Премини към съдържанието

Препоръчан отговор


Работи бавно както в интернет така и когато търса нещо в компютъра.Има доста процеси в таск менажера но не знам кои да махна.Компютъра е служебен и ми казаха че има мониторинг но не знаят точно какъв и да внимавам да не го изтрия.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by Administrator (administrator) on GLBG1543PC02 on 10-06-2015 09:01:43
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator &  (Available Profiles: Librarian & Visitor & Administrator)
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(OCS Inventory NG) C:\Program Files\OCS Inventory Agent\OcsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [startCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
Winlogon\Notify\avldr: avldr.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-31] (Google Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Librarian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-24] (Facebook Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Yahoo! Search] => C:\Users\Librarian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe [533352 2014-10-31] (Pay By Ads LTD)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Visitor\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-08] (Google Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Yahoo! Search] => C:\Users\Visitor\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352 2015-04-06] (Pay By Ads LTD)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e1cfbb30-26f5-11e1-8429-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\MountPoints2: {4f5b41b8-3f6a-11e2-a03f-3cd92b637c04} - G:\Autoplay.exe -auto
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4f5b41b8-3f6a-11e2-a03f-3cd92b637c04} - G:\Autoplay.exe -auto
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-06-09] ()
Startup: C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-17]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Group Policy Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://rts.dsrlte.com?affID=na
URLSearchHook: HKLM - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKLM - (No Name) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} -  No File
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutA0C0DzytB0ByCtAyB0CtDyE0D0BtC0CtN0D0Tzu0CtAtBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1760736312
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DDFDC732-AAD1-47A8-8776-3550658B2875} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=738
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=9C433CD92B637C04&affID=121565&tsp=5008
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=9c43db1c0000000000003cd92b637c04
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6CFCCE7A-1268-4F59-949C-754A9EE916F8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=980
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=9C433CD92B637C04&affID=121565&tsp=5008
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=129&systemid=473&v=n13452-488&apn_uid=3353606502134112&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylon.com/?q={searchTerms}&AF=110393&babsrc=SP_ss&mntrId=9c43db1c0000000000003cd92b637c04
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0222813120954441&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.conduit.com/Results.aspx?ctid=CT3310393&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6CFCCE7A-1268-4F59-949C-754A9EE916F8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=980
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - {FE69C007-C452-4d3e-86D2-1730DF8BC871} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: AutorunsDisabled\skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default
FF NewTab: 
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Keyword.URL: 
FF Homepage: hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-us|hxxp://rts.dsrlte.com?affID=na
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-12] (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-12] (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll [2014-10-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: facebook.com/fbDesktopPlugin -> C:\Users\Librarian\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Visitor\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Visitor\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\user.js [2013-09-17]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Ask.xml [2014-10-02]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\bingp.xml [2015-04-03]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\browsemngr.xml [2012-11-13]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\conduit-search.xml [2013-09-26]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\dsrlte.xml [2015-01-22]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Funmoods.xml [2012-11-16]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\mixidj.xml [2013-09-17]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Search_Results.xml [2012-11-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml [2014-10-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-10-02]
FF Extension: Default Tab - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\addon@defaulttab.com [2013-09-17]
FF Extension: Funmoods.com - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ffxtlbr@funmoods.com [2012-11-16]
FF Extension: new game - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\Sq3TM@gmail.com [2015-04-02]
FF Extension: Casual Games - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ZAGeTQ8H@gmail.com [2015-05-28]
FF Extension: Ask New Tabs - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{9A7DF664-82DC-020F-C190-9A665AF83389} [2014-04-09]
FF Extension: SimilarSites - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{E71B541F-5E72-5555-A47C-E47863195841} [2013-04-11]
FF Extension: Flash Video Downloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\artur.dubovoy@gmail.com.xpi [2012-09-25]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-26]
FF Extension: Feedback - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-12-04]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2012-09-25]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-10]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-25]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-25]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-25]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-08]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Bookmark Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-24]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-25]
CHR HKLM\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21]
CHR HKLM\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\Administrator\AppData\Roaming\SimilarSites\similarsites.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Administrator\AppData\Local\I Want This\Chrome\I Want This.crx [Not Found]
CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-28]
OPR Extension: (lucky leap) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom [2015-04-20]
OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\onbakjbemhciecaakohbeichgilnhhne [2015-04-21]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-21] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-21] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 bProtector; C:\ProgramData\bProtector\bProtect.exe [X]
S4 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc [X] <==== ATTENTION
S4 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION
S2 Util lucky leap; "C:\Program Files\lucky leap\bin\utilluckyleap.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-05-21] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-21] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [271248 2015-05-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-21] ()
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-05-14] (HID Global Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-14] (Broadcom Corporation) [File not signed]
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl436a8c4f; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81093FBA-0347-46D4-A016-D06A4B3C8376}\MpKsl436a8c4f.sys [39464 2015-06-09] (Microsoft Corporation)
R1 MpKsl9f5dc433; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81093FBA-0347-46D4-A016-D06A4B3C8376}\MpKsl9f5dc433.sys [39464 2015-06-10] (Microsoft Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-21] (Avast Software)
R1 {3b232d24-d5de-4194-b4d7-d53b41a09748}w; C:\Windows\System32\drivers\{3b232d24-d5de-4194-b4d7-d53b41a09748}w.sys [52416 2014-09-10] (StdLib)
R1 {6ed88207-da38-4867-b856-ed5820836aa5}w; C:\Windows\System32\drivers\{6ed88207-da38-4867-b856-ed5820836aa5}w.sys [43152 2014-11-27] (StdLib)
R1 {d7e589a9-c9af-419b-8b29-f43cc9595584}w; C:\Windows\System32\drivers\{d7e589a9-c9af-419b-8b29-f43cc9595584}w.sys [43152 2014-11-30] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 yoqododh; \??\C:\Windows\system32\drivers\yoqododh.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-10 09:04 - 2015-06-10 09:04 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-10 08:56 - 2015-06-10 09:02 - 00000000 ____D C:\FRST
2015-06-09 09:04 - 2015-05-24 12:40 - 00593048 ____N (Sysinternals - www.sysinternals.com) C:\autorunsc.exe
2015-06-09 09:04 - 2015-05-24 12:39 - 00680600 ____N (Sysinternals - www.sysinternals.com) C:\Autoruns.exe
2015-06-09 09:04 - 2014-06-28 16:47 - 00002028 ____N C:\Eula.txt
2015-06-09 08:34 - 2015-06-09 08:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\{9B08D2F6-41FE-40B1-8E2D-67A5F54D5468}
2015-06-08 11:46 - 2015-06-08 11:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\VSRevoGroup
2015-06-08 11:43 - 2015-06-08 11:43 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-08 10:09 - 2015-06-10 08:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 10:09 - 2015-06-08 10:09 - 00001026 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-08 10:09 - 2015-06-08 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 10:08 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-08 08:46 - 2015-06-08 08:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\{55898BB4-84DB-4972-A6D3-1C422794C945}
2015-06-05 13:14 - 2015-05-22 21:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 13:14 - 2015-05-22 20:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 13:14 - 2015-05-21 16:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 13:01 - 2015-06-05 13:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\{B049210D-E73B-4D44-970C-05480D1A0D2B}
2015-06-02 10:06 - 2015-06-04 10:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{2E0E6D98-968E-4C86-8268-82718DF5A82A}
2015-05-29 09:12 - 2015-05-29 09:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6CA558CC-73B4-4398-95F9-E50444B2C26F}
2015-05-28 13:26 - 2015-06-09 13:58 - 00000448 _____ C:\Windows\Tasks\casual_games_helper_service.job
2015-05-28 13:26 - 2015-05-28 13:26 - 00000000 ____D C:\Program Files\Casual Games
2015-05-28 10:46 - 2015-05-28 10:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\{BD0DDE8F-FFF3-4EC5-83CF-F95D466E12EF}
2015-05-27 12:16 - 2015-05-27 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{C3E4B2B2-DF21-425B-A86D-13700E573D2E}
2015-05-26 12:50 - 2015-05-26 12:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A5570127-7FF7-45DB-88E2-DD178A14086B}
2015-05-25 12:51 - 2015-06-09 13:58 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500UA.job
2015-05-25 12:51 - 2015-06-09 13:58 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500Core.job
2015-05-25 11:49 - 2015-05-25 11:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\{8B24C122-E5A7-4B6C-8C5E-8B75D03CF937}
2015-05-22 09:27 - 2015-05-22 09:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\{E68D8378-FC2E-4AE7-8193-639A705BDA72}
2015-05-21 13:02 - 2015-05-21 13:03 - 00000000 ____D C:\Windows\system32\vbox
2015-05-21 12:53 - 2015-05-21 12:52 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-21 12:53 - 2015-05-21 12:52 - 00026096 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-21 12:52 - 2015-05-21 12:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-21 12:51 - 2015-05-21 12:51 - 00271248 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-05-21 11:18 - 2015-05-21 11:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A159BB46-20C8-4923-BFD7-1B9B3B92EB9E}
2015-05-20 13:15 - 2015-05-20 13:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D1FB0108-07FA-437F-9A97-A09534B49E55}
2015-05-19 09:43 - 2015-05-19 09:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\{0F2D45D9-FF5C-46B5-B01F-4ABD68CD81C6}
2015-05-18 10:17 - 2015-05-18 10:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6B81EFE9-D98C-4433-9719-07394B3803EE}
2015-05-15 10:45 - 2015-05-15 10:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\{5E21014A-BBCB-4F87-A403-C2A4E99D190D}
2015-05-13 12:25 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:29 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:29 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:28 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:28 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 10:28 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:28 - 2015-04-27 22:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:28 - 2015-04-27 22:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:28 - 2015-04-27 22:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:28 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:28 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:28 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:28 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:28 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:28 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:28 - 2015-04-27 21:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:28 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:28 - 2015-04-20 05:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:28 - 2015-04-20 05:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:28 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:27 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:27 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:27 - 2015-04-21 19:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:27 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:27 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:27 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:27 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:27 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:27 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:27 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:27 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:27 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:27 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:27 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:27 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:27 - 2015-04-21 18:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:27 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:27 - 2015-04-21 18:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:27 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:27 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:27 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:27 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:27 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:27 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:27 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:27 - 2015-04-21 18:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:27 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:27 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:27 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:27 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:27 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:27 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:27 - 2015-04-13 06:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:24 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:24 - 2015-04-08 06:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:24 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 09:39 - 2015-05-13 09:39 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D8D53B24-10D1-46A4-A214-E7C7BD2096B8}
2015-05-11 08:49 - 2015-05-11 08:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\{FD17A642-E643-4744-9064-EC6601204F7A}
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-10 09:05 - 2010-10-24 22:53 - 01257428 _____ C:\Windows\WindowsUpdate.log
2015-06-10 09:05 - 2010-10-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 08:48 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-10 08:48 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-10 08:34 - 2012-06-25 14:19 - 06455142 _____ C:\XrxUsd.log
2015-06-10 08:34 - 2010-10-25 14:50 - 00000000 ____D C:\Users\Administrator
2015-06-10 08:33 - 2014-09-12 13:21 - 00003464 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7.job
2015-06-10 08:33 - 2014-09-12 13:21 - 00003464 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-6.job
2015-06-10 08:33 - 2014-09-12 13:20 - 00004490 _____ C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11.job
2015-06-10 08:33 - 2013-07-02 08:32 - 00027062 _____ C:\Windows\setupact.log
2015-06-10 08:33 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 16:43 - 2010-10-31 18:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-06-09 13:58 - 2015-04-02 13:48 - 00001304 _____ C:\Windows\Tasks\new_game_notification_service.job
2015-06-09 13:58 - 2015-04-02 13:48 - 00000666 _____ C:\Windows\Tasks\new_game_updating_service.job
2015-06-09 13:58 - 2014-09-12 13:21 - 00000900 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-09 13:58 - 2014-09-12 13:21 - 00000896 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-09 13:58 - 2013-03-04 10:31 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 13:58 - 2013-03-04 10:31 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001098 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001076 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006UA.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006Core.job
2015-06-08 16:52 - 2012-07-04 12:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\I Want This
2015-06-08 16:48 - 2015-04-02 13:48 - 00000000 ____D C:\Program Files\new game
2015-06-08 16:10 - 2015-04-03 08:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 16:10 - 2011-03-25 20:30 - 00109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-08 16:09 - 2013-03-04 10:31 - 00000000 ____D C:\Program Files\Google
2015-06-08 16:09 - 2010-10-24 19:25 - 00331874 _____ C:\Windows\PFRO.log
2015-06-08 16:08 - 2010-10-31 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-06-08 16:05 - 2013-09-05 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-06-08 16:05 - 2013-09-05 11:49 - 00000000 ____D C:\Program Files\Canon
2015-06-08 16:03 - 2013-01-03 11:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\calibre
2015-06-08 16:03 - 2013-01-03 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-06-08 15:57 - 2009-07-14 07:33 - 03763560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\BitComet
2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera
2015-06-08 15:34 - 2014-12-11 15:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape
2015-06-08 15:32 - 2013-09-17 15:03 - 00000000 ____D C:\ProgramData\SimilarSites
2015-06-08 15:32 - 2012-11-16 17:42 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SimilarSites
2015-06-08 15:30 - 2013-06-21 10:16 - 00000000 ____D C:\Program Files\TeamViewer
2015-06-08 15:30 - 2012-11-22 12:50 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
2015-06-08 15:29 - 2012-11-12 15:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\BearShare
2015-06-08 15:27 - 2010-10-30 13:58 - 00000000 ____D C:\Program Files\Windows Live
2015-06-08 15:22 - 2013-09-13 09:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\WebPlayer
2015-06-08 15:21 - 2012-04-26 10:02 - 140266064 _____ C:\xxbgtask.log
2015-06-08 15:12 - 2015-02-02 17:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity
2015-06-08 08:46 - 2009-07-14 05:04 - 00000710 _____ C:\Windows\win.ini
2015-06-08 08:42 - 2014-12-11 13:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-08 08:42 - 2014-05-10 08:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-05-29 13:42 - 2010-10-24 19:26 - 00980294 _____ C:\Windows\system32\perfh01F.dat
2015-05-29 13:42 - 2010-10-24 19:26 - 00455792 _____ C:\Windows\system32\perfc01F.dat
2015-05-29 13:42 - 2010-10-24 18:25 - 00006444 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-29 09:16 - 2010-10-24 18:32 - 00000000 ____D C:\ProgramData\Skype
2015-05-26 12:52 - 2013-09-25 13:32 - 00000000 ___RD C:\Program Files\Skype
2015-05-21 12:52 - 2014-09-24 13:10 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-21 12:52 - 2014-09-24 13:10 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-15 16:55 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 12:10 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache
2015-05-15 11:18 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-15 10:34 - 2010-10-24 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 12:24 - 2010-10-24 20:22 - 00000039 _____ C:\Windows\vbaddin.ini
2015-05-13 12:23 - 2015-03-04 10:02 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Center Endpoint Protection.lnk
2015-05-13 12:23 - 2011-03-25 23:13 - 00001945 _____ C:\Windows\epplauncher.mif
2015-05-13 12:22 - 2013-09-25 13:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-13 12:04 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 12:04 - 2010-10-24 18:39 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 11:58 - 2010-10-24 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
==================== Files in the root of some directories =======
 
