Премини към съдържанието
От 1-ви септември 2021 г., вход във форумите ще е възможен само с имейл адрес вместо потребителско име. Ако не помните имейла с който сте се регистрирали, вижте го в настройките на профила си. ×
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Проблем с размазване на текскта


Препоръчан отговор


Здравейте,

незнам да ли е вирус, бъг или нещо такова. 

Проблема е следния

когато вляза в интернет и чета нещо няма значение какво ще използвам Mozilla, Google Chrome, Opera, Internet Explorer се получава да бъде размазан текста или липсващ, след като мръдна с мишката и посоча там където е размазания текст ми излиза каквото трябва да пише.

Ако има вариант да се оправи без да преинсталирам windows?

С Windows 8.1 64bit съм

Благодаря за отговорите

 

Линк към коментара
Сподели в други сайтове

Какво имаш предвид? Буквите са размазани/отрязани през средата ли? Можеш ли да дадеш някакъв скрийншот?

Здравейте,

това е скрийншота

post-355102-0-09503700-1418407578_thumb.

Линк към коментара
Сподели в други сайтове

  • 2 седмици по-късно...

Честито Рождество Христово!

Никой ли не може да ми помогне

То се получава както на снимката и в други сайтове, но не мога да го хвана в точния момент да на правя снимка

post-355102-0-01660200-1419501160_thumb.

Линк към коментара
Сподели в други сайтове

Здравейте и Честита Коледа и на вас..! За съжаление вие не спазвате изискванията на този специализиран подраздел и това е причината да не ви се отговаря.

 

Системата ми е инфектирана - Какво да правя сега?

Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by lachezar (administrator) on LENOVO-PC on 26-12-2014 17:26:04
Running from C:\Users\lachezar\Desktop
Loaded Profiles: lachezar & gmcec_000 (Available profiles: lachezar & gmcec_000)
Platform: Windows 8.1 Pro (X64) OS Language: Български (България)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Gorlo Pavel Programming. GPP©) C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPP Remote Service.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\loggingserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
(Gorlo Pavel Programming. GPP©) C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPPRS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe
(ArcSoft) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Dropbox, Inc.) C:\Users\lachezar\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\ZTE Join Air\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.2.0\ScriptHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(ArcSoft) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Alcatel Limo ModemListener] => C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe [125504 2012-03-23] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [64000 2007-07-03] (ArcSoft)
HKLM-x32\...\Run: [uIExec] => C:\Program Files (x86)\ZTE Join Air\UIExec.exe [132608 2009-03-24] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3081752 2014-12-16] ()
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [GoogleChromeAutoLaunch_F00219C7CB01E8AAEA4FA4FEC727F103] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [AVG-Secure-Search-Update_0814tb] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe [2782744 2014-08-28] ()
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {219a2920-2706-11e4-8265-6cf04927b996} - "G:\Startme.exe"
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {4af66f31-8376-11e4-8292-6cf04927b996} - "H:\Startme.exe"
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {67029719-1a08-11e4-8256-6cf04927b996} - "J:\autorun.exe"
HKU\S-1-5-21-2364723983-2443083560-1009114852-1008\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1008\...\MountPoints2: {67029719-1a08-11e4-8256-6cf04927b996} - "G:\autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\lachezar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [smartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll (SmartSoft Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/?ocid=iehp
HKU\S-1-5-21-2364723983-2443083560-1009114852-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bg/
HKU\S-1-5-21-2364723983-2443083560-1009114852-1008\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={62E7FF19-9EB7-44A2-BF96-99ED095CC5DF}&mid=086fd2e20c0547d2a1ecbdb90fc35065-8a75898efe1bc980cf12af279bbbec1de50e74fb&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-16 09:13:59&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://e-fibank.bg/EBank/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E270D14-E4F0-46F1-AC93-C804DEA77FC2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://mysearch.avg.com?cid={62E7FF19-9EB7-44A2-BF96-99ED095CC5DF}&mid=086fd2e20c0547d2a1ecbdb90fc35065-8a75898efe1bc980cf12af279bbbec1de50e74fb&lang=en&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=2014-12-16 09:13:59&v=4.0.5.7&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2364723983-2443083560-1009114852-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lachezar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2364723983-2443083560-1009114852-1008: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gmcec_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected] [2014-12-16]
FF Extension: DownloadHelper - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-29]
FF Extension: Flash and Video Download - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-08]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected] [2014-11-20]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected] [2014-11-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-11-29]
FF Extension: Adblock Plus - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-20]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.bg/
CHR StartupUrls: Default -> "https://www.google.bg/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-01]
CHR Extension: (Google Документи) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Диск) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (YouTube) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
CHR Extension: (AVG Secure Search) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-12-16]
CHR Extension: (Rampage) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknkimpcfkpmmikggddpidpmaljigegp [2014-08-01]
CHR Extension: (Google Търсене) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
CHR Extension: (Calculator) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2014-08-01]
CHR Extension: (Word Online) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-08-01]
CHR Extension: (Запазване в Google Диск) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-08-01]
CHR Extension: (Text Highlighter) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-11-25]
CHR Extension: (Watch Online) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb [2014-11-25]
CHR Extension: (iLivid) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR Extension: (Gmail) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-11-06] () [File not signed]
R2 Alcatel Limo Modem Device Helper; C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 GPPService; C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPP Remote Service.exe [33280 2014-06-07] (Gorlo Pavel Programming. GPP©) [File not signed]
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-04-09] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [218432 2014-04-09] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe [241664 2009-03-24] () [File not signed]
R2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2014-12-16] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AlcatelOTnet; C:\Windows\system32\DRIVERS\AlcatelOTUsbnet.sys [138752 2011-06-20] (TCT International Mobile Ltd)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-16] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-09-12] (Alcohol Soft Development Team)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-20] (Sony Mobile Communications)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
U3 Ndi_shwdrewn; No ImagePath
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-12] (Duplex Secure Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 RT2500; \SystemRoot\system32\DRIVERS\RT2500.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 17:26 - 2014-12-26 17:26 - 00024952 _____ () C:\Users\lachezar\Desktop\FRST.txt
2014-12-26 17:25 - 2014-12-26 17:26 - 00000000 ____D () C:\FRST
2014-12-26 17:25 - 2014-12-26 17:25 - 02122752 _____ (Farbar) C:\Users\lachezar\Desktop\FRST64.exe
2014-12-25 14:06 - 2014-12-25 14:06 - 16283148 _____ () C:\Users\lachezar\Downloads\arcade-pulse_1.0.2_files.zip
2014-12-25 12:07 - 2014-12-25 12:07 - 00038918 _____ () C:\Users\lachezar\Downloads\9194=609-mygamelistcreator.zip
2014-12-25 12:07 - 2014-12-25 12:07 - 00021103 _____ () C:\Users\lachezar\Downloads\myscorespresenter.zip
2014-12-22 16:53 - 2014-12-22 16:53 - 00000000 ____D () C:\Users\gmcec_000\AppData\Roaming\AVG2015
2014-12-22 16:53 - 2014-12-22 16:53 - 00000000 ____D () C:\Users\gmcec_000\AppData\Local\Avg2015
2014-12-21 13:50 - 2014-12-21 14:07 - 15334528 _____ () C:\Users\lachezar\Downloads\MF4100_MFDrivers_W32_uk_EN.exe
2014-12-19 17:54 - 2014-12-20 20:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-19 17:54 - 2014-12-19 17:54 - 01142392 _____ () C:\Users\lachezar\Downloads\SteamSetup.exe
2014-12-19 17:54 - 2014-12-19 17:54 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-19 17:54 - 2014-12-19 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-17 09:27 - 2014-12-17 09:27 - 00001185 _____ () C:\Users\lachezar\Desktop\Dropbox.lnk
2014-12-17 09:27 - 2014-12-17 09:27 - 00000000 ____D () C:\Users\lachezar\Dropbox (Old)
2014-12-17 09:27 - 2014-12-17 09:27 - 00000000 ____D () C:\Users\lachezar\c
2014-12-17 09:22 - 2014-12-17 09:22 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 09:14 - 2014-12-16 17:42 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-12-16 09:14 - 2014-12-16 09:15 - 00000000 ____D () C:\Users\lachezar\AppData\Local\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:14 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:13 - 00052000 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-12-16 09:13 - 2014-12-16 09:13 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-12-16 09:13 - 2014-12-16 09:13 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:13 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-12-15 11:19 - 2014-12-15 11:19 - 00140828 _____ () C:\Windows\DPINST.LOG
2014-12-15 11:18 - 2014-12-15 11:18 - 00002118 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\ProgramData\Sony
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-14 19:19 - 2014-12-14 19:19 - 01685320 _____ (Bandoo Media Inc) C:\Users\lachezar\Downloads\Непотвърдено 198458.crdownload
2014-12-14 17:38 - 2014-12-14 17:38 - 00228244 _____ () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-1.5.6-1.5.6.4.rar
2014-12-14 17:38 - 2014-12-14 17:38 - 00000000 ____D () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-1.5.6-1.5.6.4
2014-12-14 17:34 - 2014-12-14 17:34 - 00132209 _____ () C:\Users\lachezar\Downloads\Econt-Express-v2.3.4-OpenCart-1.5.2.x---1.5.6.x.zip
2014-12-14 17:34 - 2014-12-14 17:34 - 00000000 ____D () C:\Users\lachezar\Downloads\Econt-Express-v2.3.4-OpenCart-1.5.2.x---1.5.6.x
2014-12-13 19:29 - 2014-12-13 19:30 - 52151434 _____ () C:\Users\lachezar\Downloads\Rodriguez Feat. Ander _ Rossi - No Voy A Llorar (Official Video).mp4
2014-12-13 19:19 - 2014-12-13 19:20 - 66874198 _____ () C:\Users\lachezar\Downloads\Naughty Boy - La La La ft. Sam Smith.mp4
2014-12-13 19:19 - 2014-12-13 19:19 - 51419421 _____ () C:\Users\lachezar\Downloads\Clase-A Una Noche Loca (Official Video).mp4
2014-12-13 11:15 - 2014-12-13 19:40 - 00000000 ____D () C:\INVOICE
2014-12-13 10:52 - 2014-12-13 10:52 - 01601118 _____ () C:\Users\lachezar\Downloads\fungames.zip
2014-12-13 10:05 - 2014-12-13 10:05 - 00659647 _____ () C:\Users\lachezar\Downloads\myarcadeplugin.zip
2014-12-12 07:48 - 2014-12-12 07:48 - 00000000 ____D () C:\Micro
2014-12-12 07:47 - 2014-12-12 07:48 - 10637063 _____ () C:\Users\lachezar\Downloads\m_invoice.exe
2014-12-11 16:57 - 2014-12-11 16:57 - 00000000 ____D () C:\Users\lachezar\Desktop\archive
2014-12-11 16:47 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 16:47 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 16:46 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 16:46 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-11 16:24 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-11 16:24 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-11 16:12 - 2014-12-11 16:12 - 01768435 _____ () C:\Users\lachezar\Downloads\db530360044_db_1and1_com (1).sql
2014-12-11 16:06 - 2014-12-11 16:06 - 01765188 _____ () C:\Users\lachezar\Downloads\db530360044_db_1and1_com.sql
2014-12-11 16:03 - 2014-12-11 16:03 - 00002016 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-12-11 16:03 - 2014-12-11 16:03 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-12-11 15:56 - 2014-11-22 05:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 15:56 - 2014-11-22 04:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 15:56 - 2014-11-22 04:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 15:56 - 2014-11-22 04:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 15:56 - 2014-11-22 04:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 15:56 - 2014-11-22 04:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 15:56 - 2014-11-22 04:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 15:56 - 2014-11-22 04:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 15:56 - 2014-11-22 04:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 15:56 - 2014-11-22 04:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 15:56 - 2014-11-22 04:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 15:56 - 2014-11-22 04:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-11 15:56 - 2014-11-22 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 15:56 - 2014-11-22 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 15:56 - 2014-11-22 04:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 15:56 - 2014-11-22 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-11 15:56 - 2014-11-22 03:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 15:56 - 2014-11-22 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-11 15:56 - 2014-11-22 03:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 15:56 - 2014-11-22 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 15:56 - 2014-11-22 03:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 15:56 - 2014-11-22 03:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 15:56 - 2014-11-22 03:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 15:56 - 2014-11-22 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 15:56 - 2014-11-22 03:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-11 15:56 - 2014-11-22 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 15:56 - 2014-11-22 03:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 15:56 - 2014-11-22 03:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-11 15:56 - 2014-11-22 03:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 15:56 - 2014-11-22 03:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-11 15:56 - 2014-11-22 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 15:56 - 2014-11-22 03:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 15:56 - 2014-11-22 03:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 15:56 - 2014-11-22 03:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 15:56 - 2014-11-22 03:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 15:56 - 2014-11-22 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 15:56 - 2014-11-22 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 15:56 - 2014-11-22 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 15:56 - 2014-11-22 02:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 15:56 - 2014-11-07 06:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 15:56 - 2014-11-07 05:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 15:56 - 2014-11-01 01:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-11 15:56 - 2014-11-01 01:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-11 15:56 - 2014-10-13 04:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-11 09:50 - 2014-12-11 09:51 - 00000913 _____ () C:\Users\lachezar\Desktop\hosts1
