия работен плот
Временно деактивирайте вашата антивирусна и антишпионска защита - инструкции тук

  • Щракнете с десния бутон върху тази икона  51a612a8b27e2-Zoek.pngи изберете RunAsAdmin.jpg Run as Administrator, за да стартирате инструмента.
  • Изчакайте търпеливо, докато  се появи  главната конзола (може да отнеме минута или две).

52b6de58f1952-Zoek_Startpagina_5.0.0.0.P
 

 

  • В главния прозорец, моля поставете в следния скрипт:
createsrpoint;
autoclean;
emptyalltemp;
  • Уверете се, че  опцията Scan All Users е маркирана.
  • Натиснете Run Script и изчакайте. Сканирането може да отнеме няколко минути.
  • Когато сканирането приключи, ще се отвори лог файл с име zoek-results.
  • Ако е необходимо рестартиране, той ще се отвори след това.
  • Копирайте съдържанието му в следващия си отговор.

 


 

СТЪПКА 4:

 

 

Повторете сканирането с Farbar Recovery Scan Tool
 
qrazy508-240x140.jpg
 
 

  • Моля изтеглете Farbar Recovery Scan Tool и го запазете на десктопа.
  • Стартирайте файла FRST.exe.
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Сложете всички отметки.
  • Натиснете бутона SCAN.
  • Ще се създадат два лог файл с името - FRST.txt и Addition.txt на десктопа.
  • Файлът FRST.txt копирайте в следващия си пост. Addition.txt прикачете в следващия си коментар (погледнете опцията Прикачени файлове, когато публикувате мнение).
Линк към коментара
Сподели в други сайтове

Да обаче е неактивно ..?

 

Вижте..такива елементарни неща осъждаме....!Моля ви..!

Стартирате програмата => Сканиране => след като програмата си свърши работата => Почистване :)

Линк към коментара
Сподели в други сайтове

 

,

 

 

До тук добре...Ще с е получат нещата..Продължете със следващите стъпки..!:)