2014-09-12 13:18 - 2014-09-12 13:18 - 6010880 _____ () C:\Program Files\GUT7668.tmp
2013-01-19 10:44 - 2013-01-19 10:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX
2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3
2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\KfOwsG9x
2013-09-23 12:52 - 2015-02-17 13:54 - 0000135 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG
2010-10-29 19:41 - 2014-09-12 13:09 - 0008082 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T
2012-11-16 17:43 - 2012-11-16 17:42 - 0290500 _____ () C:\Users\Administrator\AppData\Local\funmoods-speeddial_sf.crx
2012-11-16 17:43 - 2012-11-16 17:42 - 0031465 _____ () C:\Users\Administrator\AppData\Local\funmoods.crx
2010-10-26 17:33 - 2010-10-26 17:33 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg
2014-04-15 11:35 - 2014-04-15 11:35 - 0005113 _____ () C:\ProgramData\mtbjfghn.xbe
 
Some files in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\DeltaTB.exe
C:\Users\Administrator\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuuimyg.dll
C:\Users\Administrator\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Administrator\AppData\Local\Temp\WSSetup.exe
C:\Users\Visitor\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Visitor\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Visitor\AppData\Local\Temp\tmpCB3A.exe
C:\Users\Visitor\AppData\Local\Temp\_D6.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-09 12:15
 
==================== End of log ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте!

Важното е да се подчертае, че системата е сериозно инфектирана, а е служебен компютър, затова имайте предвид каква отговорност поемате. Аз мога да обещая, че ще внимавам максимално, за да не я повредим, а точно обратното. Освен това е нужно да работим само и единствено с администраторски права. Ако сте окей с тези неща, нека пристъпим към същинската работа:

Стъпка 1

Имате повече от една инсталирана и активна антивирусна програма. Това е проблем, защото работата на повече от една антивирусна програма едновременно води до конфликт с другата, което пък от своя страна води до незащитена и нестабилна система. Това е една от причините за инфектирането на системата.

Моля, деинсталирайте една от двете антивирусни програми: Avast Internet Security и Panda Antivirus Pro 2012 .

Освен това, деинсталирайте и следните програми: Funmoods, MaintenanceService-Funmoods, Moozy и Yahoo! Search .

След като приключите с всичко, моля рестартирайте компютъра.

Стъпка 2

Изтеглете fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.

 

Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Стъпка 3

Стартирайте Malwarebytes Anti-Malware, обновете я и направете сканиране тип Threat Scan. Накрая публикувайте лог файла си тук.

В следващия си коментар в тази тема, включете следните лог файлове:

  • Лог файл от FRST
  • Лог файл от Malwarebytes Anti-Malware

fixlist.txt

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Сега изтрих само moozy предния ден трих доста програми сигурно изтрих и тях.FRST не ми изкара лог.

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Дата на сканиране: 11.6.2015 г.
Час на сканиране: 09:25:38 ч.
Дневник: a.txt
Администратор: Да
 
Версия: 2.01.6.1022
База от данни за злонамерен софтуер: v2015.06.11.01
База от данни за рууткити: v2015.06.02.01
Лиценз: Пробен период
Защита от злонамерен софтуер: Разрешено
Защита от злонамерени страници: Разрешено
Самозащита: Забранено
 
ОС: Windows 7 Service Pack 1
Процесор: x86
Файлова система: NTFS
Потребител: Administrator
 
Тип сканиране: Сканиране за заплахи
Резултат: Завършено
Сканиране обекти: 461308
Изминало време: 43 мин. 4 сек.
 
Памет: Разрешено
Начално стартиране: Разрешено
Файлова система: Разрешено
Архиви: Разрешено
Рууткити: Забранено
Евристика: Разрешено
ПНП: Разрешено
ПНИ: Разрешено
 
Процеси: 0
(Не бяха открити злонамерени обекти)
 
Модули: 0
(Не бяха открити злонамерени обекти)
 
Ключове в системния регистър: 0
(Не бяха открити злонамерени обекти)
 
Стойности в системния регистър: 0
(Не бяха открити злонамерени обекти)
 
Данни в системния регистър: 0
(Не бяха открити злонамерени обекти)
 
Папки: 0
(Не бяха открити злонамерени обекти)
 
Файлове: 0
(Не бяха открити злонамерени обекти)
 
Физически сектори: 0
(Не бяха открити злонамерени обекти)
 
 
(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

В такъв случай ми давате стари лог файлове. Освен това, ако сте изпълнили инструкциите ми правилно, няма как да не ви генерира лог файл. Проверете добре, ако го няма повторете процедурата.

И в случай, че вие правите каквито и да било промени по системата, докато работим тук, ще бъда принуден да прекратя работата ни тук.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

този път се появи лога.Извинявам се повече нищо няма да барам без ваше знание

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 08-06-2015
Ran by Administrator at 2015-06-11 11:17:59 Run:2
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Librarian & Visitor & Administrator)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
start
CloseProcesses:
Task: {0DF0C904-9ECD-4966-9C5F-55EC506EB63D} - System32\Tasks\new_game_updating_service => C:\Program Files\new game\new_game_updating_service.exe <==== ATTENTION
C:\Program Files\new game
C:\Users\ADMINI~1\AppData\Roaming\Funmoods
C:\Program Files\FLV Player Addon
C:\Program Files\globalUpdate
C:\Program Files\MyPC Backup
C:\ProgramData\bProtector
C:\Program Files\lucky leap
Task: {40082259-BF2A-4240-9355-3E4EB8013971} - System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7 => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-7.exe <==== ATTENTION
Task: {41300F42-1703-46D8-BFDF-81490203FD2D} - System32\Tasks\new_game_notification_service => C:\Program Files\new game\new_game_notification_service.exe <==== ATTENTION
Task: {4877EBD6-649A-45D2-88C1-0C2A2D20D467} - System32\Tasks\Funmoods => C:\Users\ADMINI~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5CD11495-3EE8-4B87-A7FC-4FA8E1843928} - System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-4 => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-4.exe <==== ATTENTION
Task: {67DC73B0-B07D-4342-91C0-C1B47F3C7239} - System32\Tasks\casual_games_helper_service => C:\Program Files\Casual Games\casual_games_helper_service.exe [2015-05-28] ()
Task: {A1DD53BD-9EEC-43E9-B87C-F922E60512B9} - System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11 => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-11.exe <==== ATTENTION
Task: {B5EA0506-471C-49CC-84A9-0A702CE971F5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {C0FF6327-1261-414C-BA3C-9F27393847BB} - \f8aac747-34de-4f0b-948e-395f20e6f50d-6 No Task File <==== ATTENTION
Task: {DC9E7BB2-809F-412F-B0FE-10BE75DED338} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: C:\Windows\Tasks\casual_games_helper_service.job => C:\Program Files\Casual Games\casual_games_helper_service.exe
Task: C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11.job => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-4.job => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-6.job => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7.job => C:\Program Files\FLV Player Addon\f8aac747-34de-4f0b-948e-395f20e6f50d-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\new_game_notification_service.job => C:\Program Files\new game\new_game_notification_service.exeг/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='new game' /appid='73143' /srcid='2913' /bic='648227f55db0db856f1f5bd399587498' /verifier='fca1367fe909c2f6d773f88a1a813749' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\new_game_updating_service.job => C:\Program Files\new game\new_game_updating_service.exeЁ/campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=new_game_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e1cfbb30-26f5-11e1-8429-806e6f6e6963} - F:\setup.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Group Policy Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://dts.search.as...q={searchTerms}
SearchScopes: HKLM -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://searchfunmood...E&cr=1760736312
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DDFDC732-AAD1-47A8-8776-3550658B2875} URL = http://rts.dsrlte.co...rchTerms}&r=738
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol...121565&tsp=5008
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylo...0003cd92b637c04
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.condui...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.co...rchTerms}&r=980
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol...121565&tsp=5008
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7182CC3C-E589-4389-7306-16715D3A4C42} URL = http://search.babylo...0003cd92b637c04
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BA967819-B32C-4ED8-B04E-05D2A406477C} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} URL = http://search.condui...q={searchTerms}
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ECDD8EEE-1125-4213-A34F-F1E0BD72846F} URL = http://rts.dsrlte.co...rchTerms}&r=980
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - {FE69C007-C452-4d3e-86D2-1730DF8BC871} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
FF NewTab: 
FF SearchEngineOrder.1: Ask.com
FF Keyword.URL: 
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Ask.xml [2014-10-02]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\browsemngr.xml [2012-11-13]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\conduit-search.xml [2013-09-26]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\dsrlte.xml [2015-01-22]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Funmoods.xml [2012-11-16]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\mixidj.xml [2013-09-17]
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Search_Results.xml [2012-11-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml [2014-10-02]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-10-02]
FF Extension: Default Tab - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\addon@defaulttab.com [2013-09-17]
FF Extension: Funmoods.com - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ffxtlbr@funmoods.com [2012-11-16]
FF Extension: new game - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\Sq3TM@gmail.com [2015-04-02]
FF Extension: Casual Games - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ZAGeTQ8H@gmail.com [2015-05-28]
FF Extension: Ask New Tabs - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{9A7DF664-82DC-020F-C190-9A665AF83389} [2014-04-09]
FF Extension: SimilarSites - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{E71B541F-5E72-5555-A47C-E47863195841} [2013-04-11]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi [2014-02-26]
FF Extension: Flash Video Downloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\artur.dubovoy@gmail.com.xpi [2012-09-25]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [eiimolhnbbbdagljikeckdkldgemmmlj] - C:\Program Files\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\Administrator\AppData\Roaming\SimilarSites\similarsites.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Administrator\AppData\Local\I Want This\Chrome\I Want This.crx [Not Found]
CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.goo...ice/update2/crx
OPR Extension: (lucky leap) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom [2015-04-20]
OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\onbakjbemhciecaakohbeichgilnhhne [2015-04-21]
S2 bProtector; C:\ProgramData\bProtector\bProtect.exe [X]
S4 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc [X] <==== ATTENTION
S4 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION
S2 Util lucky leap; "C:\Program Files\lucky leap\bin\utilluckyleap.exe" [X]
S1 yoqododh; \??\C:\Windows\system32\drivers\yoqododh.sys [X]
2015-06-08 08:46 - 2015-06-08 08:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\{55898BB4-84DB-4972-A6D3-1C422794C945}
2015-05-28 13:26 - 2015-06-09 13:58 - 00000448 _____ C:\Windows\Tasks\casual_games_helper_service.job
2015-05-28 13:26 - 2015-05-28 13:26 - 00000000 ____D C:\Program Files\Casual Games
2015-06-09 13:58 - 2015-04-02 13:48 - 00001304 _____ C:\Windows\Tasks\new_game_notification_service.job
2015-06-09 13:58 - 2015-04-02 13:48 - 00000666 _____ C:\Windows\Tasks\new_game_updating_service.job
2015-06-09 13:58 - 2014-09-12 13:21 - 00000900 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-09 13:58 - 2014-09-12 13:21 - 00000896 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-08 16:52 - 2012-07-04 12:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\I Want This
2015-06-08 15:32 - 2013-09-17 15:03 - 00000000 ____D C:\ProgramData\SimilarSites
2015-06-08 15:32 - 2012-11-16 17:42 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\SimilarSites
2015-06-08 15:29 - 2012-11-12 15:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\BearShare
2014-09-12 13:18 - 2014-09-12 13:18 - 6010880 _____ () C:\Program Files\GUT7668.tmp
2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX
2015-03-31 11:14 - 2015-03-31 11:14 - 0005655 _____ () C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3
2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\KfOwsG9x
2015-03-31 11:14 - 2015-03-31 11:14 - 0004387 _____ () C:\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T
2012-11-16 17:43 - 2012-11-16 17:42 - 0290500 _____ () C:\Users\Administrator\AppData\Local\funmoods-speeddial_sf.crx
2012-11-16 17:43 - 2012-11-16 17:42 - 0031465 _____ () C:\Users\Administrator\AppData\Local\funmoods.crx
2014-04-15 11:35 - 2014-04-15 11:35 - 0005113 _____ () C:\ProgramData\mtbjfghn.xbe
C:\Users\Administrator\AppData\Local\Temp\DeltaTB.exe
C:\Users\Administrator\AppData\Local\Temp\WSSetup.exe
C:\Users\Visitor\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Visitor\AppData\Local\Temp\tmpCB3A.exe
C:\Users\Visitor\AppData\Local\Temp\_D6.exe
EmptyTemp:
end
*****************
 