2014-12-11 09:49 - 2014-12-11 09:49 - 00000913 _____ () C:\Users\lachezar\Desktop\hosts.txt
2014-12-10 22:29 - 2014-12-23 20:20 - 00004094 _____ () C:\Windows\setupact.log
2014-12-10 22:29 - 2014-12-10 22:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 22:08 - 2014-12-16 09:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 21:27 - 2014-12-10 21:27 - 00009218 _____ () C:\Users\lachezar\Downloads\exportexcelorcsvsalessectionopc200.zip
2014-12-10 21:19 - 2014-12-10 09:41 - 100761972 _____ () C:\Users\lachezar\Desktop\archive.zip
2014-12-10 20:26 - 2014-12-10 20:26 - 00247976 _____ () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-2.0.x.x.rar
2014-12-10 20:26 - 2014-12-10 20:26 - 00000000 ____D () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-2.0.x.x
2014-12-10 19:47 - 2014-12-10 19:47 - 00000000 ____D () C:\Users\lachezar\Downloads\opencart-2.0.0.0
2014-12-10 19:44 - 2014-12-10 19:44 - 00000000 ____D () C:\Windows\System32\Tasks\SmartFTP
2014-12-10 19:44 - 2014-12-10 19:44 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\SmartFTP
2014-12-10 19:43 - 2014-12-10 19:43 - 00002675 _____ () C:\Users\Public\Desktop\SmartFTP Client.lnk
2014-12-10 19:43 - 2014-12-10 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client
2014-12-10 19:43 - 2014-12-10 19:43 - 00000000 ____D () C:\Program Files\SmartFTP Client
2014-12-10 19:41 - 2014-12-10 19:42 - 22422544 _____ (SmartSoft Ltd) C:\Users\lachezar\Downloads\SFTPMSI.exe
2014-12-09 20:03 - 2014-12-09 20:03 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-08 14:45 - 2014-12-06 08:49 - 00000000 ____D () C:\Users\lachezar\Downloads\upload
2014-12-08 14:39 - 2014-12-08 14:39 - 00000000 ____D () C:\Users\lachezar\Downloads\opencart-2.0.1.1
2014-12-08 13:49 - 2014-12-08 13:49 - 00008994 _____ () C:\Users\lachezar\Downloads\V2-ZOPIMLIVECHAT.zip
2014-12-07 14:48 - 2014-12-07 14:48 - 00621164 _____ () C:\Users\lachezar\Downloads\vector_business_card_template.zip
2014-12-06 17:38 - 2014-12-06 17:38 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-12-06 17:38 - 2014-12-06 17:38 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\AVG2015
2014-12-06 17:36 - 2014-12-06 17:36 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-06 17:32 - 2014-12-16 11:32 - 00000000 ____D () C:\Users\lachezar\AppData\Local\Avg2015
2014-12-06 17:32 - 2014-12-06 17:32 - 04637504 _____ (AVG Technologies) C:\Users\lachezar\Downloads\avg_free_stb_all_2015_5557_cnet.exe
2014-12-06 17:27 - 2014-10-30 13:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-06 17:23 - 2014-12-25 12:59 - 00024924 _____ () C:\Windows\PFRO.log
2014-12-06 17:11 - 2014-12-06 17:11 - 00001093 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\Users\lachezar\AppData\Local\VS Revo Group
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-06 17:11 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-12-06 17:08 - 2014-12-06 17:08 - 00003160 _____ () C:\Windows\System32\Tasks\{C774DA1D-D464-46AC-B96C-7FCD2B3F5C53}
2014-12-06 17:06 - 2014-12-06 17:06 - 00000000 ____D () C:\Users\lachezar\Documents\My Palettes
2014-12-06 17:00 - 2014-12-06 17:00 - 00000000 ____D () C:\Users\lachezar\Documents\Corel
2014-12-06 17:00 - 2014-12-06 17:00 - 00000000 ____D () C:\ProgramData\Protexis64
2014-12-06 16:57 - 2014-12-06 16:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 16:55 - 2014-12-26 17:06 - 01771785 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 16:54 - 2014-12-06 16:54 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-12-04 19:45 - 2014-12-25 12:56 - 00000000 ____D () C:\Users\lachezar\AppData\Local\CrashDumps
2014-12-03 21:38 - 2014-12-03 21:38 - 00087552 ___SH () C:\Users\lachezar\Documents\Thumbs.db
2014-12-02 19:36 - 2014-12-02 19:37 - 00008502 _____ () C:\Users\lachezar\Downloads\изтеглен файл
2014-12-02 12:44 - 2014-12-05 11:21 - 00000000 ____D () C:\ProgramData\fakturirane
2014-12-02 12:42 - 2014-12-02 12:42 - 11210806 _____ () C:\Users\lachezar\Downloads\fakturirane.setup.2.96.zip
2014-12-02 12:18 - 2014-12-02 12:20 - 327495968 _____ (Microinvest Ltd.) C:\Users\lachezar\Downloads\Setup_InvoicePro_x64 (1).exe
2014-12-02 11:45 - 2014-12-02 11:45 - 00345838 _____ () C:\Users\lachezar\Documents\export_2014-12-012222.csv
2014-12-02 11:35 - 2014-12-02 11:35 - 00000113 _____ () C:\Users\lachezar\Desktop\TBICREDIT.txt
2014-12-01 09:55 - 2014-12-01 09:58 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-12-01 09:53 - 2014-12-01 09:58 - 00000000 ____D () C:\Program Files\Software Informer
2014-11-30 20:52 - 2014-12-18 19:27 - 00067072 _____ () C:\Users\lachezar\Downloads\ВнБ Ножаров М.xls
2014-11-30 20:32 - 2014-11-30 20:32 - 00000351 _____ () C:\Users\lachezar\Desktop\Jetix Вход.url
2014-11-29 22:19 - 2014-11-29 22:19 - 27664384 _____ () C:\Users\lachezar\Desktop\Java_02.flv
2014-11-29 22:18 - 2014-11-29 22:19 - 27276319 _____ () C:\Users\lachezar\Desktop\Java_01.flv
2014-11-29 22:14 - 2014-11-29 22:14 - 00000000 ____D () C:\Users\lachezar\dwhelper
2014-11-29 17:11 - 2014-11-29 20:27 - 00000000 ____D () C:\Users\lachezar\Documents\DCIM
2014-11-29 17:07 - 2014-11-29 17:07 - 00000000 _____ () C:\Users\lachezar\Downloads\dox_20141129170731640.zip
2014-11-29 16:56 - 2014-12-26 17:18 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Dropbox
2014-11-29 16:56 - 2014-11-29 16:56 - 00323712 _____ (Dropbox, Inc.) C:\Users\lachezar\Downloads\DropboxInstaller.exe
2014-11-29 16:54 - 2014-11-29 16:55 - 29221272 _____ () C:\Users\lachezar\Downloads\SgisN CAD_v6.1.rar
2014-11-29 16:54 - 2014-11-29 16:54 - 08871084 _____ () C:\Users\lachezar\Downloads\OP-COM 100219a EN.rar
2014-11-28 18:12 - 2014-11-28 18:12 - 00000158 _____ () C:\Users\lachezar\Desktop\Компютри и лаптопи от PCSHOP.url
2014-11-28 17:34 - 2014-11-28 17:51 - 00000000 ____D () C:\Users\lachezar\Downloads\C6903_Customized CE5_1276-4384_14.4.A.0.157_R1C
2014-11-28 17:33 - 2014-11-28 17:33 - 00000000 ____D () C:\Users\lachezar\Downloads\XperiFirm_3.1_(by_IaguCool)
2014-11-28 17:30 - 2014-11-28 17:30 - 00183868 _____ () C:\Users\lachezar\Downloads\XperiFirm_3.1_(by_IaguCool).zip
2014-11-28 09:46 - 2014-11-28 09:46 - 00150134 _____ () C:\Users\lachezar\Documents\HTML, PO actions, ZIP attachment 28-11-2014 08-29.zip
2014-11-26 18:46 - 2014-11-28 07:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-26 10:45 - 2014-11-26 10:45 - 00002092 _____ () C:\Users\Public\Desktop\Canon MF Toolbox 4.9.lnk
2014-11-26 10:45 - 2014-11-26 10:45 - 00000000 ___HD () C:\Windows\system32\CanonMF Uninstaller Information
2014-11-26 10:45 - 2014-11-26 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2014-11-26 10:45 - 2014-11-26 10:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-26 10:45 - 2007-03-27 18:49 - 00063488 _____ (Canon Inc.) C:\Windows\system32\CNCLSD23.DLL
2014-11-26 10:45 - 2007-03-27 18:49 - 00045056 _____ (Canon Inc.) C:\Windows\system32\CNCLST23.DLL
2014-11-26 10:45 - 2007-03-27 18:49 - 00038912 _____ (Canon Inc.) C:\Windows\system32\cncilsc.dll
2014-11-26 10:45 - 2007-03-27 18:49 - 00037376 _____ (Canon Inc.) C:\Windows\system32\CNCLSI23.DLL
2014-11-26 10:45 - 2007-03-27 18:49 - 00032768 _____ (Canon Inc.) C:\Windows\system32\CNCLSC23.DLL
2014-11-26 10:45 - 2007-03-27 18:49 - 00021504 _____ (Canon Inc.) C:\Windows\system32\CNCLSU23.DLL
2014-11-26 10:45 - 2007-03-27 18:48 - 00188928 _____ (CANON INC.) C:\Windows\system32\CNCC4100.DLL
2014-11-26 10:45 - 2007-03-27 18:48 - 00032256 _____ (CANON INC.) C:\Windows\system32\CNCI4100.DLL
2014-11-26 10:45 - 2007-03-27 18:48 - 00025600 _____ (CANON INC.) C:\Windows\system32\CNCL4100.DLL
2014-11-26 10:45 - 2006-04-04 17:42 - 00000332 _____ () C:\Windows\system32\CNCMFP23.INI
2014-11-26 10:44 - 2014-11-26 10:44 - 00000000 ____D () C:\Program Files\Canon
2014-11-26 10:44 - 2006-10-13 16:39 - 00032768 _____ (Canon Inc.) C:\Windows\system32\CNAS0MMK.DLL
2014-11-26 10:42 - 2014-11-26 10:42 - 00000000 ____D () C:\Users\lachezar\Downloads\ToolBox_4911mf17_Win_EN
2014-11-26 10:41 - 2014-11-26 10:41 - 00000000 ____D () C:\Users\lachezar\Downloads\MF4100_MFDrivers_W64_uk_EN
2014-11-26 10:40 - 2014-11-26 10:41 - 10452536 _____ () C:\Users\lachezar\Downloads\ToolBox_4911mf17_Win_EN.exe
2014-11-26 10:40 - 2014-11-26 10:40 - 16850048 _____ () C:\Users\lachezar\Downloads\MF4100_MFDrivers_W64_uk_EN.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 17:19 - 2014-08-02 07:03 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-lachezar Lenovo-pc
2014-12-26 17:19 - 2014-08-01 14:58 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{238051D7-A9C4-4366-A6C1-EB3F3560E423}
2014-12-26 17:18 - 2014-08-01 17:14 - 00000000 __RDO () C:\Users\lachezar\SkyDrive
2014-12-26 17:17 - 2014-08-28 12:24 - 00000398 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
2014-12-26 17:17 - 2014-08-28 12:24 - 00000398 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
2014-12-26 17:17 - 2014-08-01 15:14 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 17:03 - 2014-09-26 09:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-26 16:59 - 2014-08-02 06:38 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-26 09:45 - 2014-08-01 15:14 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-25 15:33 - 2014-10-15 16:06 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\vlc
2014-12-25 12:59 - 2014-11-05 11:08 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-25 12:59 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 12:58 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-12-25 10:35 - 2014-09-03 18:25 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\FileZilla
2014-12-25 09:51 - 2014-08-01 16:38 - 01466880 ___SH () C:\Users\lachezar\Desktop\Thumbs.db
2014-12-24 19:32 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-24 16:51 - 2014-08-04 18:03 - 00000000 ____D () C:\Users\lachezar\Documents\Outlook Files
2014-12-23 20:23 - 2014-08-03 08:27 - 00000000 ____D () C:\Download
2014-12-22 18:31 - 2014-08-13 18:57 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2364723983-2443083560-1009114852-1008
2014-12-22 18:30 - 2014-09-03 18:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-22 18:30 - 2014-08-01 14:46 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2364723983-2443083560-1009114852-1001
2014-12-22 18:07 - 2014-09-12 09:34 - 00111262 _____ () C:\Windows\system32\perfh002.dat
2014-12-22 18:07 - 2014-09-12 09:34 - 00035538 _____ () C:\Windows\system32\perfc002.dat
2014-12-22 18:07 - 2013-09-30 06:22 - 01087830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-22 18:06 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Local\Packages
2014-12-22 16:56 - 2014-08-19 10:14 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{47D7B622-EFB6-45A7-BBED-B3DD498CB456}
2014-12-22 16:53 - 2014-08-13 18:53 - 00000000 ___DO () C:\Users\gmcec_000\OneDrive
2014-12-21 14:15 - 2014-08-08 17:22 - 00695296 ___SH () C:\Users\lachezar\Downloads\Thumbs.db
2014-12-21 13:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-21 12:07 - 2014-08-01 16:03 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\uTorrent
2014-12-21 11:18 - 2014-10-18 13:02 - 00000000 ____D () C:\Users\lachezar\Desktop\snimki
2014-12-20 17:46 - 2014-10-31 09:12 - 00000000 ____D () C:\Users\lachezar\Documents\lirashop
2014-12-18 09:45 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 18:30 - 2014-09-03 18:19 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409761161
2014-12-17 18:30 - 2014-09-03 18:19 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-17 09:27 - 2014-08-02 06:58 - 00000000 ___RD () C:\Users\lachezar\Dropbox
2014-12-17 09:27 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar
2014-12-16 11:32 - 2014-11-23 17:25 - 00000403 _____ () C:\Users\lachezar\Desktop\1.txt
2014-12-15 11:37 - 2014-08-20 14:27 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-12-15 11:37 - 2014-08-20 14:27 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-12-15 11:18 - 2014-08-12 15:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-13 09:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-12-13 09:00 - 2014-08-02 06:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 13:05 - 2014-08-01 15:15 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:11 - 2014-08-12 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-11 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-11 20:13 - 2014-08-02 06:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-11 20:10 - 2014-08-03 10:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 20:04 - 2014-08-03 10:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 19:41 - 2014-08-22 16:13 - 00000000 ____D () C:\Users\lachezar\AppData\Local\HiSuite
2014-12-10 19:41 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Local\VirtualStore
2014-12-09 20:03 - 2014-09-26 09:10 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 19:13 - 2014-10-05 08:31 - 11338772 _____ () C:\Users\lachezar\Downloads\opencart-2.0.0.0.zip
2014-12-08 16:01 - 2014-08-30 18:19 - 00000000 ____D () C:\Temp
2014-12-06 19:37 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\lachezar\Downloads\Driver Genius Pro 14.0.0.323 [Halloweepsycho]
2014-12-06 17:38 - 2014-10-20 08:32 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-06 17:38 - 2014-08-02 06:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-12-06 17:37 - 2014-08-02 06:40 - 00000000 ___HD () C:\$AVG
2014-12-06 17:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-12-06 17:23 - 2013-08-22 16:44 - 00585120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 17:18 - 2014-11-05 11:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-06 17:10 - 2014-10-01 18:06 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Corel
2014-12-06 16:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-05 20:31 - 2014-09-24 07:09 - 00000000 ____D () C:\Users\lachezar\Desktop\lirashop-banners
2014-12-05 10:43 - 2014-08-07 05:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-05 10:41 - 2014-08-07 05:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-05 10:40 - 2014-08-07 05:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-02 22:04 - 2014-10-15 13:55 - 00000000 ____D () C:\Users\lachezar\Documents\vami
2014-12-02 21:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-02 12:09 - 2014-10-03 09:31 - 00000000 ____D () C:\wamp
2014-12-02 12:07 - 2014-08-18 20:16 - 00000000 ____D () C:\Flashtool
2014-11-28 07:06 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Adobe
2014-11-27 17:02 - 2014-08-31 14:43 - 00060416 _____ () C:\Users\lachezar\Downloads\TBI_CALCULATOR.xls
2014-11-26 23:10 - 2014-08-06 07:27 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 23:10 - 2014-08-06 07:27 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 10:47 - 2013-08-22 17:36 - 00000000 __RSD () C:\Windows\Media