Линк към коментара
Сподели в други сайтове

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Daniela on ­Ґ¤ 21.09.2014 Ј. at 11:52:12,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlaunchersettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mywebsearch.skinlaunchersettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1332179869-1056899932-3864764390-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askfm_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askfm_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askfm_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askfm_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0170B447-E7C0-48D8-92E9-047C0A3847AD}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{026E46D6-54AA-4A65-8640-9D250771C2A5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F2DBB0CB-3D16-42A4-B56A-4B867D210350}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\cloud software ltd"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Daniela\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Daniela\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Daniela\appdata\locallow\apps hat"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ­Ґ¤ 21.09.2014 Ј. at 12:13:57,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014
Ran by Daniela (administrator) on DANIELA-PC on 21-09-2014 12:33:49
Running from C:\Users\Daniela\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Farbar) C:\Users\Daniela\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [30208 2005-12-07] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [49152 2006-05-18] ()
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4282728 2012-08-21] (AVAST Software)
HKLM-x32\...\Run: [sSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-12-12] (PC Tools)
HKLM-x32\...\Run: [unlockerAssistant] => "E:\Нова папка\Unlocker\UnlockerAssistant.exe" -H
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "E:\hamachi-2-ui.exe" --auto-start
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [GoogleChromeAutoLaunch_3DE63956E2201FD427025F5C0956CFCB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-08-30] (Google Inc.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2012-12-13] (BitTorrent, Inc.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [speedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\MountPoints2: {7c92020e-1821-11e1-acc2-1c75083e0ce8} - G:\Autorun.exe
HKU\S-1-5-21-1332179869-1056899932-3864764390-1000\...\Winlogon: [shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe <==== ATTENTION 
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - %SearchDefender_IESearchEngineGuid% URL = http://search.gboxapp.com/?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - %SearchDefender_IESearchEngineGuid% URL = http://search.gboxapp.com/?q={searchTerms}
SearchScopes: HKCU - {C66E5937-5DBA-4D6E-ACC9-C96D77588AC2} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: YoutubeAaDBluOOcke -> {d9c2f5c2-ac9d-40c2-b87c-fb54a624adc4} -> C:\Program Files (x86)\YoutubeAaDBluOOcke\oOiJM0TNeOsk0Q.x64.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll No File
BHO-x32: CertifiedToolbar -> {8d3ec233-b92d-4187-a506-284127cfba2d} -> C:\Users\Daniela\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll No File
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: YoutubeAaDBluOOcke -> {d9c2f5c2-ac9d-40c2-b87c-fb54a624adc4} -> C:\Program Files (x86)\YoutubeAaDBluOOcke\oOiJM0TNeOsk0Q.dll ()
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll No File
Toolbar: HKLM-x32 - CertifiedToolbar - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Daniela\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default
FF NewTab: about:newtab
FF SearchEngineOrder.3: Bing 
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: Apps Hat - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected]0afdf81a4.com [2014-05-17]
FF Extension: GadgetBox - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\[email protected] [2012-12-13]
FF Extension: No Name - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\staged [2014-09-05]
FF Extension: HomeTab - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07} [2014-09-14]