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DF0C904-9ECD-4966-9C5F-55EC506EB63D} => key not found. 
C:\Windows\System32\Tasks\new_game_updating_service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\new_game_updating_service => key not found. 
"C:\Program Files\new game" => File/Folder not found.
"C:\Users\ADMINI~1\AppData\Roaming\Funmoods" => File/Folder not found.
"C:\Program Files\FLV Player Addon" => File/Folder not found.
"C:\Program Files\globalUpdate" => File/Folder not found.
"C:\Program Files\MyPC Backup" => File/Folder not found.
"C:\ProgramData\bProtector" => File/Folder not found.
"C:\Program Files\lucky leap" => File/Folder not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40082259-BF2A-4240-9355-3E4EB8013971} => key not found. 
C:\Windows\System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f8aac747-34de-4f0b-948e-395f20e6f50d-7 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41300F42-1703-46D8-BFDF-81490203FD2D} => key not found. 
C:\Windows\System32\Tasks\new_game_notification_service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\new_game_notification_service => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4877EBD6-649A-45D2-88C1-0C2A2D20D467} => key not found. 
C:\Windows\System32\Tasks\Funmoods not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CD11495-3EE8-4B87-A7FC-4FA8E1843928} => key not found. 
C:\Windows\System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f8aac747-34de-4f0b-948e-395f20e6f50d-4 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67DC73B0-B07D-4342-91C0-C1B47F3C7239} => key not found. 
C:\Windows\System32\Tasks\casual_games_helper_service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\casual_games_helper_service => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1DD53BD-9EEC-43E9-B87C-F922E60512B9} => key not found. 
C:\Windows\System32\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f8aac747-34de-4f0b-948e-395f20e6f50d-11 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5EA0506-471C-49CC-84A9-0A702CE971F5} => key not found. 
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0FF6327-1261-414C-BA3C-9F27393847BB} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f8aac747-34de-4f0b-948e-395f20e6f50d-6 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC9E7BB2-809F-412F-B0FE-10BE75DED338} => key not found. 
C:\Windows\System32\Tasks\LaunchApp not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp => key not found. 
C:\Windows\Tasks\casual_games_helper_service.job not found.
C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-11.job not found.
C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-4.job not found.
C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-6.job not found.
C:\Windows\Tasks\f8aac747-34de-4f0b-948e-395f20e6f50d-7.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\new_game_notification_service.job not found.
C:\Windows\Tasks\new_game_updating_service.job not found.
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found. 
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => key not found. 
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User" => File/Folder not found.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User" => File/Folder not found.
HKLM\SOFTWARE\Policies\Google => key not found. 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value not found.
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found. 
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKCR\CLSID\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value not found.
HKU\S-1-5-21-299244719-1399796724-3294634451-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value not found.
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DDFDC732-AAD1-47A8-8776-3550658B2875} => key not found. 
HKCR\CLSID\{DDFDC732-AAD1-47A8-8776-3550658B2875} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKCR\CLSID\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA967819-B32C-4ED8-B04E-05D2A406477C} => key not found. 
HKCR\CLSID\{BA967819-B32C-4ED8-B04E-05D2A406477C} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} => key not found. 
HKCR\CLSID\{BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECDD8EEE-1125-4213-A34F-F1E0BD72846F} => key not found. 
HKCR\CLSID\{ECDD8EEE-1125-4213-A34F-F1E0BD72846F} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKCR\CLSID\{7182CC3C-E589-4389-7306-16715D3A4C42} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA967819-B32C-4ED8-B04E-05D2A406477C} => key not found. 
HKCR\CLSID\{BA967819-B32C-4ED8-B04E-05D2A406477C} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} => key not found. 
HKCR\CLSID\{BBE9CA6B-DF88-4665-BCF3-DB5D8B6DF0D6} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECDD8EEE-1125-4213-A34F-F1E0BD72846F} => key not found. 
HKCR\CLSID\{ECDD8EEE-1125-4213-A34F-F1E0BD72846F} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => key not found. 
HKCR\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} => value not found.
HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => value not found.
HKCR\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-1006-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-299244719-1399796724-3294634451-500-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. 
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => key not found. 
HKCR\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => key not found. 
Firefox newtab removed successfully.
Firefox SearchEngineOrder.1 removed successfully.
Firefox Keyword.URL removed successfully.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Ask.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\browsemngr.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\conduit-search.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\dsrlte.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Funmoods.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\mixidj.xml" => not found.
"C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\Search_Results.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\Ask.xml" => not found.
"C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml" => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\addon@defaulttab.com => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ffxtlbr@funmoods.com => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\Sq3TM@gmail.com => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\ZAGeTQ8H@gmail.com => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{9A7DF664-82DC-020F-C190-9A665AF83389} => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{E71B541F-5E72-5555-A47C-E47863195841} => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\artur.dubovoy@gmail.com.xpi => not found.
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi => not found.
"C:\Program Files\mozilla firefox\browser\defaults\preferences\my-prefs.js" => not found.
"C:\Program Files\mozilla firefox\mozilla.cfg" => not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj => key not found. 
HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl => key not found. 
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => key not found. 
HKU\S-1-5-21-299244719-1399796724-3294634451-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => key not found. 
C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom folder not found.
C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\onbakjbemhciecaakohbeichgilnhhne folder not found.
bProtector => Service not found.
globalUpdate => Service not found.
globalUpdatem => Service not found.
Util lucky leap => Service not found.
yoqododh => Service not found.
"C:\Users\Administrator\AppData\Local\{55898BB4-84DB-4972-A6D3-1C422794C945}" => File/Folder not found.
"C:\Windows\Tasks\casual_games_helper_service.job" => File/Folder not found.
"C:\Program Files\Casual Games" => File/Folder not found.
"C:\Windows\Tasks\new_game_notification_service.job" => File/Folder not found.
"C:\Windows\Tasks\new_game_updating_service.job" => File/Folder not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Folder not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\I Want This" => File/Folder not found.
"C:\ProgramData\SimilarSites" => File/Folder not found.
"C:\Users\Administrator\AppData\Roaming\SimilarSites" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\BearShare" => File/Folder not found.
"C:\Program Files\GUT7668.tmp" => File/Folder not found.
"C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX" => File/Folder not found.
"C:\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3" => File/Folder not found.
"C:\Users\Administrator\AppData\Roaming\KfOwsG9x" => File/Folder not found.
"C:\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\funmoods-speeddial_sf.crx" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\funmoods.crx" => File/Folder not found.
"C:\ProgramData\mtbjfghn.xbe" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\Temp\DeltaTB.exe" => File/Folder not found.
"C:\Users\Administrator\AppData\Local\Temp\WSSetup.exe" => File/Folder not found.
"C:\Users\Visitor\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe" => File/Folder not found.
"C:\Users\Visitor\AppData\Local\Temp\tmpCB3A.exe" => File/Folder not found.
"C:\Users\Visitor\AppData\Local\Temp\_D6.exe" => File/Folder not found.
EmptyTemp: => 39.5 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 11:18:11 ====

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Щом е липсващо това означава, че или защото сте променяли неща, съответно лог файла не е правилния, който сте ми дали, или пък сте го изпълнили вече и втория път дава този резултат, което е нормално.