Some content of TEMP:
====================
C:\Users\gmcec_000\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\gmcec_000\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\gmcec_000\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\gmcec_000\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\lachezar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnsrs30.dll
C:\Users\lachezar\AppData\Local\Temp\Quarantine.exe
C:\Users\lachezar\AppData\Local\Temp\SHSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-22 10:50

==================== End Of Log ============================

Addition.txt

Линк към коментара
Сподели в други сайтове

adwcleaner_new.png Сканиране с AdwCleaner
 
Моля, изтеглете и стартирайте програмата AdwCleaner (by Xplode):

  • Затворете всички стартирани програми и браузъри
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
  • Маркирайте Clean
  • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
  • Моля, да публикувате съдържанието на този лог в отговора си
  • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

 

 

JRTbythisisu.png Сканиране с Junkware Removal Tool
 
Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

GUZVCQN.jpg  Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .
  Кликнете два пъти върху mbam-setup-consumer-2.0.0.1хххх.exe и следвайте инструкциите, за да инсталирате програмата .

  • В секцията Settings = > Detection and Protection => Detection Options, се поставя отметка в квадратчето 'Scan for rootkits'.

MBAMsettings.JPG

  • В главния прозорец на програмата , щракнете върху 'Update Now'
  • След актуализацията завърши, кликнете на бутона " 'Scan Now  " .
  • Ако има налична актуализация , щракнете върху бутона Update Now button .
  • Ще стартира Threat Scan.
  • Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Apply Actions за да се позволи на Mbam да почисти засеченото. .

MBAMReboot.JPG

  •   След рестарта ,стартирайте Mbam още веднъж.
  •   Кликнете на History tab > Application Logs .
  •   Кликнете два пъти върху реда , който показва датата и часа на сканирането или View Detailed Log .
  •   Кликнете върху " Copy да Clipboard "

MBAMLog.JPG

  •   Поставете  съдържанието на клипборда в следващия си  отговор.
Линк към коментара
Сподели в други сайтове

# AdwCleaner v4.106 - Създаден отчет 26/12/2014 на 20:16:24
# Актуализиран 21/12/2014 от Xplode
# Database : 2014-12-21.4 [Live]
# Операционна система : Windows 8.1 Pro  (64 bits)
# Потребителско име : lachezar - LENOVO-PC
# Стартиран от : C:\Users\lachezar\AppData\Local\Microsoft\Windows\INetCache\IE\0O4NLTBP\adwcleaner_4.106.exe
# Настройка : Почистване

***** [ Услуги ] *****

Услуа Изтритa : vToolbarUpdater18.2.0

***** [ Файлове / Папки ] *****

Папка Изтритa : C:\ProgramData\AVG Secure Search
Папка Изтритa : C:\ProgramData\AVG Security Toolbar
Папка Изтритa : C:\ProgramData\drivergenius
Папка Изтритa : C:\Program Files (x86)\Common Files\AVG Secure Search
Папка Изтритa : C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected]
Папка Изтритa : C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Папка Изтритa : C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb
Папка Изтритa : C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Папка Изтритa : C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Файл Изтритa : C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\searchplugins\avg-secure-search.xml
Файл Изтритa : C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\user.js
Файл Изтритa : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ задачи ] *****

***** [ Преки пътища ] *****

***** [ Системен регистър ] *****

Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Ключ Изтрит : HKLM\SOFTWARE\Classes\S
Ключ Изтрит : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Ключ Изтрит : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Ключ Изтрит : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Стойност Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Ключ Изтрит : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKCU\Software\Conduit

***** [ Браузъри ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v34.0.5 (x86 bg)

[4qc3tx7m.default\prefs.js] - Елемент изтрит : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v39.0.2171.95

[C:\Users\gmcec_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Opera v26.0.1656.60

[C:\Users\gmcec_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\lachezar\AppData\Roaming\Opera Software\Opera Stable\preferences] - Изтрит [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe

*************************

AdwCleaner[R0].txt - [6281 octets] - [20/11/2014 15:59:17]
AdwCleaner[R1].txt - [6979 octets] - [26/12/2014 20:12:53]
AdwCleaner[s0].txt - [5867 octets] - [20/11/2014 16:03:27]
AdwCleaner[s1].txt - [6967 octets] - [26/12/2014 20:16:24]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [7027 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 Pro x64
Ran by lachezar on ЇҐв 26.12.2014 Ј. at 20:25:08,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted the following from C:\Users\lachezar\AppData\Roaming\mozilla\firefox\profiles\4qc3tx7m.default\prefs.js

user_pref("browser.startup.homepage", "hxxps://mysearch.avg.com?cid={62E7FF19-9EB7-44A2-BF96-99ED095CC5DF}&mid=086fd2e20c0547d2a1ecbdb90fc35065-8a75898efe1bc980cf12af279bbbec1