FF Extension: CertifiedToolbar - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\Extensions\{dac70ad0-e58c-4d0b-9ac7-eee894ffb0fa} [2013-03-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-12]
FF Extension: No Name - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [Not Found]
FF Extension: No Name - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\29ztghzs.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> about:newtab?source=home
CHR StartupUrls: Default -> "about:newtab?source=home", "hxxp://istart.webssearches.com/?type=hp&ts=1409317299&from=adks&uid=ST9500325AS_6VEGBS27XXXX6VEGBS27", "hxxp://websearch.flyandsearch.info/?pid=724&r=2014/09/05&hid=14138264460903633756&lg=EN&cc=BG"
CHR DefaultSearchKeyword: Default -> search.certified-toolbar.com_
CHR DefaultSearchProvider: Default -> Web Search
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Документи) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-05]
CHR Extension: (Google Диск) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-05]
CHR Extension: (YouTube) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-05]
CHR Extension: (Google Търсене) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-05]
CHR Extension: (Social Face) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb [2014-09-05]
CHR Extension: (avast! WebRep) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-09-16]
CHR Extension: (Google Wallet) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Daniela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-05]
CHR HKLM-x32\...\Chrome\Extension: [aaaapoecfpbnohmjikjhpijcnonhhhlh] - C:\Users\Daniela\AppData\Local\APN\GoogleCRXs\aaaapoecfpbnohmjikjhpijcnonhhhlh_7.17.0.0.crx []
CHR HKLM-x32\...\Chrome\Extension: [fnjancchhkabckonnimkjhcjhnaopfob] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx []
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-10-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-08-21] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-06-18] (Microsoft)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-12-12] (PC Tools)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-01-24] (SolidWorks) [File not signed]
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 Hamachi2Svc; E:\hamachi-2.exe -s [X]
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-12-13] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-26] (DT Soft Ltd)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-16] (Windows ® Win 7 DDK provider)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 55142B4F7A7E4C9C151C6000A6BF7809
C:\Windows\System32\Drivers\aswKbd.sys F146F83E8F7AC22BD011D5942E4C155C
C:\Windows\system32\drivers\aswMonFlt.sys AA9FDE3D630160B47DAB21BF8250111C
C:\Windows\System32\Drivers\aswrdr2.sys 2A6675C24DF5159A9506CD13ECE5ABE9
C:\Windows\System32\Drivers\aswSnx.sys 4E38475BDB51A867CCBA7D5DF7FDFC0C
C:\Windows\System32\Drivers\aswSP.sys 9A49D80D65451AF22913AEF772CC3DA9
C:\Windows\System32\Drivers\aswTdi.sys C3EC420451AC5300A22190AE38418FBA
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E642491F64E58CD5BC8FB8B347DCF65F
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 0D25B6D300BA26A5F2C3B2A8E96B158B
C:\Windows\System32\Drivers\BTHUSB.sys 1F9912F8EC5BFA53432E71E150636A8A
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cnnctfy2.sys 040FF3B09F26926A3792E047DB0F47DD
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 400582B09E0BB557D0EC28A945150EEB
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys 2D18C9E1F23970DE32D78D3B1CDDA0A7
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys F5872A11EB4F6DB170D636CD4E53CA9F
C:\Windows\System32\drivers\IntcHdmi.sys 88A20FA54C73DED4E8DAC764E9130AE9
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\k57nd60a.sys 37E053A2CF8F0082B689ED74106E0CEC
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys FAF015B07E3A2874A790A39B7D2C579F
C:\Windows\System32\DRIVERS\mrxsmb10.sys 08E2345DF129082BCDFFDC1440F9C00D
C:\Windows\System32\DRIVERS\mrxsmb20.sys 108D87409C5812EF47D81E22843E8C9D
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\ccdcmbx64.sys 88F2F2CB9FAEE2E14BCCF384F4C88061
C:\Windows\System32\drivers\ccdcmbox64.sys 31C1FAC4AE14FB2F8771C59BA3F90BAD
C:\Windows\System32\drivers\npf.sys DE7FCC77F4A503AF4CA6A47D49B3713D