Генерирайте нови лог файлове от FRST и ги публикувайте тук.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by Administrator (administrator) on GLBG1543PC02 on 11-06-2015 11:33:29
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Librarian & Visitor & Administrator)
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(OCS Inventory NG) C:\Program Files\OCS Inventory Agent\OcsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [startCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
Winlogon\Notify\avldr: avldr.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2015-06-11]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-06-09] ()
Startup: C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-17]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-500 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.)
Handler: AutorunsDisabled\skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-12] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\user.js [2015-06-11]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\bingp.xml [2015-04-03]
FF Extension: BitComet Video Downloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2015-06-10]
FF Extension: Feedback - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-12-04]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2012-09-25]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-10]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\ffxtlbr@funmoods.com [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841} [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\artur.dubovoy@gmail.com.xpi [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\Sq3TM@gmail.com [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\ZAGeTQ8H@gmail.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-25]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-25]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-25]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-25]
CHR HKLM\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21]
 
Opera: 
=======
OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-21] (Avast Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-21] ()
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-05-14] (HID Global Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl53abcca9; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{733B82C9-EE4F-4724-8D53-0A43FFAF3B20}\MpKsl53abcca9.sys [39464 2015-06-11] (Microsoft Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-21] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 08:57 - 2015-06-11 08:57 - 00017231 _____ C:\Users\Administrator\Desktop\fixlist .txt
2015-06-11 08:28 - 2015-06-11 11:19 - 00155170 _____ C:\Windows\PFRO.log
2015-06-11 08:28 - 2015-06-11 11:19 - 00000224 _____ C:\Windows\setupact.log
2015-06-11 08:28 - 2015-06-11 08:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-10 15:01 - 2015-06-11 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-06-10 15:01 - 2008-11-10 11:41 - 00032656 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-06-10 14:59 - 2015-06-10 15:04 - 00000000 ____D C:\Program Files\Microsoft Works
2015-06-10 14:51 - 2015-06-10 14:52 - 00000000 ____D C:\Program Files\CCleaner
2015-06-10 14:51 - 2015-06-10 14:51 - 00000931 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-10 14:51 - 2015-06-10 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2015-06-10 14:48 - 2015-06-10 14:58 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-10 14:28 - 2015-06-10 14:28 - 00001174 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2015-06-10 13:38 - 2015-06-10 13:38 - 00000931 _____ C:\Users\Public\Desktop\BitComet.lnk
2015-06-10 13:38 - 2015-06-10 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2015-06-10 13:37 - 2015-06-10 13:38 - 00000000 ____D C:\Program Files\BitComet
2015-06-10 13:04 - 2015-05-21 12:52 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-10 09:25 - 2015-05-09 06:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:25 - 2015-05-09 06:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:25 - 2015-05-09 06:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:25 - 2015-05-09 06:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:25 - 2015-05-09 06:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 09:25 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 09:25 - 2015-04-29 21:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 09:24 - 2015-04-24 20:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 08:56 - 2015-06-11 11:33 - 00000000 ____D C:\FRST
2015-06-09 09:04 - 2015-05-24 12:40 - 00593048 ____N (Sysinternals - www.sysinternals.com) C:\autorunsc.exe
2015-06-09 09:04 - 2015-05-24 12:39 - 00680600 ____N (Sysinternals - www.sysinternals.com) C:\Autoruns.exe
2015-06-09 09:04 - 2014-06-28 16:47 - 00002028 ____N C:\Eula.txt
2015-06-09 08:34 - 2015-06-09 08:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\{9B08D2F6-41FE-40B1-8E2D-67A5F54D5468}
2015-06-08 11:46 - 2015-06-08 11:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\VSRevoGroup
2015-06-08 11:43 - 2015-06-08 11:43 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-08 10:09 - 2015-06-11 11:20 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 10:09 - 2015-06-08 10:09 - 00001026 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-08 10:09 - 2015-06-08 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 10:08 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-05 13:14 - 2015-05-22 21:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 13:14 - 2015-05-22 20:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 13:14 - 2015-05-21 16:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 13:01 - 2015-06-05 13:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\{B049210D-E73B-4D44-970C-05480D1A0D2B}
2015-06-02 10:06 - 2015-06-04 10:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{2E0E6D98-968E-4C86-8268-82718DF5A82A}
2015-05-29 09:12 - 2015-05-29 09:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6CA558CC-73B4-4398-95F9-E50444B2C26F}
2015-05-28 10:46 - 2015-05-28 10:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\{BD0DDE8F-FFF3-4EC5-83CF-F95D466E12EF}
2015-05-27 12:16 - 2015-05-27 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{C3E4B2B2-DF21-425B-A86D-13700E573D2E}
2015-05-26 12:50 - 2015-05-26 12:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A5570127-7FF7-45DB-88E2-DD178A14086B}
2015-05-25 12:51 - 2015-06-09 13:58 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500UA.job
2015-05-25 12:51 - 2015-06-09 13:58 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500Core.job
2015-05-25 11:49 - 2015-05-25 11:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\{8B24C122-E5A7-4B6C-8C5E-8B75D03CF937}
2015-05-22 09:27 - 2015-05-22 09:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\{E68D8378-FC2E-4AE7-8193-639A705BDA72}
2015-05-21 13:02 - 2015-05-21 13:03 - 00000000 ____D C:\Windows\system32\vbox
2015-05-21 12:52 - 2015-05-21 12:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-21 11:18 - 2015-05-21 11:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A159BB46-20C8-4923-BFD7-1B9B3B92EB9E}
2015-05-20 13:15 - 2015-05-20 13:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D1FB0108-07FA-437F-9A97-A09534B49E55}
2015-05-19 09:43 - 2015-05-19 09:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\{0F2D45D9-FF5C-46B5-B01F-4ABD68CD81C6}
2015-05-18 10:17 - 2015-05-18 10:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6B81EFE9-D98C-4433-9719-07394B3803EE}
2015-05-15 10:45 - 2015-05-15 10:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\{5E21014A-BBCB-4F87-A403-C2A4E99D190D}
2015-05-13 12:25 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:29 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:29 - 2015-01-29 06:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:28 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:28 - 2015-04-27 22:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 10:28 - 2015-04-27 22:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:28 - 2015-04-27 22:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:28 - 2015-04-27 22:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:28 - 2015-04-27 22:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:28 - 2015-04-27 22:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:28 - 2015-04-27 22:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:28 - 2015-04-27 22:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:28 - 2015-04-27 22:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:28 - 2015-04-27 22:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:28 - 2015-04-27 22:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:28 - 2015-04-27 22:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:28 - 2015-04-27 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:28 - 2015-04-27 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:28 - 2015-04-27 21:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:28 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:28 - 2015-04-20 05:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:28 - 2015-04-20 05:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:28 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:27 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:27 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:27 - 2015-04-21 19:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:27 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:27 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:27 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:27 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:27 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:27 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:27 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:27 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:27 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:27 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:27 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:27 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:27 - 2015-04-21 18:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:27 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:27 - 2015-04-21 18:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:27 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:27 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:27 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:27 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:27 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:27 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:27 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:27 - 2015-04-21 18:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:27 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:27 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:27 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:27 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:27 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:27 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:27 - 2015-04-13 06:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:24 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:24 - 2015-04-08 06:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:24 - 2015-03-04 07:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:24 - 2015-03-04 07:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 09:39 - 2015-05-13 09:39 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D8D53B24-10D1-46A4-A214-E7C7BD2096B8}
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 11:32 - 2010-10-24 22:53 - 01775644 _____ C:\Windows\WindowsUpdate.log
2015-06-11 11:29 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-11 11:29 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-11 11:19 - 2012-06-25 14:19 - 06476514 _____ C:\XrxUsd.log
2015-06-11 11:19 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-11 11:19 - 2009-07-14 05:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-11 10:30 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Vss
2015-06-11 10:10 - 2014-10-02 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FirefoxToolbar
2015-06-11 10:10 - 2014-04-15 11:33 - 00000000 ____D C:\ProgramData\APN
2015-06-11 10:10 - 2014-02-26 16:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Popajar
2015-06-11 10:10 - 2014-02-07 16:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FunmoodsChat
2015-06-11 10:10 - 2012-07-09 10:24 - 00000000 ____D C:\Users\Librarian\AppData\Roaming\PerformerSoft
2015-06-11 10:10 - 2012-07-06 13:52 - 00000000 ____D C:\Users\Visitor\AppData\Roaming\PerformerSoft
2015-06-11 09:09 - 2010-10-29 17:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-06-11 09:09 - 2010-10-25 14:50 - 00000008 __RSH C:\Users\Administrator\ntuser.pol
2015-06-11 09:09 - 2010-10-25 14:50 - 00000000 ____D C:\Users\Administrator
2015-06-11 09:04 - 2013-04-11 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-11 09:03 - 2010-10-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 08:40 - 2010-10-30 10:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2015-06-11 08:40 - 2010-10-24 19:51 - 00000000 ____D C:\ProgramData\Adobe
2015-06-11 08:31 - 2009-07-14 07:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 16:43 - 2012-09-11 14:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\BitComet
2015-06-10 15:06 - 2009-07-14 05:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-10 14:58 - 2009-07-14 07:52 - 00000000 ____D C:\Program Files\MSBuild
2015-06-10 14:57 - 2011-03-25 21:28 - 00000000 ____D C:\Windows\Panther
2015-06-10 14:56 - 2010-10-24 20:08 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-06-10 14:51 - 2014-02-21 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-10 14:51 - 2010-10-24 20:06 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-06-10 14:06 - 2010-10-29 10:05 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-10 14:06 - 2010-10-24 19:51 - 00000000 ____D C:\Program Files\Adobe
2015-06-10 13:35 - 2009-07-14 05:04 - 00000710 _____ C:\Windows\win.ini
2015-06-09 16:43 - 2010-10-31 18:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-06-09 13:58 - 2013-03-04 10:31 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 13:58 - 2013-03-04 10:31 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001098 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001076 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006UA.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006Core.job
2015-06-08 16:10 - 2015-04-03 08:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 16:10 - 2011-03-25 20:30 - 00109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-08 16:09 - 2013-03-04 10:31 - 00000000 ____D C:\Program Files\Google
2015-06-08 16:08 - 2010-10-31 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-06-08 16:05 - 2013-09-05 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-06-08 16:05 - 2013-09-05 11:49 - 00000000 ____D C:\Program Files\Canon
2015-06-08 16:03 - 2013-01-03 11:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\calibre
2015-06-08 16:03 - 2013-01-03 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-06-08 15:57 - 2009-07-14 07:33 - 03763560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera
2015-06-08 15:34 - 2014-12-11 15:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape
2015-06-08 15:30 - 2013-06-21 10:16 - 00000000 ____D C:\Program Files\TeamViewer
2015-06-08 15:30 - 2012-11-22 12:50 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
2015-06-08 15:27 - 2010-10-30 13:58 - 00000000 ____D C:\Program Files\Windows Live
2015-06-08 15:22 - 2013-09-13 09:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\WebPlayer
2015-06-08 15:21 - 2012-04-26 10:02 - 140266064 _____ C:\xxbgtask.log
2015-06-08 15:12 - 2015-02-02 17:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity
2015-06-08 08:42 - 2014-12-11 13:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-08 08:42 - 2014-05-10 08:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-05-29 13:42 - 2010-10-24 19:26 - 00980294 _____ C:\Windows\system32\perfh01F.dat
2015-05-29 13:42 - 2010-10-24 19:26 - 00455792 _____ C:\Windows\system32\perfc01F.dat
2015-05-29 13:42 - 2010-10-24 18:25 - 00006444 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-29 09:16 - 2010-10-24 18:32 - 00000000 ____D C:\ProgramData\Skype
2015-05-26 12:52 - 2013-09-25 13:32 - 00000000 ___RD C:\Program Files\Skype
2015-05-21 12:52 - 2014-09-24 13:10 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-21 12:52 - 2014-09-24 13:10 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-15 16:55 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 12:10 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache
2015-05-15 11:18 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-05-15 10:36 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-15 10:34 - 2010-10-24 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 12:24 - 2010-10-24 20:22 - 00000039 _____ C:\Windows\vbaddin.ini
2015-05-13 12:23 - 2015-03-04 10:02 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Center Endpoint Protection.lnk
2015-05-13 12:23 - 2011-03-25 23:13 - 00001945 _____ C:\Windows\epplauncher.mif
2015-05-13 12:22 - 2013-09-25 13:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-13 12:04 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 12:04 - 2010-10-24 18:39 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 11:58 - 2010-10-24 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
==================== Files in the root of some directories =======
 
2013-01-19 10:44 - 2013-01-19 10:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-09-23 12:52 - 2015-02-17 13:54 - 0000135 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG
2010-10-29 19:41 - 2014-09-12 13:09 - 0008082 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2010-10-26 17:33 - 2010-10-26 17:33 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-09 12:15
 
==================== End of log ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Моля изтеглете и стартирайте изпълнимия файл от линка отдолу:

    ESET OnlineScan

  • Сложете отметката предesetAcceptTerms.png
  • Натиснете бутона esetStart.png.
  • Сложете отметката пред Enable detection of potentially unwanted applications.
  • Сега кликнете на Advanced Settings и се уверете, че опцията Remove found threats не е маркирана, а следните са маркирани:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
    • Изберете сега бутона Change и изберете само Operating memory и дял C:\
fhSji42.png
  • Натиснете бутона Start.
  • ESET ще започне да сваля и инсталира актуализации за вирусните дефиниции и след това ще започне да сканира компютъра. Бъдете търпеливи, защото процеса е бавен и може да отнеме доста време.
  • След като проверката приключи натиснете бутонаesetListThreats.png
  • Сега натиснете бутона esetExport.png, и запазете файла на десктопа с име по избор като например (ESETScan.txt). Копирайте резултата в следващия си коментар.
  • Натиснете бутона esetBack.png и след това натиснете бутона esetFinish.png за да затворите приложението.
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявам се за закъснението

 

 

C:\FRST\Quarantine\C\Program Files\Casual Games\casual_games_helper_service.exe a variant of Win32/Toolbar.CrossRider.CR potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe Win32/AlteredSoftware.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll a variant of Win32/AlteredSoftware.E potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\Download\{ADA00485-01A0-4995-B627-8C1068B634B7}\1.3.25.29\setup.exe a variant of Win32/Toolbar.CrossRider.CQ potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\KfOwsG9x.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T.xBAD JS/Toolbar.Crossrider.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application
C:\Program Files\Cheat Engine 6.3\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Users\Administrator\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.1.zip a variant of Win32/Mobogenie.A potentially unwanted application
C:\Users\Administrator\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application
C:\Users\Administrator\AppData\Roaming\BabSolution\Shared\BUSolution.dll Win32/Toolbar.Babylon.AE potentially unwanted application
C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application
C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application
C:\Users\Visitor\AppData\Roaming\Movies Toolbar\SafetyNut\components\SafetyNutHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\Visitor\Application Data\Movies Toolbar\SafetyNut\components\SafetyNutHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\Visitor\Local Settings\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application
C:\Users\Visitor\Local Settings\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application
C:\Windows\Installer\71a136.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не е проблем времето, не се притеснявайте.