 

~~~ Chrome

Successfully deleted: [Folder] C:\Users\lachezar\appdata\local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Successfully deleted: [Folder] C:\Users\lachezar\appdata\local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ЇҐв 26.12.2014 Ј. at 20:30:57,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Линк към коментара
Сподели в други сайтове

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.12.2014 г.
Scan Time: 22:54:17
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.26.11
Rootkit Database: v2014.12.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: lachezar

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 400877
Time Elapsed: 27 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd, Quarantined, [2024b1b5a8d447efabf0d15cc73c46ba],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0, Quarantined, [2024b1b5a8d447efabf0d15cc73c46ba],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\_metadata, Quarantined, [2024b1b5a8d447efabf0d15cc73c46ba],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb, Quarantined, [87bd2046de9e55e14d8b380e53b0a45c],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\0.1_0, Quarantined, [87bd2046de9e55e14d8b380e53b0a45c],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\0.1_0\_metadata, Quarantined, [87bd2046de9e55e14d8b380e53b0a45c],

Files: 2
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\0.1_0\_metadata\verified_contents.json, Quarantined, [2024b1b5a8d447efabf0d15cc73c46ba],
PUP.Optional.CrossRider.A, C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\0.1_0\_metadata\verified_contents.json, Quarantined, [87bd2046de9e55e14d8b380e53b0a45c],

Physical Sectors: 0
(No malicious items detected)

(end)

Линк към коментара
Сподели в други сайтове

FRST.gif Сканиране с Farbar Recovery Scan Tool

Повторете сканирането с Farbar Recovery Scan Tool, като изтриете вашето копие и изтеглите свежо..!

 

 

xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FRST.txt
  • Addition.txt
Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by lachezar (administrator) on LENOVO-PC on 27-12-2014 11:10:39
Running from C:\Users\lachezar\Desktop
Loaded Profile: lachezar (Available profiles: lachezar & gmcec_000)
Platform: Windows 8.1 Pro (X64) OS Language: Български (България)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Gorlo Pavel Programming. GPP©) C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPP Remote Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Gorlo Pavel Programming. GPP©) C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPPRS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ArcSoft) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
() C:\Program Files (x86)\ZTE Join Air\UIExec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ArcSoft) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Alcatel Limo ModemListener] => C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe [125504 2012-03-23] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [64000 2007-07-03] (ArcSoft)
HKLM-x32\...\Run: [uIExec] => C:\Program Files (x86)\ZTE Join Air\UIExec.exe [132608 2009-03-24] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [AVG-Secure-Search-Update_0814tb] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe [2782744 2014-08-28] ()
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Run: [sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {219a2920-2706-11e4-8265-6cf04927b996} - "G:\Startme.exe"
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {4af66f31-8376-11e4-8292-6cf04927b996} - "H:\Startme.exe"
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\MountPoints2: {67029719-1a08-11e4-8256-6cf04927b996} - "J:\autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\lachezar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [smartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll (SmartSoft Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg
HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} https://e-fibank.bg/EBank/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E270D14-E4F0-46F1-AC93-C804DEA77FC2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2364723983-2443083560-1009114852-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lachezar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF Extension: DownloadHelper - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-29]
FF Extension: Flash and Video Download - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-08]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected] [2014-11-20]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\[email protected] [2014-11-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-11-29]
FF Extension: Adblock Plus - C:\Users\lachezar\AppData\Roaming\Mozilla\Firefox\Profiles\4qc3tx7m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-20]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.bg/
CHR StartupUrls: Default -> "https://www.google.bg/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-01]
CHR Extension: (Google Документи) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Диск) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (YouTube) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
CHR Extension: (AVG Secure Search) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-12-26]
CHR Extension: (Rampage) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknkimpcfkpmmikggddpidpmaljigegp [2014-08-01]
CHR Extension: (Google Търсене) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
CHR Extension: (Calculator) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2014-08-01]
CHR Extension: (Word Online) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-08-01]
CHR Extension: (Запазване в Google Диск) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-08-01]
CHR Extension: (Text Highlighter) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-12-27]
CHR Extension: (Watch Online) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb [2014-12-27]
CHR Extension: (Google Wallet) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR Extension: (Gmail) - C:\Users\lachezar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-11-06] () [File not signed]
R2 Alcatel Limo Modem Device Helper; C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 GPPService; C:\Program Files (x86)\GPPSoft\GPP Remote Server\GPP Remote Service.exe [33280 2014-06-07] (Gorlo Pavel Programming. GPP©) [File not signed]
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-04-09] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [218432 2014-04-09] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe [241664 2009-03-24] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AlcatelOTnet; C:\Windows\system32\DRIVERS\AlcatelOTUsbnet.sys [138752 2011-06-20] (TCT International Mobile Ltd)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-16] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-09-12] (Alcohol Soft Development Team)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-20] (Sony Mobile Communications)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\system32\DRIVERS\jrdusbser.sys [120832 2011-06-20] (TCT International Mobile Ltd)
U3 Ndi_shwdrewn; No ImagePath
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-12] (Duplex Secure Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 RT2500; \SystemRoot\system32\DRIVERS\RT2500.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:34 - 2014-12-26 22:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 20:34 - 2014-12-26 20:34 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-26 20:34 - 2014-12-26 20:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 20:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-26 20:34 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-26 20:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-26 20:33 - 2014-12-26 20:33 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\lachezar\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-26 20:30 - 2014-12-26 20:30 - 00001261 _____ () C:\Users\lachezar\Desktop\JRT.txt
2014-12-26 20:25 - 2014-12-26 20:25 - 00000000 ____D () C:\Windows\ERUNT
2014-12-26 20:22 - 2014-12-26 20:23 - 01707646 _____ (Thisisu) C:\Users\lachezar\Desktop\JRT.exe
2014-12-26 20:16 - 2014-12-26 20:16 - 00000497 _____ () C:\Users\lachezar\Desktop\Проблем с размазване на текскта - Премахване на зловреден софтуер - HiJackThis логове - kaldata.com - Форуми.url
2014-12-26 17:26 - 2014-12-27 11:11 - 00020762 _____ () C:\Users\lachezar\Desktop\FRST.txt
2014-12-26 17:25 - 2014-12-27 11:10 - 00000000 ____D () C:\FRST
2014-12-26 17:25 - 2014-12-26 17:25 - 02122752 _____ (Farbar) C:\Users\lachezar\Desktop\FRST64.exe
2014-12-25 14:06 - 2014-12-25 14:06 - 16283148 _____ () C:\Users\lachezar\Downloads\arcade-pulse_1.0.2_files.zip
2014-12-25 12:07 - 2014-12-25 12:07 - 00038918 _____ () C:\Users\lachezar\Downloads\9194=609-mygamelistcreator.zip
2014-12-25 12:07 - 2014-12-25 12:07 - 00021103 _____ () C:\Users\lachezar\Downloads\myscorespresenter.zip
2014-12-22 16:53 - 2014-12-22 16:53 - 00000000 ____D () C:\Users\gmcec_000\AppData\Roaming\AVG2015
2014-12-22 16:53 - 2014-12-22 16:53 - 00000000 ____D () C:\Users\gmcec_000\AppData\Local\Avg2015
2014-12-21 13:50 - 2014-12-21 14:07 - 15334528 _____ () C:\Users\lachezar\Downloads\MF4100_MFDrivers_W32_uk_EN.exe
2014-12-19 17:54 - 2014-12-20 20:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-19 17:54 - 2014-12-19 17:54 - 01142392 _____ () C:\Users\lachezar\Downloads\SteamSetup.exe
2014-12-19 17:54 - 2014-12-19 17:54 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-12-19 17:54 - 2014-12-19 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-17 09:27 - 2014-12-17 09:27 - 00001185 _____ () C:\Users\lachezar\Desktop\Dropbox.lnk
2014-12-17 09:27 - 2014-12-17 09:27 - 00000000 ____D () C:\Users\lachezar\Dropbox (Old)
2014-12-17 09:27 - 2014-12-17 09:27 - 00000000 ____D () C:\Users\lachezar\c
2014-12-17 09:22 - 2014-12-17 09:22 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 09:14 - 2014-12-16 09:15 - 00000000 ____D () C:\Users\lachezar\AppData\Local\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:14 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:13 - 00052000 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-12-16 09:13 - 2014-12-16 09:13 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-12-16 09:13 - 2014-12-16 09:13 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-12-15 11:19 - 2014-12-15 11:19 - 00140828 _____ () C:\Windows\DPINST.LOG
2014-12-15 11:18 - 2014-12-15 11:18 - 00002118 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\ProgramData\Sony
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-15 11:18 - 2014-12-15 11:18 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-14 17:38 - 2014-12-14 17:38 - 00228244 _____ () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-1.5.6-1.5.6.4.rar
2014-12-14 17:38 - 2014-12-14 17:38 - 00000000 ____D () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-1.5.6-1.5.6.4
2014-12-14 17:34 - 2014-12-14 17:34 - 00132209 _____ () C:\Users\lachezar\Downloads\Econt-Express-v2.3.4-OpenCart-1.5.2.x---1.5.6.x.zip
2014-12-14 17:34 - 2014-12-14 17:34 - 00000000 ____D () C:\Users\lachezar\Downloads\Econt-Express-v2.3.4-OpenCart-1.5.2.x---1.5.6.x
2014-12-13 19:29 - 2014-12-13 19:30 - 52151434 _____ () C:\Users\lachezar\Downloads\Rodriguez Feat. Ander _ Rossi - No Voy A Llorar (Official Video).mp4
2014-12-13 19:19 - 2014-12-13 19:20 - 66874198 _____ () C:\Users\lachezar\Downloads\Naughty Boy - La La La ft. Sam Smith.mp4
2014-12-13 19:19 - 2014-12-13 19:19 - 51419421 _____ () C:\Users\lachezar\Downloads\Clase-A Una Noche Loca (Official Video).mp4
2014-12-13 11:15 - 2014-12-13 19:40 - 00000000 ____D () C:\INVOICE
2014-12-13 10:52 - 2014-12-13 10:52 - 01601118 _____ () C:\Users\lachezar\Downloads\fungames.zip
2014-12-13 10:05 - 2014-12-13 10:05 - 00659647 _____ () C:\Users\lachezar\Downloads\myarcadeplugin.zip