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys BC0018C2D29F655188A0ED3FA94FDB24
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 0FFE35F0B0CD5A324BBE22F02569AE3B
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 2098B8556D1CEC2ACA9A29CD479E3692
C:\Windows\System32\DRIVERS\srv2.sys D0F73A42040F21F92FD314B42AC5C9E7
C:\Windows\System32\DRIVERS\srvnet.sys 2BA8F3250828CCDB4204ECF2C6F40B6A
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tcpip.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys FBD861E69E1F583BEC906FCD04E4F84E
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2
C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys 0FBB0080B287BBCBF5C7076E3D74A35C
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wcmvcam64.sys 8F105ADE434064ADFBBFBE198513B84F
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 12:32 - 2014-09-21 12:33 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64 (1).exe
2014-09-21 12:17 - 2014-09-21 12:17 - 00000002 _____ () C:\runcheck.txt
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\zoek_backup
2014-09-21 12:15 - 2014-09-21 12:15 - 04114148 _____ () C:\Users\Daniela\Downloads\zoek.zip
2014-09-21 12:15 - 2014-09-09 07:43 - 01421585 _____ () C:\Users\Daniela\Desktop\zoek.scr
2014-09-21 12:15 - 2014-09-09 07:43 - 01421585 _____ () C:\Users\Daniela\Desktop\zoek.com
2014-09-21 12:13 - 2014-09-21 12:13 - 00002830 _____ () C:\Users\Daniela\Desktop\JRT.txt
2014-09-21 11:49 - 2014-09-21 11:49 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 11:48 - 2014-09-21 11:48 - 01027006 _____ (Thisisu) C:\Users\Daniela\Downloads\JRT.exe
2014-09-21 11:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-21 11:07 - 2014-09-21 11:38 - 00000000 ____D () C:\AdwCleaner
2014-09-21 11:06 - 2014-09-21 11:06 - 01373475 _____ () C:\Users\Daniela\Downloads\adwcleaner_3.310.exe
2014-09-21 10:08 - 2014-09-21 10:11 - 00035679 _____ () C:\Users\Daniela\Downloads\Addition.txt
2014-09-21 10:06 - 2014-09-21 12:34 - 00034373 _____ () C:\Users\Daniela\Downloads\FRST.txt
2014-09-21 10:06 - 2014-09-21 12:33 - 00000000 ____D () C:\FRST
2014-09-21 10:04 - 2014-09-21 10:05 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64.exe
2014-09-16 08:23 - 2014-09-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-05 16:50 - 2014-09-06 19:40 - 00000000 ____D () C:\Users\Daniela\Documents\NFS Most Wanted
2014-09-05 16:46 - 2014-09-05 16:46 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Worki
2014-09-05 16:46 - 2014-09-05 16:46 - 00003209 _____ () C:\Users\Daniela\Downloads\[kickass.to]need.for.speed.most.wanted.patch.for.windows.7.64.bit.torrent
2014-09-05 16:41 - 2014-09-06 22:17 - 00000000 ____D () C:\ProgramData\YoutubeAaDBluOOcke
2014-09-05 16:41 - 2014-09-05 16:42 - 00000000 ____D () C:\ProgramData\KeepAppIt Software
2014-09-05 16:40 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\5534d603321f79eb
2014-09-05 16:40 - 2014-09-05 16:41 - 00000000 ____D () C:\Program Files (x86)\YoutubeAaDBluOOcke
2014-09-05 16:40 - 2014-09-05 16:40 - 00000426 __RSH () C:\ProgramData\ntuser.pol
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator
2014-09-05 16:30 - 2014-09-05 16:30 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Working__.3427700.TPB.torrent
2014-09-05 15:49 - 2014-09-05 15:49 - 00011611 _____ () C:\Users\Daniela\Downloads\Need For Speed Most Wanted PC DVD.torrent
2014-09-04 13:34 - 2014-09-05 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 13:34 - 2014-09-04 13:34 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 12:54 - 2014-09-04 12:54 - 00000000 ____D () C:\Windows\GTA Vice City - Burn
2014-09-04 12:33 - 2014-09-04 12:33 - 00060342 _____ () C:\Users\Daniela\Downloads\GTA Vice City - Burn.torrent
2014-09-03 07:04 - 2014-09-03 07:04 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii (1).xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00273920 _____ () C:\Users\Daniela\Downloads\kvota-1-za-rabotni-mesta-v-centralnite-vedomstva.xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00108032 _____ () C:\Users\Daniela\Downloads\kvota-2-za-rabotni-mesta-v-oblastnite-administracii.xls
2014-09-02 16:14 - 2014-09-02 16:14 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii.xls