Моля, направете ново сканиране с ESET Online Scanner като този път маркирате и Remove Selected, освен останалите неща по-горе посочени.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
C:\Users\Visitor\Application Data\Movies Toolbar\SafetyNut\components\SafetyNutHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\Users\Visitor\Local Settings\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application
C:\Users\Visitor\Local Settings\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application
C:\FRST\Quarantine\C\Program Files\Casual Games\casual_games_helper_service.exe a variant of Win32/Toolbar.CrossRider.CR potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe Win32/AlteredSoftware.A potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll a variant of Win32/AlteredSoftware.E potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll a variant of Win32/AlteredSoftware.B potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Program Files\globalUpdate\Update\Download\{ADA00485-01A0-4995-B627-8C1068B634B7}\1.3.25.29\setup.exe a variant of Win32/Toolbar.CrossRider.CQ potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX.xBAD JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\0W9ojlSERHVQh9fP4uW0uqGX3.xBAD JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\KfOwsG9x.xBAD JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\xwMEhk3tTuYDvHMsB1V2T.xBAD JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application cleaned by deleting - quarantined
C:\Program Files\Cheat Engine 6.3\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.1.zip a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Roaming\BabSolution\Shared\BUSolution.dll Win32/Toolbar.Babylon.AE potentially unwanted application cleaned by deleting - quarantined
C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application cleaned by deleting - quarantined
C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkpfcgompgkeceodpodleppkhdjoeom\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application cleaned by deleting - quarantined
C:\Users\Visitor\AppData\Roaming\Movies Toolbar\SafetyNut\components\SafetyNutHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application cleaned by deleting - quarantined
C:\Windows\Installer\71a136.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application deleted - quarantined

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Супер!

Как е системата ви в момента?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

не мисля че има разлика.Може ли да видите процесите виждат ми се доста

post-318579-0-46399800-1434116131_thumb.

post-318579-0-14680400-1434116143_thumb.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Броят на процесите няма никакво значение. Виждате множество процеси на Chrome, защото всеки таб създава нов процес. Виждате множество процеси svchost.exe , защото всеки един изпълнява различни услуги за операционната система.

Има ли подобрение в производителността? Все още ли има забавяне при търсене в Интернет, както сте посочили по-рано?

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

1.Изтеглете Hitman Pro.

За 32-битова система - dEMD6.gif.

За 64-битова система - Download-button3.gif

2.Стартирайте програмата.

3.След като сте стартирали програмата като кликнете върху иконата 5vo5F.jpg и натиснете бутона „Напред“ като се съгласите с лицензионното споразумение (EULA).

4.Сложете отметка пред "Не, искам да завърша еднократно сканиране на компютъра".

5.Натиснете бутона „Напред“.

6.Програмата ще започне да сканира. Времето за сканиране е около 2 минути.

7.След завършване на сканирането от списъка с намерените неща (ако има такива) изберете Apply to all => Ignore.

8.Натиснете "Next" и след това натиснете "Изнеси резултата в XML file" и запазете лог файла на десктопа.

9.Архивирайте файла и го прикачете в следващия си коментар или копирайте съдържанието му в следващия си коментар.

 

Забележка: Ако няма падащо меню, където да изберете ignore както на снимката:

 

6-scanfin-choose.jpg

 

Тогава просто затворете програмата след края на проверката (без да премахвате нищо)...след това отворете C:Programdata\HitmanPro\Logs, отворете и публикувайте съдържанието на лог файла в следващия си коментар.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
HitmanPro 3.7.9.241
www.hitmanpro.com
 
   Computer name . . . . : GLBG1543PC02
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : GLBG1543PC02\Administrator
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2015-06-15 09:04:46
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 48s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 72
 
   Objects scanned . . . : 1 637 945
   Files scanned . . . . : 43 005
   Remnants scanned  . . : 299 289 files / 1 295 651 keys
 
Cookies _____________________________________________________________________
 
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.indexinfo.org
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kaldata.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pimdesign.org
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kaldata.com
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.abv.bg
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Librarian\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldpartners.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.3bay.bg
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.betweendigital.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.brandfit.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.domainbg.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fashionsupreme.co.uk
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.gamesbannernet.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pik.bg
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.socialvi.be
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.abv.bg
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertisegame.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstmedia.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:diff3.smartadserver.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Visitor\AppData\Roaming\Mozilla\Firefox\Profiles\7m1w8icp.default\cookies.sqlite:casalemedia.com
   C:\Users\Visitor\AppData\Roaming\Mozilla\Firefox\Profiles\7m1w8icp.default\cookies.sqlite:doubleclick.net
   C:\Users\Visitor\AppData\Roaming\Mozilla\Firefox\Profiles\7m1w8icp.default\cookies.sqlite:smartadserver.com
   C:\Users\Visitor\AppData\Roaming\Mozilla\Firefox\Profiles\7m1w8icp.default\cookies.sqlite:www.etracker.de
 
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изглежда чист.

Изтеглете Security Check от screen317 от този линк или и го запаметете на вашия десктоп.

Кликнете два пъти върху SecurityCheck.exe и следвайте инструкциите.

Накрая, автоматично ще се отвори текстов документ, наречен checkup.txt, моля прикачете го в следващия ви коментар в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
System Center Endpoint Protection   
avast! Antivirus                    
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Adobe Reader XI  
 Mozilla Firefox (en-US). Firefox out of Date!  
 Google Chrome (43.0.2357.65) 
 Google Chrome (43.0.2357.81) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Моля, генерирайте нови лог файлове от FRST.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Administrator (administrator) on GLBG1543PC02 on 16-06-2015 11:14:54
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Librarian & Visitor & Administrator)
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(OCS Inventory NG) C:\Program Files\OCS Inventory Agent\OcsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [startCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\avldr: avldr.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [skype] => C:\Program Files\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2015-06-11]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-06-09] ()
Startup: C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-17]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL No File
Handler: AutorunsDisabled\skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\user.js [2015-06-11]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\searchplugins\bingp.xml [2015-04-03]
FF Extension: BitComet Video Downloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2015-06-10]
FF Extension: Feedback - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-12-04]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2012-09-25]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-10]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\ffxtlbr@funmoods.com [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841} [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\artur.dubovoy@gmail.com.xpi [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\addon@defaulttab.com.xpi [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\Sq3TM@gmail.com [not found]
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\2bbrihkd.default\extensions\ZAGeTQ8H@gmail.com [not found]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-25]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-25]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-25]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-25]
CHR HKLM\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21]
 