2014-12-12 07:48 - 2014-12-12 07:48 - 00000000 ____D () C:\Micro
2014-12-12 07:47 - 2014-12-12 07:48 - 10637063 _____ () C:\Users\lachezar\Downloads\m_invoice.exe
2014-12-11 16:57 - 2014-12-11 16:57 - 00000000 ____D () C:\Users\lachezar\Desktop\archive
2014-12-11 16:47 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 16:47 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 16:46 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 16:46 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-11 16:24 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-11 16:24 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-11 16:12 - 2014-12-11 16:12 - 01768435 _____ () C:\Users\lachezar\Downloads\db530360044_db_1and1_com (1).sql
2014-12-11 16:06 - 2014-12-11 16:06 - 01765188 _____ () C:\Users\lachezar\Downloads\db530360044_db_1and1_com.sql
2014-12-11 16:03 - 2014-12-11 16:03 - 00002016 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-12-11 16:03 - 2014-12-11 16:03 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-12-11 15:56 - 2014-11-22 05:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 15:56 - 2014-11-22 04:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 15:56 - 2014-11-22 04:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 15:56 - 2014-11-22 04:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 15:56 - 2014-11-22 04:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 15:56 - 2014-11-22 04:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 15:56 - 2014-11-22 04:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 15:56 - 2014-11-22 04:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 15:56 - 2014-11-22 04:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 15:56 - 2014-11-22 04:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 15:56 - 2014-11-22 04:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 15:56 - 2014-11-22 04:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-11 15:56 - 2014-11-22 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 15:56 - 2014-11-22 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 15:56 - 2014-11-22 04:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 15:56 - 2014-11-22 03:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-11 15:56 - 2014-11-22 03:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 15:56 - 2014-11-22 03:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-11 15:56 - 2014-11-22 03:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 15:56 - 2014-11-22 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 15:56 - 2014-11-22 03:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 15:56 - 2014-11-22 03:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 15:56 - 2014-11-22 03:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 15:56 - 2014-11-22 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 15:56 - 2014-11-22 03:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-11 15:56 - 2014-11-22 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 15:56 - 2014-11-22 03:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 15:56 - 2014-11-22 03:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-11 15:56 - 2014-11-22 03:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 15:56 - 2014-11-22 03:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-11 15:56 - 2014-11-22 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 15:56 - 2014-11-22 03:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 15:56 - 2014-11-22 03:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 15:56 - 2014-11-22 03:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 15:56 - 2014-11-22 03:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 15:56 - 2014-11-22 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 15:56 - 2014-11-22 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 15:56 - 2014-11-22 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 15:56 - 2014-11-22 02:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 15:56 - 2014-11-07 06:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 15:56 - 2014-11-07 05:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 15:56 - 2014-11-01 01:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-11 15:56 - 2014-11-01 01:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-11 15:56 - 2014-10-13 04:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-11 15:56 - 2014-10-13 04:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-11 09:50 - 2014-12-11 09:51 - 00000913 _____ () C:\Users\lachezar\Desktop\hosts1
2014-12-11 09:49 - 2014-12-11 09:49 - 00000913 _____ () C:\Users\lachezar\Desktop\hosts.txt
2014-12-10 22:29 - 2014-12-23 20:20 - 00004094 _____ () C:\Windows\setupact.log
2014-12-10 22:29 - 2014-12-10 22:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 22:08 - 2014-12-16 09:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 21:27 - 2014-12-10 21:27 - 00009218 _____ () C:\Users\lachezar\Downloads\exportexcelorcsvsalessectionopc200.zip
2014-12-10 21:19 - 2014-12-10 09:41 - 100761972 _____ () C:\Users\lachezar\Desktop\archive.zip
2014-12-10 20:26 - 2014-12-10 20:26 - 00247976 _____ () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-2.0.x.x.rar
2014-12-10 20:26 - 2014-12-10 20:26 - 00000000 ____D () C:\Users\lachezar\Downloads\Bulgarian-language-opencart-2.0.x.x
2014-12-10 19:47 - 2014-12-10 19:47 - 00000000 ____D () C:\Users\lachezar\Downloads\opencart-2.0.0.0
2014-12-10 19:44 - 2014-12-10 19:44 - 00000000 ____D () C:\Windows\System32\Tasks\SmartFTP
2014-12-10 19:44 - 2014-12-10 19:44 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\SmartFTP
2014-12-10 19:43 - 2014-12-10 19:43 - 00002675 _____ () C:\Users\Public\Desktop\SmartFTP Client.lnk
2014-12-10 19:43 - 2014-12-10 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client
2014-12-10 19:43 - 2014-12-10 19:43 - 00000000 ____D () C:\Program Files\SmartFTP Client
2014-12-10 19:41 - 2014-12-10 19:42 - 22422544 _____ (SmartSoft Ltd) C:\Users\lachezar\Downloads\SFTPMSI.exe
2014-12-09 20:03 - 2014-12-09 20:03 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-08 14:45 - 2014-12-06 08:49 - 00000000 ____D () C:\Users\lachezar\Downloads\upload
2014-12-08 14:39 - 2014-12-08 14:39 - 00000000 ____D () C:\Users\lachezar\Downloads\opencart-2.0.1.1
2014-12-08 13:49 - 2014-12-08 13:49 - 00008994 _____ () C:\Users\lachezar\Downloads\V2-ZOPIMLIVECHAT.zip
2014-12-07 14:48 - 2014-12-07 14:48 - 00621164 _____ () C:\Users\lachezar\Downloads\vector_business_card_template.zip
2014-12-06 17:38 - 2014-12-06 17:38 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-12-06 17:38 - 2014-12-06 17:38 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\AVG2015
2014-12-06 17:36 - 2014-12-06 17:36 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-06 17:32 - 2014-12-16 11:32 - 00000000 ____D () C:\Users\lachezar\AppData\Local\Avg2015
2014-12-06 17:32 - 2014-12-06 17:32 - 04637504 _____ (AVG Technologies) C:\Users\lachezar\Downloads\avg_free_stb_all_2015_5557_cnet.exe
2014-12-06 17:27 - 2014-10-30 13:25 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-06 17:23 - 2014-12-26 22:49 - 00025882 _____ () C:\Windows\PFRO.log
2014-12-06 17:11 - 2014-12-06 17:11 - 00001093 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\Users\lachezar\AppData\Local\VS Revo Group
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-12-06 17:11 - 2014-12-06 17:11 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-06 17:11 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-12-06 17:08 - 2014-12-06 17:08 - 00003160 _____ () C:\Windows\System32\Tasks\{C774DA1D-D464-46AC-B96C-7FCD2B3F5C53}
2014-12-06 17:06 - 2014-12-06 17:06 - 00000000 ____D () C:\Users\lachezar\Documents\My Palettes
2014-12-06 17:00 - 2014-12-06 17:00 - 00000000 ____D () C:\Users\lachezar\Documents\Corel
2014-12-06 17:00 - 2014-12-06 17:00 - 00000000 ____D () C:\ProgramData\Protexis64
2014-12-06 16:57 - 2014-12-06 16:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-06 16:55 - 2014-12-26 20:34 - 01847116 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 16:54 - 2014-12-06 16:54 - 00000000 ____D () C:\Program Files\Common Files\Corel
2014-12-04 19:45 - 2014-12-25 12:56 - 00000000 ____D () C:\Users\lachezar\AppData\Local\CrashDumps
2014-12-03 21:38 - 2014-12-03 21:38 - 00087552 ___SH () C:\Users\lachezar\Documents\Thumbs.db
2014-12-02 19:36 - 2014-12-02 19:37 - 00008502 _____ () C:\Users\lachezar\Downloads\изтеглен файл
2014-12-02 12:44 - 2014-12-05 11:21 - 00000000 ____D () C:\ProgramData\fakturirane
2014-12-02 12:42 - 2014-12-02 12:42 - 11210806 _____ () C:\Users\lachezar\Downloads\fakturirane.setup.2.96.zip
2014-12-02 12:18 - 2014-12-02 12:20 - 327495968 _____ (Microinvest Ltd.) C:\Users\lachezar\Downloads\Setup_InvoicePro_x64 (1).exe
2014-12-02 11:45 - 2014-12-02 11:45 - 00345838 _____ () C:\Users\lachezar\Documents\export_2014-12-012222.csv
2014-12-02 11:35 - 2014-12-02 11:35 - 00000113 _____ () C:\Users\lachezar\Desktop\TBICREDIT.txt
2014-12-01 09:55 - 2014-12-01 09:58 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2014-12-01 09:53 - 2014-12-01 09:58 - 00000000 ____D () C:\Program Files\Software Informer
2014-11-30 20:52 - 2014-12-18 19:27 - 00067072 _____ () C:\Users\lachezar\Downloads\ВнБ Ножаров М.xls
2014-11-30 20:32 - 2014-11-30 20:32 - 00000351 _____ () C:\Users\lachezar\Desktop\Jetix Вход.url
2014-11-29 22:19 - 2014-11-29 22:19 - 27664384 _____ () C:\Users\lachezar\Desktop\Java_02.flv
2014-11-29 22:18 - 2014-11-29 22:19 - 27276319 _____ () C:\Users\lachezar\Desktop\Java_01.flv
2014-11-29 22:14 - 2014-11-29 22:14 - 00000000 ____D () C:\Users\lachezar\dwhelper
2014-11-29 17:11 - 2014-11-29 20:27 - 00000000 ____D () C:\Users\lachezar\Documents\DCIM
2014-11-29 17:07 - 2014-11-29 17:07 - 00000000 _____ () C:\Users\lachezar\Downloads\dox_20141129170731640.zip
2014-11-29 16:56 - 2014-12-27 08:17 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Dropbox
2014-11-29 16:56 - 2014-11-29 16:56 - 00323712 _____ (Dropbox, Inc.) C:\Users\lachezar\Downloads\DropboxInstaller.exe
2014-11-29 16:54 - 2014-11-29 16:55 - 29221272 _____ () C:\Users\lachezar\Downloads\SgisN CAD_v6.1.rar
2014-11-29 16:54 - 2014-11-29 16:54 - 08871084 _____ () C:\Users\lachezar\Downloads\OP-COM 100219a EN.rar
2014-11-28 18:12 - 2014-11-28 18:12 - 00000158 _____ () C:\Users\lachezar\Desktop\Компютри и лаптопи от PCSHOP.url
2014-11-28 17:34 - 2014-11-28 17:51 - 00000000 ____D () C:\Users\lachezar\Downloads\C6903_Customized CE5_1276-4384_14.4.A.0.157_R1C
2014-11-28 17:33 - 2014-11-28 17:33 - 00000000 ____D () C:\Users\lachezar\Downloads\XperiFirm_3.1_(by_IaguCool)
2014-11-28 17:30 - 2014-11-28 17:30 - 00183868 _____ () C:\Users\lachezar\Downloads\XperiFirm_3.1_(by_IaguCool).zip
2014-11-28 09:46 - 2014-11-28 09:46 - 00150134 _____ () C:\Users\lachezar\Documents\HTML, PO actions, ZIP attachment 28-11-2014 08-29.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-27 11:03 - 2014-09-26 09:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-27 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-27 10:45 - 2014-08-01 15:14 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-27 09:41 - 2014-08-04 18:03 - 00000000 ____D () C:\Users\lachezar\Documents\Outlook Files
2014-12-27 09:30 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Local\Packages
2014-12-27 09:20 - 2014-08-02 06:38 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-27 08:27 - 2014-08-02 07:03 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-lachezar Lenovo-pc
2014-12-27 08:19 - 2014-08-01 14:58 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{238051D7-A9C4-4366-A6C1-EB3F3560E423}
2014-12-27 08:15 - 2014-08-28 12:24 - 00000398 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
2014-12-27 08:15 - 2014-08-28 12:24 - 00000398 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
2014-12-27 08:15 - 2014-08-01 17:14 - 00000000 ___DO () C:\Users\lachezar\SkyDrive