2014-09-02 14:32 - 2014-09-02 14:32 - 00001043 _____ () C:\Windows\NLSDownlevelMapping.log
2014-09-02 14:13 - 2014-09-02 14:13 - 00054191 _____ () C:\Users\Daniela\Downloads\City Car Driving v2.2.7 + Car Pack + Crack.torrent
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Offer
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Display Offer
2014-08-29 16:03 - 2014-08-29 16:03 - 00000040 _____ () C:\ProgramData\spds90.txt
2014-08-26 15:35 - 2014-08-26 15:35 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Softland
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 12:34 - 2014-09-21 10:06 - 00034373 _____ () C:\Users\Daniela\Downloads\FRST.txt
2014-09-21 12:33 - 2014-09-21 12:32 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64 (1).exe
2014-09-21 12:33 - 2014-09-21 10:06 - 00000000 ____D () C:\FRST
2014-09-21 12:29 - 2011-10-12 09:52 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{72ADF9CF-5EA5-4B41-92E6-2774748BC0D3}
2014-09-21 12:21 - 2012-10-07 11:26 - 00001000 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 12:20 - 2012-09-15 13:54 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-21 12:17 - 2014-09-21 12:17 - 00000002 _____ () C:\runcheck.txt
2014-09-21 12:17 - 2014-09-21 12:17 - 00000000 ____D () C:\zoek_backup
2014-09-21 12:15 - 2014-09-21 12:15 - 04114148 _____ () C:\Users\Daniela\Downloads\zoek.zip
2014-09-21 12:13 - 2014-09-21 12:13 - 00002830 _____ () C:\Users\Daniela\Desktop\JRT.txt
2014-09-21 11:49 - 2014-09-21 11:49 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 11:49 - 2009-07-14 07:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 11:49 - 2009-07-14 07:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 11:48 - 2014-09-21 11:48 - 01027006 _____ (Thisisu) C:\Users\Daniela\Downloads\JRT.exe
2014-09-21 11:48 - 2011-10-12 09:46 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Skype
2014-09-21 11:48 - 2011-10-12 09:44 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\uTorrent
2014-09-21 11:45 - 2011-10-11 18:41 - 02001120 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 11:41 - 2014-05-11 11:42 - 00013380 _____ () C:\Windows\PFRO.log
2014-09-21 11:41 - 2014-05-10 21:24 - 00026635 _____ () C:\Windows\setupact.log
2014-09-21 11:41 - 2012-10-07 11:26 - 00000996 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 11:41 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 11:38 - 2014-09-21 11:07 - 00000000 ____D () C:\AdwCleaner
2014-09-21 11:38 - 2014-02-01 15:40 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-09-21 11:36 - 2012-10-19 14:03 - 00000000 ____D () C:\Users\Daniela\Documents\Euro Truck Simulator 2
2014-09-21 11:35 - 2012-08-15 23:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-21 11:06 - 2014-09-21 11:06 - 01373475 _____ () C:\Users\Daniela\Downloads\adwcleaner_3.310.exe
2014-09-21 10:11 - 2014-09-21 10:08 - 00035679 _____ () C:\Users\Daniela\Downloads\Addition.txt
2014-09-21 10:05 - 2014-09-21 10:04 - 02105856 _____ (Farbar) C:\Users\Daniela\Downloads\FRST64.exe
2014-09-19 20:52 - 2014-08-16 23:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-09-19 20:50 - 2011-12-23 21:36 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-19 19:53 - 2009-07-14 08:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 08:23 - 2014-09-16 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-16 08:23 - 2014-08-16 08:59 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-16 08:23 - 2012-08-07 13:14 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-16 08:23 - 2011-10-12 09:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-16 08:23 - 2011-10-12 09:45 - 00000000 ____D () C:\ProgramData\Skype
2014-09-14 17:46 - 2013-12-09 21:18 - 00000000 ____D () C:\Windows\System32\Tasks\SystemSockets
2014-09-14 17:46 - 2013-08-22 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-09-14 17:46 - 2013-03-19 22:24 - 00000000 ____D () C:\Windows\System32\Tasks\ProtectedSearch
2014-09-14 17:45 - 2014-02-05 17:24 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 17:45 - 2011-10-11 18:45 - 00001431 _____ () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-14 17:45 - 2011-10-11 18:45 - 00001397 _____ () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-11 22:36 - 2013-03-19 22:24 - 00034368 _____ () C:\Windows\Launcher.exe