Opera: 
=======
OPR Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-21] (Avast Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-21] ()
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-05-14] (HID Global Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-21] (Avast Software)
R1 MpKsle68b1499; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69534278-A353-4E65-B7F9-FC02C1424233}\MpKsle68b1499.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-15 09:03 - 2015-06-15 10:03 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-11 12:35 - 2015-06-11 12:35 - 00000000 ____D C:\Program Files\ESET
2015-06-11 08:57 - 2015-06-11 08:57 - 00017231 _____ C:\Users\Administrator\Desktop\fixlist .txt
2015-06-11 08:28 - 2015-06-16 08:27 - 00001538 _____ C:\Windows\setupact.log
2015-06-11 08:28 - 2015-06-15 11:44 - 00155614 _____ C:\Windows\PFRO.log
2015-06-11 08:28 - 2015-06-11 08:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-10 15:01 - 2015-06-11 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-06-10 15:01 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-06-10 14:59 - 2015-06-10 15:04 - 00000000 ____D C:\Program Files\Microsoft Works
2015-06-10 14:51 - 2015-06-10 14:52 - 00000000 ____D C:\Program Files\CCleaner
2015-06-10 14:51 - 2015-06-10 14:51 - 00000931 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-10 14:51 - 2015-06-10 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2015-06-10 14:48 - 2015-06-15 08:54 - 00000000 ____D C:\Program Files\Microsoft Office
2015-06-10 14:28 - 2015-06-10 14:28 - 00001174 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2015-06-10 13:38 - 2015-06-10 13:38 - 00000931 _____ C:\Users\Public\Desktop\BitComet.lnk
2015-06-10 13:38 - 2015-06-10 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2015-06-10 13:37 - 2015-06-10 13:38 - 00000000 ____D C:\Program Files\BitComet
2015-06-10 13:04 - 2015-05-21 12:52 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-10 09:27 - 2015-06-02 22:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:27 - 2015-05-27 17:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:27 - 2015-05-23 06:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:27 - 2015-05-23 06:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:27 - 2015-05-23 06:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:27 - 2015-05-23 06:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:27 - 2015-05-23 06:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:27 - 2015-05-23 06:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:27 - 2015-05-23 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:27 - 2015-05-23 06:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:27 - 2015-05-23 06:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:27 - 2015-05-23 06:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:27 - 2015-05-23 06:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:27 - 2015-05-23 06:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:27 - 2015-05-23 06:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:27 - 2015-05-23 06:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:27 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:27 - 2015-05-23 06:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:27 - 2015-05-23 05:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:27 - 2015-05-23 05:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:27 - 2015-05-23 05:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:27 - 2015-05-23 05:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:27 - 2015-05-23 05:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:27 - 2015-05-23 05:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:27 - 2015-05-23 05:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:27 - 2015-05-23 05:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:27 - 2015-05-23 05:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:27 - 2015-05-23 05:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:27 - 2015-05-23 05:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:27 - 2015-05-23 05:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:27 - 2015-05-23 05:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:27 - 2015-05-23 05:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:26 - 2015-05-25 21:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 09:26 - 2015-05-25 21:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 09:26 - 2015-05-25 21:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 09:26 - 2015-05-25 21:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 09:26 - 2015-05-25 21:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 09:26 - 2015-05-25 21:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 09:26 - 2015-05-25 21:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 09:26 - 2015-05-25 21:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 09:26 - 2015-05-25 20:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 09:26 - 2015-05-25 20:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 09:26 - 2015-05-25 20:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 09:26 - 2015-05-25 20:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 09:26 - 2015-05-25 20:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:26 - 2015-05-25 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 09:26 - 2015-04-11 06:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 09:25 - 2015-05-09 06:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:25 - 2015-05-09 06:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:25 - 2015-05-09 06:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:25 - 2015-05-09 06:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:25 - 2015-05-09 06:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 06:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:25 - 2015-05-09 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 09:25 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 09:25 - 2015-04-29 21:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 09:25 - 2015-04-29 21:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 09:24 - 2015-04-24 20:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 08:56 - 2015-06-16 11:15 - 00000000 ____D C:\FRST
2015-06-09 09:04 - 2015-05-24 12:40 - 00593048 ____N (Sysinternals - www.sysinternals.com) C:\autorunsc.exe
2015-06-09 09:04 - 2015-05-24 12:39 - 00680600 ____N (Sysinternals - www.sysinternals.com) C:\Autoruns.exe
2015-06-09 09:04 - 2014-06-28 16:47 - 00002028 ____N C:\Eula.txt
2015-06-09 08:34 - 2015-06-09 08:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\{9B08D2F6-41FE-40B1-8E2D-67A5F54D5468}
2015-06-08 11:46 - 2015-06-08 11:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\VSRevoGroup
2015-06-08 11:43 - 2015-06-08 11:43 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-08 10:09 - 2015-06-16 08:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 10:09 - 2015-06-08 10:09 - 00001026 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-08 10:09 - 2015-06-08 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-08 10:08 - 2015-06-08 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 10:08 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 10:08 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-05 13:14 - 2015-05-22 21:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 13:14 - 2015-05-22 21:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 13:14 - 2015-05-22 20:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 13:14 - 2015-05-21 16:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 13:01 - 2015-06-05 13:02 - 00000000 ____D C:\Users\Administrator\AppData\Local\{B049210D-E73B-4D44-970C-05480D1A0D2B}
2015-06-02 10:06 - 2015-06-04 10:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{2E0E6D98-968E-4C86-8268-82718DF5A82A}
2015-05-29 09:12 - 2015-05-29 09:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6CA558CC-73B4-4398-95F9-E50444B2C26F}
2015-05-28 10:46 - 2015-05-28 10:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\{BD0DDE8F-FFF3-4EC5-83CF-F95D466E12EF}
2015-05-27 12:16 - 2015-05-27 12:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{C3E4B2B2-DF21-425B-A86D-13700E573D2E}
2015-05-26 12:50 - 2015-05-26 12:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A5570127-7FF7-45DB-88E2-DD178A14086B}
2015-05-25 12:51 - 2015-06-09 13:58 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500UA.job
2015-05-25 12:51 - 2015-06-09 13:58 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-500Core.job
2015-05-25 11:49 - 2015-05-25 11:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\{8B24C122-E5A7-4B6C-8C5E-8B75D03CF937}
2015-05-22 09:27 - 2015-05-22 09:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\{E68D8378-FC2E-4AE7-8193-639A705BDA72}
2015-05-21 13:02 - 2015-05-21 13:03 - 00000000 ____D C:\Windows\system32\vbox
2015-05-21 12:52 - 2015-05-21 12:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-21 11:18 - 2015-05-21 11:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\{A159BB46-20C8-4923-BFD7-1B9B3B92EB9E}
2015-05-20 13:15 - 2015-05-20 13:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\{D1FB0108-07FA-437F-9A97-A09534B49E55}
2015-05-19 09:43 - 2015-05-19 09:43 - 00000000 ____D C:\Users\Administrator\AppData\Local\{0F2D45D9-FF5C-46B5-B01F-4ABD68CD81C6}
2015-05-18 10:17 - 2015-05-18 10:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\{6B81EFE9-D98C-4433-9719-07394B3803EE}
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-16 09:52 - 2010-10-24 22:53 - 01685495 _____ C:\Windows\WindowsUpdate.log
2015-06-16 09:29 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\rescache
2015-06-16 09:04 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-16 09:04 - 2009-07-14 07:34 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-16 09:01 - 2010-10-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-16 08:29 - 2012-06-25 14:19 - 06500750 _____ C:\XrxUsd.log
2015-06-16 08:27 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-15 17:04 - 2013-08-14 18:06 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 17:04 - 2010-10-24 18:39 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-15 16:54 - 2010-10-31 18:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2015-06-15 11:54 - 2010-10-24 19:26 - 00993980 _____ C:\Windows\system32\perfh01F.dat
2015-06-15 11:54 - 2010-10-24 19:26 - 00468902 _____ C:\Windows\system32\perfc01F.dat
2015-06-15 11:54 - 2010-10-24 18:25 - 00006264 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-15 11:49 - 2009-07-14 07:33 - 03763560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-15 11:44 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-06-15 11:44 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-06-15 11:44 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\bg-BG
2015-06-15 09:10 - 2010-10-24 20:22 - 00000039 _____ C:\Windows\vbaddin.ini
2015-06-12 15:40 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\system32\NDF
2015-06-12 14:51 - 2014-02-26 16:26 - 00000000 ____D C:\Program Files\Cheat Engine 6.3
2015-06-11 16:27 - 2010-10-29 10:05 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-11 11:19 - 2009-07-14 05:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-11 10:30 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Vss
2015-06-11 10:10 - 2014-10-02 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FirefoxToolbar
2015-06-11 10:10 - 2014-04-15 11:33 - 00000000 ____D C:\ProgramData\APN
2015-06-11 10:10 - 2014-02-26 16:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Popajar
2015-06-11 10:10 - 2014-02-07 16:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FunmoodsChat
2015-06-11 10:10 - 2012-07-09 10:24 - 00000000 ____D C:\Users\Librarian\AppData\Roaming\PerformerSoft
2015-06-11 10:10 - 2012-07-06 13:52 - 00000000 ____D C:\Users\Visitor\AppData\Roaming\PerformerSoft
2015-06-11 09:09 - 2010-10-29 17:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-06-11 09:09 - 2010-10-25 14:50 - 00000008 __RSH C:\Users\Administrator\ntuser.pol
2015-06-11 09:09 - 2010-10-25 14:50 - 00000000 ____D C:\Users\Administrator
2015-06-11 09:04 - 2013-04-11 15:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-11 08:40 - 2010-10-30 10:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2015-06-11 08:40 - 2010-10-24 19:51 - 00000000 ____D C:\ProgramData\Adobe
2015-06-11 08:31 - 2009-07-14 07:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 16:43 - 2012-09-11 14:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\BitComet
2015-06-10 15:06 - 2009-07-14 05:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-10 14:58 - 2009-07-14 07:52 - 00000000 ____D C:\Program Files\MSBuild
2015-06-10 14:57 - 2011-03-25 21:28 - 00000000 ____D C:\Windows\Panther
2015-06-10 14:56 - 2010-10-24 20:08 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-06-10 14:51 - 2014-02-21 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-10 14:51 - 2010-10-24 20:06 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-06-10 14:06 - 2010-10-24 19:51 - 00000000 ____D C:\Program Files\Adobe
2015-06-10 13:35 - 2009-07-14 05:04 - 00000710 _____ C:\Windows\win.ini
2015-06-09 13:58 - 2013-03-04 10:31 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 13:58 - 2013-03-04 10:31 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001098 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2012-04-17 12:11 - 00001076 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00001024 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2015-06-09 13:58 - 2011-04-04 16:21 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006UA.job
2015-06-09 13:58 - 2010-10-31 14:28 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1006Core.job
2015-06-08 16:10 - 2015-04-03 08:28 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 16:10 - 2011-03-25 20:30 - 00109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-08 16:09 - 2013-03-04 10:31 - 00000000 ____D C:\Program Files\Google
2015-06-08 16:08 - 2010-10-31 14:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-06-08 16:05 - 2013-09-05 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-06-08 16:05 - 2013-09-05 11:49 - 00000000 ____D C:\Program Files\Canon
2015-06-08 16:03 - 2013-01-03 11:43 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\calibre
2015-06-08 16:03 - 2013-01-03 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-06-08 15:54 - 2012-09-11 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Opera
2015-06-08 15:35 - 2012-06-13 13:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Opera
2015-06-08 15:34 - 2014-12-11 15:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape
2015-06-08 15:30 - 2013-06-21 10:16 - 00000000 ____D C:\Program Files\TeamViewer
2015-06-08 15:30 - 2012-11-22 12:50 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TeamViewer
2015-06-08 15:27 - 2010-10-30 13:58 - 00000000 ____D C:\Program Files\Windows Live
2015-06-08 15:22 - 2013-09-13 09:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\WebPlayer
2015-06-08 15:21 - 2012-04-26 10:02 - 140266064 _____ C:\xxbgtask.log
2015-06-08 15:12 - 2015-02-02 17:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\Unity
2015-06-08 08:42 - 2014-12-11 13:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-08 08:42 - 2014-05-10 08:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-05-29 09:16 - 2010-10-24 18:32 - 00000000 ____D C:\ProgramData\Skype
2015-05-26 12:52 - 2013-09-25 13:32 - 00000000 ___RD C:\Program Files\Skype
2015-05-21 12:52 - 2014-09-24 13:10 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-21 12:52 - 2014-09-24 13:10 - 00024144 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00209048 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-21 12:52 - 2013-03-04 09:35 - 00049904 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-21 12:52 - 2013-01-10 13:55 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
 
==================== Files in the root of some directories =======
 
2013-01-19 10:44 - 2013-01-19 10:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-09-23 12:52 - 2015-02-17 13:54 - 0000135 _____ () C:\Users\Administrator\AppData\Roaming\WB.CFG
2010-10-29 19:41 - 2014-09-12 13:09 - 0008082 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2010-10-26 17:33 - 2010-10-26 17:33 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg
 
Some files in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-15 12:25
 
==================== End of log ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Има остатъци от Microsoft Security Essentials, затова моля изпълнете инструкциите от секцията Решете моя проблем:

https://support.microsoft.com/bg-bg/kb/2483120

Накрая рестартирайте компютъра си.

Стъпка 2

Моля изтеглете icon1351185104.pngJunkware Removal Tool на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.
Стъпка 3
  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner.exe.
  • Натиснете бутона Scan.
  • AdwCleaner ще започне да проверява компютъра.
  • След като проверката приключи натиснете бутона Clean.
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.
  • Ще се появи автоматично лог файл с името (AdwCleaner[s0].txt) в C:\Adwcleaner
  • Публикувайте съдържанието му в следващия си коментар.
В следващия си коментар в тази тема, включете следните лог файлове:
  • Лог файл от Junkware Removal Tool
  • Лог файл от AdwCleaner
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Първата стъпка е невалиден уеб сайта

 

 
# AdwCleaner v4.206 - Logfile created 17/06/2015 at 12:55:06
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [server]
# Operating system : Windows 7 Enterprise Service Pack 1 (x86)
# Username : Administrator - GLBG1543PC02
# Running from : D:\Users\Administrator\Downloads\adwcleaner_4.206.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\saave net
Folder Deleted : C:\Program Files\saave net
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\Administrator\AppData\Local\Popajar
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\mixidj
Folder Deleted : C:\Users\Administrator\AppData\Roaming\FirefoxToolbar
Folder Deleted : D:\Users\Administrator\Documents\Mobogenie
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Librarian\AppData\Local\torch
Folder Deleted : C:\Users\Librarian\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Visitor\AppData\Local\torch
Folder Deleted : C:\Users\Visitor\AppData\Roaming\Movies Toolbar
Folder Deleted : C:\Users\Visitor\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dlabcihlajghaekmikmkncdhekcaaenl
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dlabcihlajghaekmikmkncdhekcaaenl
File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj
File Deleted : C:\Users\Administrator\daemonprocess.txt
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\services-sync.js
File Deleted : C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.blekko.com_0.localstorage
File Deleted : C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.blekko.com_0.localstorage-journal
File Deleted : C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
File Deleted : C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineUA
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.ContextMenu
Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.IconGenerator
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Logger
Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{3B96B73A-292C-31BF-A2D3-34DF54CBDB55}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{07430FF5-B7A6-3D5A-9F9B-2D7C57183B3B}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{0B764022-3741-345E-AB39-0A2A8577C5E0}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{A865D884-9B93-377B-A24D-12BF02DFF6D3}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{B0EBAFE9-ED42-34D1-B7D7-CBBE39A467CF}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{DE64992E-A184-3DA6-927A-DA3906A77D7B}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{F489A9AA-4924-32DF-AB6C-6EEE3A3C0A99}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{F5C7BCD8-0F63-34D0-BA9C-906545CD4020}
Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.Cookie
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieCollection
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieException
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListener
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListenerException
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpVersion
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.WebHeaderCollection
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.hxxpServer
Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.WebSocketServer
Key Deleted : HKCU\Software\5255dadae06eed12
Key Deleted : HKLM\SOFTWARE\5255dadae06eed12
Key Deleted : HKLM\SOFTWARE\fd381d96-c1fa-4ac8-bd39-1fca726d2d2b
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{270BE80F-7D12-3199-A5A6-C26956DC9B85}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{284BB344-E9D0-39E1-B44B-6D98A16E9B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{36906F02-A2B9-3047-9D5C-E05AF3E469E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{420E2C2E-80D9-3012-A43C-42241FB36D42}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93ABB6F7-F27A-3431-88ED-6939B451FF0D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AFF295ED-76F5-3BAC-81AE-74CD223F2F5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B59B2B9A-B0FD-32F2-AA3A-927ADA01CD81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E89856E4-1085-3BDF-87AA-8A81E422767E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8739A44-6C91-39E8-AA09-45DEF03E6C4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18A88C48-BC7B-35B3-BD38-74DED875FB28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\DSNR Labs
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKU\.DEFAULT\Software\bProtector
Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v23.0.0.0 (en-US)
 