2014-12-27 08:15 - 2014-08-01 15:14 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 22:49 - 2014-11-05 11:08 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-26 22:49 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 22:48 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-12-26 20:22 - 2014-09-12 09:34 - 00111262 _____ () C:\Windows\system32\perfh002.dat
2014-12-26 20:22 - 2014-09-12 09:34 - 00035538 _____ () C:\Windows\system32\perfc002.dat
2014-12-26 20:22 - 2013-09-30 06:22 - 01087830 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 20:16 - 2014-11-20 15:59 - 00000000 ____D () C:\AdwCleaner
2014-12-25 15:33 - 2014-10-15 16:06 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\vlc
2014-12-25 10:35 - 2014-09-03 18:25 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\FileZilla
2014-12-25 09:51 - 2014-08-01 16:38 - 01466880 ___SH () C:\Users\lachezar\Desktop\Thumbs.db
2014-12-24 19:32 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-23 20:23 - 2014-08-03 08:27 - 00000000 ____D () C:\Download
2014-12-22 18:31 - 2014-08-13 18:57 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2364723983-2443083560-1009114852-1008
2014-12-22 18:30 - 2014-09-03 18:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-22 18:30 - 2014-08-01 14:46 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2364723983-2443083560-1009114852-1001
2014-12-22 16:56 - 2014-08-19 10:14 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{47D7B622-EFB6-45A7-BBED-B3DD498CB456}
2014-12-22 16:53 - 2014-08-13 18:53 - 00000000 ___DO () C:\Users\gmcec_000\OneDrive
2014-12-21 14:15 - 2014-08-08 17:22 - 00695296 ___SH () C:\Users\lachezar\Downloads\Thumbs.db
2014-12-21 13:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-21 12:07 - 2014-08-01 16:03 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\uTorrent
2014-12-21 11:18 - 2014-10-18 13:02 - 00000000 ____D () C:\Users\lachezar\Desktop\snimki
2014-12-20 17:46 - 2014-10-31 09:12 - 00000000 ____D () C:\Users\lachezar\Documents\lirashop
2014-12-18 09:45 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-17 18:30 - 2014-09-03 18:19 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409761161
2014-12-17 18:30 - 2014-09-03 18:19 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-17 09:27 - 2014-08-02 06:58 - 00000000 ___RD () C:\Users\lachezar\Dropbox
2014-12-17 09:27 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar
2014-12-16 11:32 - 2014-11-23 17:25 - 00000403 _____ () C:\Users\lachezar\Desktop\1.txt
2014-12-15 11:37 - 2014-08-20 14:27 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-12-15 11:37 - 2014-08-20 14:27 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-12-15 11:18 - 2014-08-12 15:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-13 09:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-12-13 09:00 - 2014-08-02 06:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 13:05 - 2014-08-01 15:15 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 07:11 - 2014-08-12 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-12-11 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-11 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-11 20:13 - 2014-08-02 06:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-11 20:10 - 2014-08-03 10:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 20:04 - 2014-08-03 10:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 19:41 - 2014-08-22 16:13 - 00000000 ____D () C:\Users\lachezar\AppData\Local\HiSuite
2014-12-10 19:41 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Local\VirtualStore
2014-12-09 20:03 - 2014-09-26 09:10 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 19:13 - 2014-10-05 08:31 - 11338772 _____ () C:\Users\lachezar\Downloads\opencart-2.0.0.0.zip
2014-12-08 16:01 - 2014-08-30 18:19 - 00000000 ____D () C:\Temp
2014-12-06 19:37 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\lachezar\Downloads\Driver Genius Pro 14.0.0.323 [Halloweepsycho]
2014-12-06 17:38 - 2014-10-20 08:32 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-06 17:38 - 2014-08-02 06:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-12-06 17:37 - 2014-08-02 06:40 - 00000000 ___HD () C:\$AVG
2014-12-06 17:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-12-06 17:23 - 2013-08-22 16:44 - 00585120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 17:18 - 2014-11-05 11:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-06 17:10 - 2014-10-01 18:06 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Corel
2014-12-06 16:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-05 20:31 - 2014-09-24 07:09 - 00000000 ____D () C:\Users\lachezar\Desktop\lirashop-banners
2014-12-05 10:43 - 2014-08-07 05:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-05 10:41 - 2014-08-07 05:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-05 10:40 - 2014-08-07 05:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-02 22:04 - 2014-10-15 13:55 - 00000000 ____D () C:\Users\lachezar\Documents\vami
2014-12-02 21:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-02 12:09 - 2014-10-03 09:31 - 00000000 ____D () C:\wamp
2014-12-02 12:07 - 2014-08-18 20:16 - 00000000 ____D () C:\Flashtool
2014-11-28 07:06 - 2014-11-26 18:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-28 07:06 - 2014-08-01 14:41 - 00000000 ____D () C:\Users\lachezar\AppData\Roaming\Adobe
2014-11-27 17:02 - 2014-08-31 14:43 - 00060416 _____ () C:\Users\lachezar\Downloads\TBI_CALCULATOR.xls

Some content of TEMP:
====================
C:\Users\gmcec_000\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\gmcec_000\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\gmcec_000\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\gmcec_000\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\lachezar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8o1yet.dll
C:\Users\lachezar\AppData\Local\Temp\Quarantine.exe
C:\Users\lachezar\AppData\Local\Temp\SHSetup.exe
C:\Users\lachezar\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-22 10:50

==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by lachezar at 2014-12-27 11:11:40
Running from C:\Users\lachezar\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{E629851A-1B1A-4671-961A-A9AF549E03A2}) (Version:  - ArcSoft)
ArcSoft TotalMedia Extreme (HKLM-x32\...\{0B68672F-C64F-4D29-9EDC-ECDCBE3C5F19}) (Version:  - ArcSoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF4100 Series (HKLM\...\{239A8D60-270B-42e8-82D3-60D70A2942E0}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics Suite 11 (HKLM-x32\...\InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
Dropbox (HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
ffdshow x64 v1.3.4532 [2014-07-17] (HKLM\...\ffdshow64_is1) (Version: 1.3.4532.0 - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.16.1 - Androxyde)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPP Remote Server (HKLM-x32\...\{A0D032CE-F03D-4B68-BB75-2EB22E15BE14}) (Version: 1.0.0 - GPPSoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HD-DV decoder (HKLM-x32\...\{C26ED93F-A16E-4FC9-B158-A1D5CC604949}) (Version: 1.00.00 - NewSoft)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.27.00.06 - Huawei Technologies Co.,Ltd)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
INet (HKLM-x32\...\Alcatel Limo INet_is1) (Version:  - Alcatel)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - )
KMSpico v9.0.6.20131120 (HKLM\...\KMSpico_is1) (Version: 9.0.6.20131120 - )
Malwarebytes Anti-Malware, версия 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{751EE164-9F12-4E57-ADB0-02D8F34A10AD}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 34.0.5 (x86 bg) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 bg)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Revo Uninstaller 1.30 (HKLM-x32\...\Revo Uninstaller) (Version: 1.30 - VS Revo Group)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{083988D7-BDA9-4244-983B-409A634BBC09}) (Version: 13.0.1.220 - SAP)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SmartFTP Client (HKLM\...\{019D4725-F59A-4339-85F2-7349A08DEDDF}) (Version: 6.0.2103.0 - SmartSoft Ltd.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.16.201411190934 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unity (HKLM-x32\...\Unity) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2364723983-2443083560-1009114852-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VBA (2627.01) (x32 Version: 6.03.00.9188 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.20 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.16 - ZTE Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2364723983-2443083560-1009114852-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\lachezar\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-12-2014 11:19:02 Sony PC Companion
15-12-2014 11:38:37 Installed Sony Mobile Drivers
15-12-2014 18:38:31 Microinvest Invoice Pro е премахнат
23-12-2014 07:42:34 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-12-11 09:51 - 2014-10-03 09:32 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {290373C7-C7BD-499C-8104-66D8868F93B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
Task: {33A4AA3B-AB34-4DC8-A03B-0754BD8F1329} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {37DC65C1-89F0-41AC-9BC0-D107836A33EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
Task: {39B24656-4734-42A1-9BA5-CF1635292107} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rel => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe [2014-08-28] ()
Task: {59875282-A10C-4369-97AA-1A0C1847AB10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {606F706E-1AC7-4946-9E00-ACCFC7C33F18} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8985E451-FE7C-4F4F-9A74-8FE8E0EF4741} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {905F9B5B-C495-4878-9B20-118146ABFE04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {918C3F52-B225-4014-8864-E8FFB1D6B72E} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe [2014-08-28] ()
Task: {9EE33067-D1A6-4249-BD16-69CB41E9CD88} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {A19730E2-658C-4C96-8219-F759A06850F2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-lachezar Lenovo-pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {A8DAAFA4-A794-448C-B54D-E186C959EC66} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {C0A393C8-5656-471A-9D06-C8B203E45B4B} - System32\Tasks\{C774DA1D-D464-46AC-B96C-7FCD2B3F5C53} => pcalua.exe -a "c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Setup\SetupARP.exe" -c /arp
Task: {E1A9A728-B558-4535-B375-9714522FAF20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E80A80CC-ACFA-46FE-B83A-48B52C03639F} - System32\Tasks\Opera scheduled Autoupdate 1409761161 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-02 10:28 - 2012-03-14 11:05 - 00053312 _____ () C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe
2014-09-03 16:20 - 2014-04-09 03:52 - 00137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-09-03 16:20 - 2014-04-09 03:52 - 00218432 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2014-08-28 12:24 - 2014-08-28 12:24 - 02782744 _____ () C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0814tb.exe
2014-11-07 09:59 - 2009-03-24 14:00 - 00241664 _____ () C:\Program Files (x86)\ZTE Join Air\AssistantServices.exe
2014-06-07 19:57 - 2014-06-07 19:57 - 01168896 _____ () C:\Program Files (x86)\GPPSoft\GPP Remote Server\CoreLib.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-15 11:18 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-08-12 15:16 - 2013-10-21 10:00 - 00847360 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-08-02 10:28 - 2012-03-23 08:25 - 00125504 _____ () C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe
2014-11-07 09:59 - 2009-03-24 13:59 - 00132608 _____ () C:\Program Files (x86)\ZTE Join Air\UIExec.exe