2014-09-09 07:43 - 2014-09-21 12:15 - 01421585 _____ () C:\Users\Daniela\Desktop\zoek.scr
2014-09-09 07:43 - 2014-09-21 12:15 - 01421585 _____ () C:\Users\Daniela\Desktop\zoek.com
2014-09-06 22:17 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\YoutubeAaDBluOOcke
2014-09-06 19:40 - 2014-09-05 16:50 - 00000000 ____D () C:\Users\Daniela\Documents\NFS Most Wanted
2014-09-06 09:29 - 2013-07-06 14:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-05 16:46 - 2014-09-05 16:46 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Worki
2014-09-05 16:46 - 2014-09-05 16:46 - 00003209 _____ () C:\Users\Daniela\Downloads\[kickass.to]need.for.speed.most.wanted.patch.for.windows.7.64.bit.torrent
2014-09-05 16:42 - 2014-09-05 16:41 - 00000000 ____D () C:\ProgramData\KeepAppIt Software
2014-09-05 16:42 - 2012-02-28 19:44 - 00000000 ____D () C:\ProgramData\InstallMate
2014-09-05 16:41 - 2014-09-05 16:40 - 00000000 ____D () C:\ProgramData\5534d603321f79eb
2014-09-05 16:41 - 2014-09-05 16:40 - 00000000 ____D () C:\Program Files (x86)\YoutubeAaDBluOOcke
2014-09-05 16:40 - 2014-09-05 16:40 - 00000426 __RSH () C:\ProgramData\ntuser.pol
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Guest
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-05 16:40 - 2014-09-05 16:40 - 00000000 ____D () C:\Users\Administrator
2014-09-05 16:40 - 2012-02-15 18:49 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Google
2014-09-05 16:40 - 2009-07-14 06:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-05 16:40 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-05 16:37 - 2013-12-11 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-05 16:33 - 2014-07-04 21:22 - 00026596 _____ () C:\Windows\DirectX.log
2014-09-05 16:30 - 2014-09-05 16:30 - 00004923 _____ () C:\Users\Daniela\Downloads\Need_For_Speed__Most_Wanted_Crack-Fully_Working__.3427700.TPB.torrent
2014-09-05 16:30 - 2011-11-26 14:52 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\DAEMON Tools Lite
2014-09-05 15:51 - 2014-09-04 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-05 15:49 - 2014-09-05 15:49 - 00011611 _____ () C:\Users\Daniela\Downloads\Need For Speed Most Wanted PC DVD.torrent
2014-09-04 13:34 - 2014-09-04 13:34 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA Vice City - Burn
2014-09-04 12:54 - 2014-09-04 12:54 - 00000000 ____D () C:\Windows\GTA Vice City - Burn
2014-09-04 12:33 - 2014-09-04 12:33 - 00060342 _____ () C:\Users\Daniela\Downloads\GTA Vice City - Burn.torrent
2014-09-03 17:44 - 2014-08-17 00:14 - 00000000 _____ () C:\Users\Daniela\AppData\Roaming\FileOut.cns
2014-09-03 17:44 - 2014-08-17 00:14 - 00000000 _____ () C:\Users\Daniela\AppData\Roaming\FileIn.cns
2014-09-03 07:04 - 2014-09-03 07:04 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii (1).xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00273920 _____ () C:\Users\Daniela\Downloads\kvota-1-za-rabotni-mesta-v-centralnite-vedomstva.xls
2014-09-02 16:15 - 2014-09-02 16:15 - 00108032 _____ () C:\Users\Daniela\Downloads\kvota-2-za-rabotni-mesta-v-oblastnite-administracii.xls
2014-09-02 16:14 - 2014-09-02 16:14 - 00321536 _____ () C:\Users\Daniela\Downloads\kvota-3-za-rabotni-mesta-v-obshtinskite-administracii.xls
2014-09-02 14:32 - 2014-09-02 14:32 - 00001043 _____ () C:\Windows\NLSDownlevelMapping.log
2014-09-02 14:30 - 2012-11-25 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forward Development
2014-09-02 14:13 - 2014-09-02 14:13 - 00054191 _____ () C:\Users\Daniela\Downloads\City Car Driving v2.2.7 + Car Pack + Crack.torrent
2014-08-31 11:03 - 2014-02-01 15:39 - 00000000 ____D () C:\Program Files (x86)\Direct Video Downloader
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Offer
2014-08-29 19:55 - 2014-08-29 19:55 - 00000000 ____D () C:\Program Files (x86)\Display Offer
2014-08-29 16:03 - 2014-08-29 16:03 - 00000040 _____ () C:\ProgramData\spds90.txt
2014-08-28 22:43 - 2013-07-29 20:23 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-26 15:43 - 2014-08-16 09:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-26 15:36 - 2011-10-12 09:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-26 15:35 - 2014-08-26 15:35 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Softland
 
Some content of TEMP:
====================
C:\Users\Daniela\AppData\Local\Temp\7za.exe
C:\Users\Daniela\AppData\Local\Temp\AutoRun.exe
C:\Users\Daniela\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Daniela\AppData\Local\Temp\bdfilters.dll
C:\Users\Daniela\AppData\Local\Temp\CloudBackup1412.exe
C:\Users\Daniela\AppData\Local\Temp\CloudBackup189.exe
C:\Users\Daniela\AppData\Local\Temp\DeltaTB.exe
C:\Users\Daniela\AppData\Local\Temp\EBU47D9.EXE
C:\Users\Daniela\AppData\Local\Temp\EBU4E5E.DLL
C:\Users\Daniela\AppData\Local\Temp\hijackthis.exe
C:\Users\Daniela\AppData\Local\Temp\NirCmd.exe
C:\Users\Daniela\AppData\Local\Temp\PCOptimizerProSetup_CMN_1.exe
C:\Users\Daniela\AppData\Local\Temp\PEVZ.EXE
C:\Users\Daniela\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniela\AppData\Local\Temp\remove.exe
C:\Users\Daniela\AppData\Local\Temp\sed.exe
C:\Users\Daniela\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniela\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Daniela\AppData\Local\Temp\sfextra.dll
C:\Users\Daniela\AppData\Local\Temp\shortcut.exe
C:\Users\Daniela\AppData\Local\Temp\swreg.exe
C:\Users\Daniela\AppData\Local\Temp\swxcacls.exe
C:\Users\Daniela\AppData\Local\Temp\tbu16FD.exe
C:\Users\Daniela\AppData\Local\Temp\tbu3024.exe
C:\Users\Daniela\AppData\Local\Temp\tbu6838.exe
C:\Users\Daniela\AppData\Local\Temp\tbu8075.exe
C:\Users\Daniela\AppData\Local\Temp\tbuCEF5.exe
C:\Users\Daniela\AppData\Local\Temp\tbuE82C.exe
C:\Users\Daniela\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Daniela\AppData\Local\Temp\wget.exe
C:\Users\Daniela\AppData\Local\Temp\ycomp_setup_cclean.exe
C:\Users\Daniela\AppData\Local\Temp\zoek-delete.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  bg-BG
inherit                 {globalsettings}
default                 {current}
resumeobject            {57c0b3c7-f427-11e0-b5c5-bb723ae4c13d}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  bg-BG
inherit                 {bootloadersettings}
recoverysequence        {57c0b3c9-f427-11e0-b5c5-bb723ae4c13d}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {57c0b3c7-f427-11e0-b5c5-bb723ae4c13d}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {57c0b3c9-f427-11e0-b5c5-bb723ae4c13d}
device                  ramdisk=[C:]\Recovery\57c0b3c9-f427-11e0-b5c5-bb723ae4c13d\Winre.wim,{57c0b3ca-f427-11e0-b5c5-bb723ae4c13d}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\57c0b3c9-f427-11e0-b5c5-bb723ae4c13d\Winre.wim,{57c0b3ca-f427-11e0-b5c5-bb723ae4c13d}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {57c0b3c7-f427-11e0-b5c5-bb723ae4c13d}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  bg-BG
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  bg-BG
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {57c0b3ca-f427-11e0-b5c5-bb723ae4c13d}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\57c0b3c9-f427-11e0-b5c5-bb723ae4c13d\boot.sdi
 
 
 
LastRegBack: 2014-09-16 00:28
 
==================== End Of Log ============================

Addition.txt

Линк към коментара
Сподели в други сайтове

А каква е причината да игнорирате стъпка 3..?

Защо не сте деинсталирали по стандартния начин тези програми:

 

 

CertifiedToolbar 2.4 (HKLM-x32\...\{107c7af4-bcdb-4ba2-87d1-3cb1f7190dba}_is1) (Version: 2.4 - CertifiedToolbar) <==== ATTENTION

GadgetBox Expansion (HKLM\...\{6D345027-25C7-43C1-A12A-6DE5B6D772D1}) (Version: 1.0 - ) <==== ATTENTION

HomeTab 6.8 (HKLM-x32\...\{f8c77e88-ecbf-40f9-8e8b-fb0da19c6553}_is1) (Version: 6.8 - One Floor App) <==== ATTENTION

Линк към коментара
Сподели в други сайтове

icon13.gif Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => [fixlist.txt
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.
Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

Линк към коментара
Сподели в други сайтове

  • 2 седмици по-късно...

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

×
×
  • Добави ново...