[2bbrihkd.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.pnu_base", "{\"newVrsn\":\"237\",\"lastVrsn\":\"237\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":\"0\",\"lstMsgTs\":\"0\"}");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0200 (FLE Standard Time)");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1375438924");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.bic", "1403e8c683a828702119262ea5b5df0a");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1375438924);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22929470);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22929561);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1375773671239");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1375773671238");
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.crossriderapp2258@crossrider.com.install-event-fired", true);
[7m1w8icp.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "crossriderapp2258%40crossrider.com:0.81.50,testpilot%40labs.mozilla.com:1.2.2,wrc%40avast.com:8.0.1489,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0");
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=102&systemid=473&v=a13277-312&apn_uid=6962035003034258&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=102&systemid=473&v=a13277-312&apn_uid=6962035003034258&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : hidjnkeodmholilgafgdlgmgggbhnigl
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mpfapcdfbbledbojijcbcclmlieaoogk
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://rts.dsrlte.com?affID=na
[C:\Users\Visitor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}
 
-\\ Comodo Dragon v
 
 
-\\ Opera v0.0.0.0
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [17401 bytes] - [17/06/2015 12:47:32]
AdwCleaner[s0].txt - [17840 bytes] - [17/06/2015 12:55:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [17900  bytes] ##########
 

 

JRT.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не е възможно да не работи, защото аз го отварям.

Този е на български:

https://support.microsoft.com/bg-bg/kb/2483120

Този е на английски:

https://support.microsoft.com/en-us/kb/2483120

Ако е необходимо, опитайте с различни браузъри.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

мисля че се оправи благодаря

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Подобни теми

    • от Plamen_ruse
      От известно време ми се появи този проблем. Докато браузвам (независимо от браузера) ми се отварят допълнителни прозорци с реклами. Нямам усещане, че компютъра работи по-бавно от преди. 
       
       
      can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
      Ran by User (administrator) on DESKTOP-9A6KV1O (10-01-2019 21:03:43)
      Running from D:\Downloads
      Loaded Profiles: User (Available Profiles: User)
      Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
      (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (ESET) C:\Program Files\ESET\ESET Security\egui.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
      () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
      HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-12] (ESET)
      HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-619769886-4034110463-2982145271-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe [25972968 2018-12-22] (Spotify Ltd)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{d4f7e68d-b074-4387-bb66-200a4cfcbb5d}: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{dd5152f7-fb4e-44ba-b531-9721fa95320d}: [DhcpNameServer] 10.0.0.1
      Internet Explorer:
      ==================
      BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-16] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      FireFox:
      ========
      FF DefaultProfile: 5zp7ongo.default
      FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default [2019-01-06]
      FF Homepage: Mozilla\Firefox\Profiles\5zp7ongo.default -> www.google.bg
      FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-17]
      FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-07-28] [Legacy] [not signed]
      FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
      FF Plugin-x32: @huawei.com/NPPlugin -> C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll [2015-07-02] ()
      FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> hxxp://www.google.com/
      CHR StartupUrls: Default -> "hxxp://www.google.com/"
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Theme Creator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2017-07-21]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-21]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-21]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Floating for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2018-12-23]
      CHR Extension: (Video DownloadHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-01]
      CHR Extension: (IP домейн флаг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2017-12-29]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-21]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-13]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-06]
      CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-09-13]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
      CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-08]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-11-01]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-01]
      CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-16]
      CHR Extension: (Google Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-16]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-13]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-01-09]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-11]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-11]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-16]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-16]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-11]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-26]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-13]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-16]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-06-20]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-10]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-10]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-10]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-10]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-12]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc.)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
      R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-09-16] (Microsoft Corporation)
      R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
      S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
      S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe" [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-21] (Disc Soft Ltd)
      R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-09] (ESET)
      R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-09] (ESET)
      S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-08-27] (ESET)
      R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-08-27] (ESET)
      R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-08-27] (ESET)
      R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-08-27] (ESET)
      R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-08-27] (ESET)
      R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
      R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
      R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
      R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2018-04-12] (Realtek Semiconductor Corporation )
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 21:03 - 2019-01-10 21:03 - 000000000 ____D C:\FRST
      2019-01-08 20:52 - 2019-01-01 15:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
      2019-01-08 20:52 - 2019-01-01 15:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 15:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
      2019-01-08 20:52 - 2019-01-01 09:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2019-01-08 20:52 - 2019-01-01 09:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
      2019-01-08 20:52 - 2019-01-01 08:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
      2019-01-08 20:52 - 2019-01-01 08:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
      2019-01-08 20:52 - 2019-01-01 08:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
      2019-01-08 20:52 - 2019-01-01 08:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2019-01-08 20:52 - 2019-01-01 08:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 08:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 07:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
      2019-01-08 20:52 - 2018-12-19 06:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
      2019-01-06 00:59 - 2019-01-06 00:59 - 000141434 _____ C:\TDSSKiller.3.1.0.25_06.01.2019_00.59.11_log.txt
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbam
      2018-12-19 20:41 - 2018-12-14 09:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2018-12-19 20:41 - 2018-12-14 09:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 09:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
      2018-12-19 20:41 - 2018-12-14 08:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2018-12-19 20:41 - 2018-12-14 08:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Инструменти на Microsoft Office
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-12-13 18:52 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
      2018-12-12 21:25 - 2018-12-08 14:47 - 001786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
      2018-12-12 21:25 - 2018-12-08 14:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
      2018-12-12 21:25 - 2018-12-08 14:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
      2018-12-12 21:25 - 2018-12-08 14:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
      2018-12-12 21:25 - 2018-12-08 14:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
      2018-12-12 21:25 - 2018-12-08 14:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
      2018-12-12 21:25 - 2018-12-08 14:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 14:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 10:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
      2018-12-12 21:25 - 2018-12-08 10:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2018-12-12 21:25 - 2018-12-08 10:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
      2018-12-12 21:25 - 2018-12-08 09:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
      2018-12-12 21:25 - 2018-12-08 09:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2018-12-12 21:25 - 2018-12-08 09:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
      2018-12-12 21:25 - 2018-12-08 09:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2018-12-12 21:25 - 2018-12-08 09:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
      2018-12-12 21:25 - 2018-12-08 09:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
      2018-12-12 21:25 - 2018-12-08 09:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
      2018-12-12 21:25 - 2018-11-09 08:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2018-12-12 21:25 - 2018-11-09 07:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
      2018-12-12 21:25 - 2018-11-09 07:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
      2018-12-12 21:25 - 2018-11-09 07:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 07:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 04:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
      2018-12-12 21:25 - 2018-11-09 04:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 04:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
      2018-12-12 21:25 - 2018-11-09 04:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
      2018-12-12 21:25 - 2018-11-09 04:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2018-12-12 21:25 - 2018-11-09 04:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
      2018-12-12 21:25 - 2018-11-09 04:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
      2018-12-12 21:25 - 2018-11-09 04:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 03:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 03:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 03:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2018-12-12 21:24 - 2018-12-08 14:48 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 001627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
      2018-12-12 21:24 - 2018-12-08 14:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:43 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
      2018-12-12 21:24 - 2018-12-08 14:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
      2018-12-12 21:24 - 2018-12-08 14:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
      2018-12-12 21:24 - 2018-12-08 14:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
      2018-12-12 21:24 - 2018-12-08 10:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
      2018-12-12 21:24 - 2018-12-08 10:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
      2018-12-12 21:24 - 2018-12-08 10:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
      2018-12-12 21:24 - 2018-12-08 10:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
      2018-12-12 21:24 - 2018-12-08 10:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
      2018-12-12 21:24 - 2018-12-08 10:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
      2018-12-12 21:24 - 2018-12-08 09:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
      2018-12-12 21:24 - 2018-12-08 09:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
      2018-12-12 21:24 - 2018-12-08 09:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
      2018-12-12 21:24 - 2018-12-08 09:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
      2018-12-12 21:24 - 2018-12-08 09:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-12-08 09:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2018-12-12 21:24 - 2018-12-08 09:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
      2018-12-12 21:24 - 2018-12-08 09:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-11-09 08:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
      2018-12-12 21:24 - 2018-11-09 07:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
      2018-12-12 21:24 - 2018-11-09 07:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
      2018-12-12 21:24 - 2018-11-09 07:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2018-12-12 21:24 - 2018-11-09 04:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 04:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 04:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
      2018-12-12 21:24 - 2018-11-09 04:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 04:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
      2018-12-12 21:24 - 2018-11-09 04:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
      2018-12-12 21:24 - 2018-11-09 04:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
      2018-12-12 21:24 - 2018-11-09 04:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
      2018-12-12 21:24 - 2018-11-09 03:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
      2018-12-12 21:24 - 2018-11-09 03:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 03:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 03:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 20:59 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2019-01-10 19:30 - 2018-09-16 16:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2019-01-09 18:35 - 2018-09-16 16:27 - 001532434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2019-01-09 18:35 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
      2019-01-09 18:35 - 2017-07-30 15:50 - 000536072 _____ C:\WINDOWS\system32\perfh002.dat
      2019-01-09 18:35 - 2017-07-30 15:50 - 000162902 _____ C:\WINDOWS\system32\perfc002.dat
      2019-01-09 18:29 - 2018-09-16 16:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2019-01-08 23:43 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
      2019-01-08 21:01 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
      2019-01-08 20:25 - 2018-09-16 16:31 - 000004550 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2019-01-08 20:21 - 2018-09-16 16:31 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2019-01-07 22:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
      2019-01-06 23:41 - 2017-12-25 22:05 - 000000000 ____D C:\Users\User\Desktop\1
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2019-01-06 00:39 - 2017-07-19 16:04 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
      2019-01-06 00:39 - 2017-07-19 15:57 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
      2019-01-05 19:20 - 2017-07-19 16:01 - 000000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
      2019-01-05 18:45 - 2017-07-20 10:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-01-04 19:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
      2019-01-03 22:12 - 2017-08-09 19:30 - 000001456 _____ C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      2019-01-02 21:41 - 2018-04-12 01:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2019-01-02 21:41 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2019-01-01 20:39 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2018-12-25 00:42 - 2017-07-21 09:01 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
      2018-12-23 23:24 - 2018-02-23 22:15 - 000000000 ____D C:\Users\User\AppData\Local\Packages
      2018-12-23 10:06 - 2017-07-21 21:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения в Chrome
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003518 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003394 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-12-20 19:17 - 2018-09-16 16:31 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-619769886-4034110463-2982145271-1001
      2018-12-20 19:17 - 2018-09-16 16:16 - 000002388 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-12-20 19:17 - 2017-07-19 09:25 - 000000000 ___RD C:\Users\User\OneDrive
      2018-12-16 17:01 - 2017-07-21 09:02 - 000000000 ____D C:\ProgramData\TEMP
      2018-12-16 16:29 - 2017-07-20 10:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2018-12-14 00:22 - 2017-09-16 08:33 - 000000000 ____D C:\Program Files (x86)\Audacity
      2018-12-13 23:56 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Google
      2018-12-13 23:54 - 2018-09-09 15:45 - 000000000 ___DC C:\WINDOWS\Panther
      2018-12-13 18:42 - 2018-02-23 22:31 - 000000000 ___RD C:\Users\User\3D Objects
      2018-12-13 18:42 - 2016-11-21 09:30 - 000000000 __RHD C:\Users\Public\AccountPictures
      2018-12-13 18:40 - 2018-09-16 16:13 - 000401856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
      ==================== Files in the root of some directories =======
      2017-12-25 22:02 - 2017-12-25 22:02 - 000000128 ____H () C:\Users\User\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
      2017-08-09 19:30 - 2019-01-03 22:12 - 000001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-09-16 16:12
      ==================== End of FRST.txt ============================
      Addition.txt
    • от B0rn T0 P0rN (Forest*)
      Нещо не схванах каква е цялата схема на раздела, но моето не е чак толкова голям проблем. Изтеглих си Bandicam от "някакъв" сайт, но когато тръгнах да го инсталирам ми изкара прозорче, в което искаше да му дам достъп като админ, за да продължи инсталацията. Направи ми впечатление, че искаше да инсталира някакъв друг software и направо му цъкнах Cancel, след това компютъра заби за около 1-2 секунди, отворих Task manager-a, поне над 6-7 процеса (непознати) работеха, както и да е, инсталира ми някакви програмки, премахнах ги, всичко ток ама без жицата. Остана един друг проблееем.. Сега от цялата история остана един AD който не намирам начин да го премахна.. Гледах, суках, струвах, изтеглих Junkware Removal Tool-a дето уж щял да помогне но уви, не помогна. Ето ей таз глупост не успявам да я премахна > ЦЪК < На антивирустни изобщо не се доверявам, хем компютъра цикли повече от тях, хем двойно повече вируси се бъкат.. Абе като дъвка са за вирусите. Ето и log-a след края на JRT; 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Ultimate x64 Ran by idk (Administrator) on ўв 15.01.2019 Ј. at 3:38:08,89 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 17 Failed to delete: C:\Program Files (x86)\proxygate (Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ўв 15.01.2019 Ј. at 3:40:09,86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Само ми направи впечатление ей това > "Failed to delete: C:\Program Files (x86)\proxygate (Folder)", нещо ми е много мерак да го изтрия ръчно?
    • от legolas69
      Здравейте, въпросният лаптоп се използва от майка ми за ежедневни дейности и то рядко. При стартирането на системата ESET засича PUP.Optional.Reimage, позволих си да сканирам с Malwarebytes, БЕЗ да предприемам действия. Каква е тази папка и има ли нещо притеснително ? Благодаря предварително. 
      Addition.txt
      FRST.txt
      malwarebytes.txt
    • от v3cko
      Здравейте и за много години,моят проблем хром бавно отваря забива и се срива- отварят се по няколко страници . В момента съм safe mode иначе забива
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2019
      Ran by ВЕС (administrator) on WIN-SKFJ6HLGST2 (03-01-2019 20:43:32)
      Running from C:\Users\ВЕС\Downloads
      Loaded Profiles: ВЕС (Available Profiles: ВЕС)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Safe Mode (with Networking)
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [DHY0GM3ATCSFE7M] => "C:\Program Files\x0h1djdcnoe\3OQCH.exe"
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\MountPoints2: {41be252d-0f82-11e9-a624-002713343a56} - F:\Lenovo_Suite.exe
      HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-03] (Google Inc.)
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{840DEA2A-8553-4D25-A5FB-7DB86C5BFBE5}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EE11610E-0BCC-42A7-A0AC-89B4A3B92BF1}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3512987231-521144983-709920193-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_754_190103&q={searchTerms}
      BHO: YoutubeAdBlock -> {984AFA40-4BEC-457F-AEDE-FE3404A646FA} -> C:\Program Files\VKkhWVSisIE\kwTiXoR.dll => No File
      FireFox:
      ========
      FF ProfilePath: C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default [2019-01-03]
      FF user.js: detected! => C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
      FF Extension: (NewsFox) - C:\Users\ВЕС\Downloads\k-meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-01-04] [Legacy] [not signed]
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      Chrome: 
      =======
      CHR HomePage: Default -> hxxp://google.bg/
      CHR Profile: C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default [2019-01-03]
      CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-01-03]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-03]
      CHR Extension: (Chrome Media Router) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      "qamplvkj" => service was unlocked. <==== ATTENTION
      S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [375776 2018-12-12] (Google Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
      S2 qamplvkj; C:\Windows\system32\qamplvkj\dfaricjc.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
      S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
      S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-03] (Malwarebytes)
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2019-01-03] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2019-01-03] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-03] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2019-01-03] (Malwarebytes)
      U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      2019-01-04 03:14 - 2019-01-04 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
      2019-01-04 03:10 - 2019-01-03 18:31 - 000000000 ____D C:\Windows\Panther
      2019-01-04 03:03 - 2019-01-04 03:03 - 000000000 ____D C:\Windows.old
      2019-01-03 20:43 - 2019-01-03 20:43 - 001783808 _____ (Farbar) C:\Users\ВЕС\Downloads\FRST.exe
      2019-01-03 20:43 - 2019-01-03 20:43 - 000007564 _____ C:\Users\ВЕС\Downloads\FRST.txt
      2019-01-03 20:43 - 2019-01-03 20:43 - 000000000 ____D C:\FRST
      2019-01-03 20:18 - 2019-01-03 20:18 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2019-01-03 20:03 - 2019-01-03 20:03 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbam
      2019-01-03 20:02 - 2019-01-03 20:42 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbamtray
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
      2019-01-03 20:02 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
      2019-01-03 20:00 - 2019-01-03 20:01 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
      2019-01-03 19:40 - 2019-01-03 20:03 - 000000000 ____D C:\ProgramData\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 029162424 _____ (Adlice Software ) C:\Users\ВЕС\Downloads\RogueKiller_setup.exe
      2019-01-03 19:40 - 2019-01-03 19:40 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\Program Files\RogueKiller
      2019-01-03 19:34 - 2019-01-03 20:42 - 000265284 _____ C:\Windows\ntbtlog.txt
      2019-01-03 19:30 - 2019-01-03 19:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\teiqv2gvtfm
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\imgn0qmwmwh
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\acysy1vaoki
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:09 - 2019-01-03 19:09 - 000000009 _____ C:\Users\ВЕС\rstr1.ini
      2019-01-03 19:08 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\3zxuksmazmq
      2019-01-03 19:07 - 2019-01-03 19:07 - 000000258 __RSH C:\Users\ВЕС\ntuser.pol
      2019-01-03 19:04 - 2019-01-03 19:04 - 000000000 ____D C:\Windows\system32\qamplvkj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\vi5lm2mflim
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\sq0zlve2tqj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\qc1oa2vrskn
      2019-01-03 19:02 - 2019-01-03 19:02 - 000000000 ____D C:\Users\ВЕС\AppData\LocalLow\yHNPHHIzKpsCK
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\423viiu5lfu
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Michael
      2019-01-03 19:01 - 2019-01-03 19:19 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ShopMore
      2019-01-03 19:01 - 2019-01-03 19:07 - 000002964 __RSH C:\ProgramData\ntuser.pol
      2019-01-03 19:01 - 2019-01-03 19:01 - 000493800 _____ (VideoDriver) C:\Windows\D04DE5140B2D.sys
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Python
      2019-01-03 19:00 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ezc3lfxnx4j
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ C:\Users\ВЕС\AppData\Local\wbem.ini
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{AC10FE2E-1A46-0496-3E07-15883EE04CD9}
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{59403C6F-D807-F1C6-7FC5-457D7F221C2C}
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\Users\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000000000 ____H C:\d85105b2d85102533b.lock
      2019-01-03 18:56 - 2019-01-03 18:56 - 000000000 ____D C:\ProgramData\HCRGWPOIZH4OHCKX91M2
      2019-01-03 18:56 - 2015-08-03 08:53 - 000384000 _____ (SafeIP) C:\Windows\system32\SafeIPs.dll
      2019-01-03 18:55 - 2019-01-03 20:05 - 000000000 ____D C:\Program Files\KMSPico 10.2.1 Final
      2019-01-03 18:53 - 2018-12-10 23:04 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2019-01-03 18:48 - 2019-01-03 18:48 - 001259736 _____ (Plarium) C:\Users\ВЕС\Downloads\PlariumPlaySetup (1).exe
      2019-01-03 18:46 - 2019-01-03 18:46 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Package Cache
      2019-01-03 18:45 - 2019-01-03 19:03 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Mozilla
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\K-Meleon
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Local\K-Meleon
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Plarium
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\CEF
      2019-01-03 18:39 - 2019-01-03 18:39 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Google
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2019-01-03 18:37 - 2019-01-03 19:02 - 000000000 ____D C:\Program Files\Google
      2019-01-03 18:37 - 2019-01-03 19:00 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Google
      2019-01-03 18:37 - 2019-01-03 18:37 - 000057560 _____ C:\Users\ВЕС\AppData\Local\GDIPFONTCACHEV1.DAT
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Deployment
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Apps\2.0
      2019-01-03 18:36 - 2014-05-14 17:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2019-01-03 18:36 - 2014-05-14 17:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2019-01-03 18:36 - 2014-05-14 17:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2019-01-03 18:36 - 2014-05-14 17:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2019-01-03 18:36 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2019-01-03 18:36 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2019-01-03 18:33 - 2019-01-03 19:53 - 000001335 _____ C:\Users\ВЕС\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2019-01-03 18:33 - 2019-01-03 19:09 - 000000000 ____D C:\Users\ВЕС
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000020 ___SH C:\Users\ВЕС\ntuser.ini
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000000 ____D C:\Users\ВЕС\AppData\Local\VirtualStore
      2019-01-03 18:33 - 2010-11-21 01:46 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Media Center Programs
      2019-01-03 16:27 - 2019-01-03 16:27 - 000000000 ____D C:\My Drivers
      2018-12-30 08:50 - 2018-12-30 08:50 - 005183296 _____ (Marcin Szeniak ) C:\Users\ВЕС\Downloads\BCUninstaller_4.12.1_setup.exe
      2018-12-29 13:35 - 2018-12-29 13:35 - 000000000 ____D C:\SWSetup
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2019-01-04 03:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep
      2019-01-04 03:12 - 2010-11-21 01:46 - 000000000 ____D C:\Windows\CSC
      2019-01-04 03:10 - 2009-07-14 05:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
      2019-01-03 20:30 - 2010-11-20 22:01 - 000713888 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-01-03 20:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
      2019-01-03 20:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 19:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\GroupPolicy
      2019-01-03 18:57 - 2018-08-11 19:54 - 000000000 ____D C:\Intel
      2019-01-03 18:57 - 2017-10-21 13:53 - 000000000 ____D C:\LFS
      2019-01-03 18:57 - 2017-09-25 20:50 - 000000000 ___RD C:\BECKO-PC
      2019-01-03 18:57 - 2017-04-14 15:10 - 000036892 ____H C:\iCS Source.suo.nybmyxmig
      2019-01-03 18:33 - 2009-07-14 05:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-01-03 18:31 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries
      2019-01-03 17:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
      2019-01-03 15:34 - 2018-08-11 14:17 - 000000000 ____D C:\Users\ВЕС\Downloads\k-meleon
      2019-01-01 13:09 - 2018-09-02 13:32 - 000000000 ____D C:\Users\ВЕС\Documents\TalkHelper
      ==================== Files in the root of some directories =======
      1601-01-03 21:26 - 1601-01-03 21:26 - 000186368 ____N (Microsoft Corporation) C:\Users\ВЕС\AppData\Local\aIQEonJ.exe
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ () C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ () C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ () C:\Users\ВЕС\AppData\Local\wbem.ini
      Some files in TEMP:
      ====================
      2019-01-03 18:56 - 2019-01-03 18:56 - 000710464 _____ () C:\Users\ВЕС\AppData\Local\Temp\3.exe
      2019-01-03 19:00 - 2019-01-03 19:00 - 001312696 _____ (                                                            ) C:\Users\ВЕС\AppData\Local\Temp\fastdatax.exe
      2019-01-03 19:09 - 2019-01-03 20:19 - 000000000 ____D () C:\Users\ВЕС\AppData\Local\Temp\IEShims.dll
      2019-01-03 19:00 - 2019-01-03 19:00 - 003520512 _____ () C:\Users\ВЕС\AppData\Local\Temp\installer_mi.exe
      2019-01-03 18:56 - 2019-01-03 18:56 - 002715792 _____ (SafeIP, LLC.                                                ) C:\Users\ВЕС\AppData\Local\Temp\update.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-01-04 03:11
      ==================== End of FRST.txt ===========================
      Addition.txt

    • от Шабан Талипов
      Някой може ли дами помогне, тази грешка забранява достъпа на обновление на windows-a и не позволява включването на защитната стена. Пробвах с антивирусна програма bitdefender без успех
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.