2014-12-15 11:18 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-12-15 11:18 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-12-15 11:18 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-12-15 11:18 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2014-10-30 14:36 - 2014-10-30 14:36 - 00648704 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2014-08-12 15:16 - 2013-06-28 13:50 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-08-12 15:16 - 2013-06-28 13:48 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-08-12 15:16 - 2013-06-28 13:48 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2014-08-12 15:16 - 2013-06-28 13:48 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2014-12-27 08:15 - 2014-12-27 08:15 - 00098816 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32api.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00110080 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\pywintypes27.dll
2014-12-27 08:15 - 2014-12-27 08:15 - 00364544 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\pythoncom27.dll
2014-12-27 08:15 - 2014-12-27 08:15 - 00045568 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_socket.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 01160704 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_ssl.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00320512 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32com.shell.shell.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00713216 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_hashlib.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 01175040 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._core_.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00805888 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._gdi_.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00811008 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._windows_.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 01062400 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._controls_.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00735232 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._misc_.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00128512 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_elementtree.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00127488 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\pyexpat.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00557056 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\pysqlite2._sqlite.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00087552 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_ctypes.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00119808 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32file.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00108544 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32security.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00007168 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\hashobjs_ext.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00167936 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32gui.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00018432 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32event.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00038912 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32inet.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00011264 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32crypt.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00070656 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._html2.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00027136 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\_multiprocessing.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00035840 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32process.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00686080 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\unicodedata.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00122368 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._wizard.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00024064 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32pipe.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00025600 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32pdh.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00525640 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\windows._lib_cacheinvalidation.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00010240 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\select.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00017408 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32profile.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00022528 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\win32ts.pyd
2014-12-27 08:15 - 2014-12-27 08:15 - 00078336 _____ () C:\Users\lachezar\AppData\Local\Temp\_MEI22082\wx._animate.pyd
2014-12-16 09:13 - 2014-12-16 09:13 - 01686552 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\gmcec_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\lachezar\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "vProt"

========================= Accounts: ==========================

Administrator (S-1-5-21-2364723983-2443083560-1009114852-500 - Administrator - Disabled)
gmcec_000 (S-1-5-21-2364723983-2443083560-1009114852-1008 - Administrator - Enabled) => C:\Users\gmcec_000
Guest (S-1-5-21-2364723983-2443083560-1009114852-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2364723983-2443083560-1009114852-1003 - Limited - Enabled)
lachezar (S-1-5-21-2364723983-2443083560-1009114852-1001 - Administrator - Enabled) => C:\Users\lachezar

==================== Faulty Device Manager Devices =============

Name: Intel® 82567LM-3 Gigabit Network Connection
Description: Intel® 82567LM-3 Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1iexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2014 09:16:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/27/2014 09:16:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/27/2014 08:25:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (12/27/2014 08:15:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (12/27/2014 08:15:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:53:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (12/26/2014 10:53:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:48:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:05:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Активирането на приложението Microsoft.SkypeApp_kzf8qxf38zg5c!App е неуспешно с грешка: -2144927151 Вж. регистрационния файл Microsoft-Windows-TWinUI/Operational за допълнителна информация.

Error: (12/26/2014 10:05:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Активирането на приложението Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader е неуспешно с грешка: -2144927151 Вж. регистрационния файл Microsoft-Windows-TWinUI/Operational за допълнителна информация.

System errors:
=============
Error: (12/27/2014 08:56:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (12/27/2014 09:16:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/27/2014 09:16:37 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/27/2014 08:25:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (12/27/2014 08:15:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (12/27/2014 08:15:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:53:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (12/26/2014 10:53:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:48:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/26/2014 10:05:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151

Error: (12/26/2014 10:05:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927151

==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 29%
Total physical RAM: 3551.17 MB
Available physical RAM: 2504.07 MB
Total Pagefile: 6495.17 MB
Available Pagefile: 4468.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:30.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3C2440FC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Линк към коментара
Сподели в други сайтове

FRST.gif Фикс с Farbar Recovery Scan Tool

 

 

icon13.gif Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => fixlist.txt
 
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.
Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

 

xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
Линк към коментара
Сподели в други сайтове

 

  • FixLog

 

 

 

Прекрасно..активни зарази и въобще всичко свързано със зловреден софтуер не се вижда в системата ви..Има ли промяна в системата ви след процедурите до тук..?

Линк към коментара
Сподели в други сайтове

Прекрасно..активни зарази и въобще всичко свързано със зловреден софтуер не се вижда в системата ви..Има ли промяна в системата ви след процедурите до тук..?

Имаше промяна, но днес пак се появи.

Линк към коментара
Сподели в други сайтове

Изтеглете този инструмент wraioneu.PNGWindows Repair (All in One) от тук

  • Спрете защита в реално време на вашата антивирусна  програма.
  • Инсталирайте приложението и го стартирайте.
     
  • От стъпка 3 => стартирайте Check Disk (рестартирайте за да се извърши проверката).
  • От стъпка 4 направете sfc /scannow проверката.
  • От стъпка 5 направете бекъп на системата натискайки Create (под System Restore) и backup (под Registry Backup).
  • От Start Repairs натиснете Start и оттук вече сложете всички отметки.
  • Сложете отметка пред restart system when finished и натиснете Start.

     
    windowsrepair271.png
     
     
    Публикувайте в следващия си пост  Windows Repair дневник, който се намира в следната папка:
     
  • 64-bit системи - C:Program Files (x86)Tweaking.comWindows Repair (All in One)Logs
  • 32-bit системи - C:Program FilesTweaking.comWindows Repair (All in One)Logs
Линк към коментара
Сподели в други сайтове

Прекрасно..! :)

 

icon_arrow.gif Изтеглете следния файл и го запазете в папката от която стартирахте FRST.exe.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи публикувайте лог файла - fixlog.txt, който ще се създаде след работата. Той трябва да изтрие карантинната папка на инструмента разположена в C:FRSTQuarantine.
 
 
icon_arrow.gif Изтеглете DelFix и го стартирайте. Сложете отметка пред Remove disinfection tools и след това натиснете бутона Run
Инструмента ще се самоизтрие след като приключи своята задача!
 
1_tmb_68929169_delfix.gif.jpg
 
 
icon_exclaim.gif Деинсталирайте adwcleaner.exe

  • Моля, затворете всички отворени програми и интернет браузъри.
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Кликнете върху Uninstall .
  • Щракнете върху Yes за да деинсталирате Adwcleaner

 

 

icon_arrow.gif Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!Напомням че това не е антивирусна програма а едно изключително добро допълнение към нея..!

 

 

vxyzw0.gifИзползвайте програмите PatchMyPC или Secunia Personal Software Inspector за да инсталирайте всички ъпдейти и последни версии на софтуер, които инструментите ви предложат.

 

Предлагам ви да използвате тази много добра малка програма, която автоматично ще премахва всички нежелани допълнения  по време на инсталирането на софтуера. Това помага за предотвратяване на инсталиране на зловреден код.
 
Кликнете тук за да изтеглите програмата и я инсталирайте..!

 

xunchecky1_zps667e512d.jpg.pagespeed.ic.

xunchecky2_zpsca4e7d0d.jpg.pagespeed.ic.

 

 

Ако има инструменти, папки или логове от използваните от нас неща и те не са се изтрили при горе-споменатите процедури, ги изтрийте ръчно.
 

 

Ако нямате други въпроси маркирам случая за "Решен"...! Пожелавам лека вечер и безопасен интернет..! :)

Линк към коментара
Сподели в други сайтове

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване