Премини към съдържанието
Aneliya Beaton

Лаптопа ми е заразен - изкачат ми реклами и не мога да изтрия DREGOL

Препоръчан отговор


Здравейте,

 

Пиша по повод, проблем който се появи напоследък с лаптопа ми...

 

По най-глупавия начин го омазах отново.

 

Исках да сваля и инсталирам програма, която ъпдейтва фотошопа да чете raw файлове, нещо не стана с линка на официялната сраница на adobe и аз си свалих първото exe, което намерих (обещаваха последния и най-акруален плъгин за фотошоп - и аз им повярвах).
 

Много скоро разбрах грешката, но беше късно.....

Спях всякакви понататъшни инсталации и отворих Programs and Features...оказа се, че има поне 20-тина приложения (включително  и едно с името Remote Desktop), инсталирани същия ден, за които нищо не знам.

 

С много упоритост деинсталирах почти всички (поне аз така мисля), но следи са останали, защото по никой начин не мога да дезинсталирам едно приложение (някаква търсачка) под името DREGOL,  а също така постоянно ми изкачат реклами.

 

Освен това Windows Defender - единствената антивирусна, която ползвам, постояно ми засичаше опити интервенция от страна на Trojan Downloader или нещо такова (последните няколко часа не са се появявали нови опити, но знам ли...?)

 

Тка че... 

 

HELP!!!!! :crying10:

 

 

Относно компютъра ми:

SONY - 64 bit
Windows 8
 

 

___________________

 

 

А ето и съдържанието на FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Aneliya (administrator) on LUKE on 11-06-2015 21:12:39
Running from C:\Users\Aneliya\Desktop
Loaded Profiles: Aneliya (Available Profiles: Aneliya)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Abengine) C:\Program Files (x86)\HighlightSearches\abengine.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
( ) C:\Windows\System32\dleacoms.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\nsrA3B8.tmp
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Hotspot Privacy\bin\openvpnas.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(SA International) C:\Windows\SysWOW64\SAiAdmin.exe
(SA International) C:\Program Files (x86)\FlexiSTARTER 10.5 LiYu Edition1\Program\SAiDownloaderVistaUI.exe
(SA International) C:\Windows\SysWOW64\SAiDownloaderVista.exe
(SA International) C:\Windows\SysWOW64\SAiLicSvr.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Coupoon\UpdateCheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\jnse6D27.tmp
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\hnsu87D5.tmp
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Bamboo Dock\Apps\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Symantec Corporation) C:\Program Files (x86)\Norton Hotspot Privacy\bin\openvpntray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iSBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-04-15] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [bambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-12-30] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-04-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [mbot_gb_599] => [X]
HKLM-x32\...\Run: [gmsd_gb_428] => [X]
HKLM-x32\...\Run: [gmsd_gb_432] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\My Broadband\My Broadband
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [Viber] => C:\Users\Aneliya\AppData\Local\Viber\Viber.exe [80036560 2015-05-25] ()
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [GoogleChromeAutoLaunch_2A49636DFC615F2944304000BBB40071] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.)
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [WindApp] => "C:\Users\Aneliya\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [selection Tools] => "C:\Users\Aneliya\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [PCPrivacyDock] => "C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe" /minimized
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\Run: [GoogleChromeAutoLaunch_4BC2F3FF76062F858098F36BEAA87F75] => C:\Users\Aneliya\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-04] (The Chromium Authors)
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {36354956-cb58-11e4-bf02-a41731e5d3b4} - "F:\TotalLock.exe" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {5e487ce9-c0e0-11e4-befe-a41731e5d3b4} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {5e487d99-c0e0-11e4-befe-a41731e5d3b4} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {d23c950d-8ff3-11e4-824f-806e6f6e6963} - "D:\SETUP.EXE" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {e5b4ea59-d4d3-11e4-bf08-a41731e5d3b4} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {e5b4eb6b-d4d3-11e4-bf08-a41731e5d3b4} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\...\MountPoints2: {e5b4eb7b-d4d3-11e4-bf08-a41731e5d3b4} - "G:\AutoRun.exe" 
AppInit_DLLs-x32: C:\PROGRA~3\{FC621~1\1172~1.1\ciri.dll => C:\ProgramData\{FC6214A1-ACE0-C527-1D66-B5A5CDE4662B}\1.17.2.1\ciri.dll [781312 2015-06-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-01-10]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-06-10]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-30]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Aneliya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-09-06]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Bamboo Dock\Apps\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-09] (Autodesk, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:61775;https=127.0.0.1:61775
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu
HKU\S-1-5-21-2134122012-985867511-3032921148-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2134122012-985867511-3032921148-1001 -> {E29833B0-F78E-46F6-B3CD-D5AE3312EDF4} URL = http://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=http://shop.ebay.co.uk/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-17] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-05] (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: No Name -> {d0174004-bb12-464b-b666-9ba9bdbd750a} ->  No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-17] (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-17] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: No Name -> {d0174004-bb12-464b-b666-9ba9bdbd750a} ->  No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-17] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-04-29] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2134122012-985867511-3032921148-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\abengine.dll [341952 2015-06-09] (Abengine)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\abengine.dll [341952 2015-06-09] (Abengine)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\abengine.dll [341952 2015-06-09] (Abengine)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\abengine.dll [341952 2015-06-09] (Abengine)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\abengine.dll [341952 2015-06-09] (Abengine)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\abengine64.dll [409168 2015-06-09] (Abengine)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\abengine64.dll [409168 2015-06-09] (Abengine)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\abengine64.dll [409168 2015-06-09] (Abengine)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\abengine64.dll [409168 2015-06-09] (Abengine)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\abengine64.dll [409168 2015-06-09] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-07-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-17] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-30] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-09-28] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2134122012-985867511-3032921148-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-04-15] (Intel)
FF Plugin HKU\S-1-5-21-2134122012-985867511-3032921148-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-04-15] (Intel)
FF Plugin HKU\S-1-5-21-2134122012-985867511-3032921148-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF HKLM\...\Firefox\Extensions: [{d0174004-bb12-464b-b666-9ba9bdbd750a}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-02-04]
FF HKLM-x32\...\Firefox\Extensions: [{d0174004-bb12-464b-b666-9ba9bdbd750a}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
CHR Extension: (Google Docs) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Google Drive) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01]
CHR Extension: (Google Search) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01]
CHR Extension: (Google Sheets) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
CHR Extension: (dregol New Tab) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2015-06-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-20]
CHR Extension: (Google Wallet) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-10]
CHR Extension: (Gmail) - C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2134122012-985867511-3032921148-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 abengine; C:\Program Files (x86)\HighlightSearches\abengine.exe [2329600 2015-04-22] (Abengine) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations) [File not signed]
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-09-07] (Autodesk)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 CoupoonService64; C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe [172344 2015-04-02] ()
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-05-08] (Fork Ltd.) [File not signed]
R2 dlea_device; C:\WINDOWS\system32\dleacoms.exe [1054888 2009-07-01] ( )
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-06] (WildTangent)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 jujotyxu; C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\nsrA3B8.tmp [745984 2015-06-11] () [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 NortonHotspotService; C:\Program Files (x86)\Norton Hotspot Privacy\bin\openvpnas.exe [475984 2013-03-06] (Symantec Corporation)
S3 NortonTrayService; C:\Program Files (x86)\Norton Hotspot Privacy\bin\NortonTrayService.EXE [78040 2013-03-06] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-30] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 SAiAdmin; C:\Windows\SysWOW64\SAiAdmin.exe [65536 2011-10-12] (SA International) [File not signed]
R2 SAiDownloader; C:\Program Files (x86)\FlexiSTARTER 10.5 LiYu Edition1\Program\SAiDownloaderVistaUI.exe [417792 2011-10-12] (SA International) [File not signed]
R2 SAiDownloaderVista; C:\Windows\SysWOW64\SAiDownloaderVista.exe [77824 2011-10-12] (SA International) [File not signed]
R2 SAiLicSvr; C:\Windows\SysWOW64\SAiLicSvr.exe [86016 2007-12-19] (SA International) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UpdateCheck; C:\Program Files (x86)\Coupoon\UpdateCheck.exe [53040 2015-06-11] ()
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 xoperoze; C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\jnse6D27.tmp [219136 2015-06-09] () [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros) [File not signed]
R2 zedepory; C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D\hnsu87D5.tmp [166912 2015-06-09] () [File not signed]
S2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ampa; C:\Windows\system32\ampa.sys [15288 2011-12-26] () [File not signed]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [12728 2011-12-26] () [File not signed]
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-23] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-02-01] (Emsisoft GmbH)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-06-09] (DT Soft Ltd)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2015-04-02] (NetFilterSDK.com)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-06-11] (Greatis Software)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2015-01-26] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 SNTUSB64; C:\Windows\System32\drivers\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 tapnhp6; C:\Windows\system32\DRIVERS\tapnhp6.sys [41560 2013-03-06] (Symantec Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 21:12 - 2015-06-11 21:13 - 00041227 _____ C:\Users\Aneliya\Desktop\FRST.txt
2015-06-11 20:39 - 2015-06-11 20:39 - 02108928 _____ (Farbar) C:\Users\Aneliya\Desktop\FRST64.exe
2015-06-11 20:34 - 2015-06-11 20:38 - 00000000 ____D C:\Users\Aneliya\Desktop\All Icons
2015-06-11 20:16 - 2015-06-11 20:16 - 00004104 _____ C:\WINDOWS\System32\Tasks\Dregol ciri
2015-06-11 20:16 - 2015-06-11 20:16 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Run_dregol
2015-06-11 20:16 - 2015-06-11 20:16 - 00000000 ____D C:\ProgramData\{FC6214A1-ACE0-C527-1D66-B5A5CDE4662B}
2015-06-11 20:16 - 2015-06-11 20:16 - 00000000 ____D C:\Program Files (x86)\Run_Dregol
2015-06-11 19:42 - 2015-06-11 19:42 - 00116120 _____ C:\WINDOWS\SysWOW64\rsslogs.20150611194125
2015-06-11 19:32 - 2015-06-11 19:32 - 00010105 _____ C:\WINDOWS\SysWOW64\rsslogs.20150611193141
2015-06-11 19:02 - 2015-06-11 19:02 - 00036582 _____ C:\WINDOWS\SysWOW64\rsslogs.20150611190107
2015-06-11 18:48 - 2015-06-11 18:48 - 00000000 ____D C:\ProgramData\RegRun
2015-06-11 18:42 - 2015-06-11 19:30 - 00003320 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2015-06-11 18:42 - 2015-06-11 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-06-11 18:42 - 2015-06-11 18:58 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-06-11 18:42 - 2015-06-11 18:42 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2015-06-11 18:42 - 2015-06-11 18:42 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-06-11 18:42 - 2015-06-11 18:42 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-06-11 18:42 - 2015-06-11 18:42 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-06-11 18:42 - 2015-06-11 18:42 - 00000000 ____D C:\Users\Aneliya\Documents\RegRun2
2015-06-11 18:42 - 2015-05-11 15:49 - 00012800 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2015-06-11 18:41 - 2015-06-11 19:31 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2015-06-11 18:38 - 2015-06-11 18:38 - 00000000 ____D C:\Users\Aneliya\Downloads\unhackme
2015-06-11 18:21 - 2015-06-11 18:21 - 17115007 _____ C:\Users\Aneliya\Downloads\unhackme.zip
2015-06-11 15:32 - 2015-06-11 15:32 - 00148481 _____ C:\WINDOWS\SysWOW64\rsslogs.20150611153123
2015-06-11 10:27 - 2015-06-11 10:27 - 00131335 _____ C:\WINDOWS\SysWOW64\rsslogs.20150611102602
2015-06-11 00:04 - 2015-06-11 00:04 - 00000043 _____ C:\Users\Aneliya\AppData\Roaming\WB.CFG
2015-06-10 21:28 - 2015-06-10 21:28 - 00238621 _____ C:\WINDOWS\SysWOW64\rsslogs.20150610212720
2015-06-10 19:20 - 2015-06-10 19:20 - 00000000 ____D C:\Users\Aneliya\Downloads\setup
2015-06-10 19:05 - 2015-06-10 19:05 - 00000000 ____D C:\Users\Aneliya\AppData\Local\Chromium
2015-06-10 19:04 - 2015-06-11 20:16 - 00002648 _____ C:\WINDOWS\System32\Tasks\Run_dregol
2015-06-10 19:04 - 2015-06-11 20:16 - 00000310 _____ C:\WINDOWS\Tasks\Run_dregol.job
2015-06-10 19:02 - 2015-06-10 19:02 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2015-06-10 19:01 - 2015-06-10 19:01 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-06-10 19:01 - 2015-06-10 19:01 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-06-10 19:01 - 2015-06-10 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2015-06-10 18:57 - 2015-06-10 18:59 - 197872944 _____ C:\Users\Aneliya\Downloads\setup.zip
2015-06-10 18:44 - 2015-06-10 18:45 - 112613355 _____ C:\Users\Aneliya\Downloads\Unconfirmed 421859.crdownload
2015-06-10 18:25 - 2015-06-10 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-06-10 18:25 - 2015-06-10 18:27 - 00000000 ____D C:\Program Files (x86)\Canon
2015-06-10 18:23 - 2015-06-11 15:36 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\canon
2015-06-10 18:23 - 2015-06-10 18:23 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2015-06-10 07:25 - 2015-06-10 18:15 - 00360448 _____ C:\Users\Aneliya\Documents\Database1.accdb
2015-06-10 04:19 - 2015-05-27 15:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 04:19 - 2015-05-27 15:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 04:19 - 2015-05-25 14:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 04:19 - 2015-05-25 14:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 04:19 - 2015-05-23 04:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 04:19 - 2015-05-23 04:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 04:19 - 2015-05-23 04:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 04:19 - 2015-05-23 04:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 04:19 - 2015-05-23 04:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 04:19 - 2015-05-23 03:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 04:19 - 2015-05-23 03:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 04:19 - 2015-05-23 03:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 04:19 - 2015-05-23 03:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 04:19 - 2015-05-23 03:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 04:19 - 2015-05-23 03:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 04:19 - 2015-05-23 03:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 04:19 - 2015-05-23 03:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 04:19 - 2015-05-23 03:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 04:19 - 2015-05-23 03:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 04:19 - 2015-05-23 03:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 04:19 - 2015-05-22 20:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 04:19 - 2015-05-22 20:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 04:19 - 2015-05-22 20:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 04:19 - 2015-05-22 19:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 04:19 - 2015-05-22 19:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 04:19 - 2015-05-22 19:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 04:19 - 2015-05-22 19:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 04:19 - 2015-05-22 19:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 04:19 - 2015-05-22 19:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 04:19 - 2015-05-22 19:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 04:19 - 2015-05-22 19:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 04:19 - 2015-05-22 18:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 04:19 - 2015-05-22 18:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 04:19 - 2015-05-22 18:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 04:19 - 2015-05-22 18:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 04:19 - 2015-05-22 18:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 04:19 - 2015-04-25 03:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 04:19 - 2015-04-25 03:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 04:19 - 2015-04-16 07:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 04:19 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 04:19 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 04:19 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 04:19 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 04:19 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 04:19 - 2015-04-01 23:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 04:19 - 2015-04-01 23:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 04:19 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 04:19 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 04:19 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 04:19 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 04:19 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 04:19 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 04:19 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 04:19 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 04:19 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 04:19 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 04:19 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 04:19 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 04:19 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 04:18 - 2015-05-23 03:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 04:18 - 2015-05-23 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 04:18 - 2015-05-22 19:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 04:18 - 2015-05-22 19:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 04:18 - 2015-05-22 19:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 04:18 - 2015-05-22 19:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 04:18 - 2015-05-21 17:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 20:46 - 2015-06-10 21:28 - 00635121 _____ C:\WINDOWS\SysWOW64\rsslogs.20150609204549
2015-06-09 20:36 - 2015-06-09 20:36 - 00000000 ____D C:\ProgramData\e34df67a00002b93
2015-06-09 20:28 - 2015-06-11 20:28 - 00001034 _____ C:\WINDOWS\Tasks\124Iith9Cu4Xrajyk4g2oO.job
2015-06-09 20:28 - 2015-06-09 20:28 - 00004038 _____ C:\WINDOWS\System32\Tasks\124Iith9Cu4Xrajyk4g2oO
2015-06-09 20:27 - 2015-06-11 14:33 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-09 20:27 - 2015-06-09 20:27 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-09 20:27 - 2015-06-09 20:27 - 00000000 ____D C:\Users\Aneliya\AppData\Local\globalUpdate
2015-06-09 20:26 - 2015-06-09 20:26 - 00000918 _____ C:\WINDOWS\SysWOW64\${LOGFILE}
2015-06-09 20:24 - 2015-06-09 20:24 - 00003164 _____ C:\WINDOWS\System32\Tasks\{BE640BC3-F352-4CC0-8C8A-D85DE3D9EFF2}
2015-06-09 20:23 - 2015-06-11 20:23 - 00000354 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job
2015-06-09 20:23 - 2015-06-11 14:23 - 00000000 ____D C:\ProgramData\{aa305602-59ac-0af4-aa30-0560259a5809}
2015-06-09 20:23 - 2015-06-09 20:23 - 00003244 _____ C:\WINDOWS\System32\Tasks\Bidaily Synchronize Task[3c32]
2015-06-09 20:22 - 2015-06-09 20:22 - 00000000 ____D C:\Program Files (x86)\predm
2015-06-09 20:19 - 2015-06-09 20:45 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP3.job
2015-06-09 20:19 - 2015-06-09 20:45 - 00000376 _____ C:\WINDOWS\Tasks\APSnotifierPP2.job
2015-06-09 20:19 - 2015-06-09 20:39 - 00000378 _____ C:\WINDOWS\Tasks\APSnotifierPP1.job
2015-06-09 20:19 - 2015-06-09 20:19 - 00002812 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP1
2015-06-09 20:19 - 2015-06-09 20:19 - 00002810 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP3
2015-06-09 20:19 - 2015-06-09 20:19 - 00002810 _____ C:\WINDOWS\System32\Tasks\APSnotifierPP2
2015-06-09 20:15 - 2015-06-09 20:15 - 00613255 _____ (CMI Limited) C:\Users\Aneliya\AppData\Local\nst9DD6.tmp
2015-06-09 20:15 - 2015-06-09 20:15 - 00000000 __SHD C:\Users\Aneliya\AppData\Roaming\AnyProtectEx
2015-06-09 18:21 - 2015-06-11 19:43 - 00000344 _____ C:\WINDOWS\Tasks\QNBKJTVHX1.job
2015-06-09 18:21 - 2015-06-09 20:25 - 00000000 ____D C:\Program Files\shopperz
2015-06-09 18:21 - 2015-06-09 20:24 - 00000000 ____D C:\Users\Aneliya\AppData\Local\SmartWeb
2015-06-09 18:21 - 2015-06-09 18:21 - 00003558 _____ C:\WINDOWS\System32\Tasks\DFOZSNJILP
2015-06-09 18:21 - 2015-06-09 18:21 - 00002858 _____ C:\WINDOWS\System32\Tasks\QNBKJTVHX1
2015-06-09 18:21 - 2015-06-09 18:21 - 00000045 _____ C:\user.js
2015-06-09 18:21 - 2015-06-09 18:21 - 00000000 ____D C:\ProgramData\0f3b5471928b4fd3834dad205fba7597
2015-06-09 18:20 - 2015-06-09 18:20 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-06-09 18:16 - 2015-06-11 18:58 - 00000112 _____ C:\ProgramData\42ucsBJX.dat
2015-06-09 18:11 - 2015-06-09 18:16 - 00000000 ____D C:\Users\Aneliya\AppData\Local\4ED7FF40-1433873471-11E2-838B-30F9EDD2723D
2015-06-09 18:09 - 2015-06-09 18:09 - 00000000 ____D C:\Program Files (x86)\PreiceLess
2015-06-09 18:08 - 2015-06-09 18:08 - 00000000 ____D C:\ProgramData\PastaLeadsAgent
2015-06-09 18:08 - 2015-06-09 18:08 - 00000000 ____D C:\ProgramData\kgnbbngjlkgmkkhnfiijimmiiliefdoh
2015-06-09 18:08 - 2015-02-04 03:05 - 00000835 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-06-09 18:07 - 2015-06-11 18:48 - 00000000 ____D C:\ProgramData\abc
2015-06-09 18:07 - 2015-06-11 06:21 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\4ED7FF40-1433869652-11E2-838B-30F9EDD2723D
2015-06-09 18:07 - 2015-06-10 18:46 - 00000000 ____D C:\Program Files\Common Files\PastaLeads
2015-06-09 18:07 - 2015-06-09 18:09 - 00000000 ____D C:\Users\Aneliya\Documents\PCPrivacyDock
2015-06-09 18:07 - 2015-06-09 18:07 - 00000000 ____D C:\Users\Aneliya\AppData\Local\PC_Privacy_Dock
2015-06-09 18:07 - 2015-06-09 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker
2015-06-09 18:07 - 2015-06-09 18:07 - 00000000 ____D C:\Program Files\Coupoon
2015-06-09 18:07 - 2015-06-09 18:07 - 00000000 ____D C:\Program Files (x86)\Hawker
2015-06-09 18:06 - 2015-06-09 20:19 - 00000000 ____D C:\Program Files (x86)\PCP
2015-06-09 18:06 - 2015-06-09 20:19 - 00000000 ____D C:\Program Files (x86)\Coupoon
2015-06-09 18:05 - 2015-06-09 20:43 - 00009256 _____ C:\WINDOWS\SysWOW64\abengineOff.ini
2015-06-09 18:05 - 2015-06-09 20:43 - 00009256 _____ C:\WINDOWS\system32\abengineOff.ini
2015-06-09 18:05 - 2015-06-09 18:05 - 00003094 _____ C:\WINDOWS\System32\Tasks\iren3006
2015-06-09 18:05 - 2015-04-22 15:51 - 00409168 _____ (Abengine) C:\WINDOWS\system32\abengine64.dll
2015-06-09 18:05 - 2015-04-22 15:51 - 00341952 _____ (Abengine) C:\WINDOWS\SysWOW64\abengine.dll
2015-06-09 18:03 - 2015-06-09 18:03 - 00000000 ____D C:\Program Files (x86)\PriCeLesss
2015-06-09 18:02 - 2015-06-09 18:02 - 00000000 ____D C:\ProgramData\imaoeoblblmjpicobkapdnhcgbgmijpj
2015-06-09 18:00 - 2015-06-09 20:32 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Store
2015-06-09 18:00 - 2015-06-09 20:29 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\WTools
2015-06-09 18:00 - 2015-06-09 18:00 - 00000078 _____ C:\Users\Aneliya\AppData\Roaming\WindApp.installation.log
2015-06-09 18:00 - 2015-06-09 18:00 - 00000078 _____ C:\Users\Aneliya\AppData\Roaming\Selection Tools.installation.log
2015-06-09 17:59 - 2015-06-09 18:00 - 00005724 _____ C:\Users\Aneliya\AppData\Roaming\Bubble Dock.installation.log
2015-06-09 17:59 - 2015-06-09 18:00 - 00001283 _____ C:\Users\Aneliya\AppData\Roaming\Bubble Dock.boostrap.log
2015-06-09 17:59 - 2015-06-09 17:59 - 00000097 _____ C:\Users\Aneliya\AppData\Roaming\WindApp.boostrap.log
2015-06-09 17:59 - 2015-06-09 17:59 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Nosibay
2015-06-09 17:59 - 2015-06-09 17:59 - 00000000 ____D C:\Program Files (x86)\Bubble Dock
2015-06-09 17:58 - 2015-06-09 17:58 - 00000000 ____D C:\ProgramData\3324289484623045739
2015-06-09 17:58 - 2015-06-09 17:58 - 00000000 ____D C:\Program Files (x86)\PPreicELess
2015-06-09 17:57 - 2015-06-09 17:57 - 00000000 ____D C:\ProgramData\gcamhpfobgmongnmnmmpapfippkmlcdj
2015-06-09 17:56 - 2015-06-09 18:07 - 00000000 ____D C:\Program Files (x86)\Priceless
2015-06-09 17:56 - 2015-06-09 17:56 - 00000000 ____D C:\Program Files (x86)\app_setup
2015-06-09 11:17 - 2015-06-09 11:17 - 00455502 _____ C:\WINDOWS\SysWOW64\rsslogs.20150609111627
2015-06-08 19:27 - 2015-06-08 19:27 - 00620135 _____ C:\WINDOWS\SysWOW64\rsslogs.20150608192620
2015-06-07 22:45 - 2015-06-08 19:27 - 00194556 _____ C:\WINDOWS\SysWOW64\rsslogs.20150607224445
2015-06-06 18:53 - 2015-06-07 22:45 - 00212224 _____ C:\WINDOWS\SysWOW64\rsslogs.20150606185228
2015-06-05 14:35 - 2015-06-06 18:53 - 00103572 _____ C:\WINDOWS\SysWOW64\rsslogs.20150605143410
2015-06-04 20:10 - 2015-06-04 20:10 - 00609832 _____ C:\WINDOWS\SysWOW64\rsslogs.20150604200914
2015-06-04 17:33 - 2015-06-04 17:33 - 00053022 _____ C:\WINDOWS\SysWOW64\rsslogs.20150604173231
2015-06-03 14:51 - 2015-06-04 17:33 - 00809575 _____ C:\WINDOWS\SysWOW64\rsslogs.20150603145108
2015-06-02 18:36 - 2015-06-03 14:51 - 00616134 _____ C:\WINDOWS\SysWOW64\rsslogs.20150602183514
2015-06-01 14:53 - 2015-06-02 18:36 - 00623460 _____ C:\WINDOWS\SysWOW64\rsslogs.20150601145201
2015-06-01 04:32 - 2015-06-01 04:32 - 00299143 _____ C:\WINDOWS\SysWOW64\rsslogs.20150601043153
2015-05-31 03:04 - 2015-06-01 04:32 - 00128794 _____ C:\WINDOWS\SysWOW64\rsslogs.20150531030340
2015-05-29 19:13 - 2015-05-31 03:04 - 00366071 _____ C:\WINDOWS\SysWOW64\rsslogs.20150529191240
2015-05-28 16:58 - 2015-05-29 19:13 - 00463321 _____ C:\WINDOWS\SysWOW64\rsslogs.20150528165704
2015-05-28 10:21 - 2015-05-30 11:34 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-28 10:21 - 2015-05-28 10:21 - 00002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-05-28 10:21 - 2015-05-28 10:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-28 10:21 - 2015-05-28 10:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-28 10:21 - 2015-05-28 10:21 - 00000000 ____D C:\Program Files\Synaptics
2015-05-28 10:19 - 2015-05-28 10:19 - 00031540 _____ C:\WINDOWS\SysWOW64\rsslogs.20150528101845
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00764104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-05-27 10:06 - 2015-05-28 10:19 - 00474650 _____ C:\WINDOWS\SysWOW64\rsslogs.20150527100519
2015-05-26 10:07 - 2015-05-27 10:06 - 00169201 _____ C:\WINDOWS\SysWOW64\rsslogs.20150526100623
2015-05-26 09:56 - 2015-05-26 09:56 - 00000000 _____ C:\WINDOWS\SysWOW64\rsslogs.20150526095545
2015-05-25 07:25 - 2015-05-26 09:56 - 00191938 _____ C:\WINDOWS\SysWOW64\rsslogs.20150525072457
2015-05-24 09:36 - 2015-05-24 21:29 - 00356273 _____ C:\WINDOWS\SysWOW64\rsslogs.20150524093547
2015-05-23 09:36 - 2015-05-24 09:36 - 01079630 _____ C:\WINDOWS\SysWOW64\rsslogs.20150523093546
2015-05-22 11:41 - 2015-05-23 09:36 - 00673434 _____ C:\WINDOWS\SysWOW64\rsslogs.20150522114034
2015-05-21 10:13 - 2015-05-22 11:41 - 01206975 _____ C:\WINDOWS\SysWOW64\rsslogs.20150521101205
2015-05-20 20:09 - 2015-05-20 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery
2015-05-20 20:09 - 2015-05-20 20:09 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Photo Recovery
2015-05-20 19:48 - 2015-05-20 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.8
2015-05-20 19:48 - 2015-05-20 19:48 - 00000000 ____D C:\Program Files\EaseUS
2015-05-20 04:52 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BHME.DLL
2015-05-20 04:52 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2015-05-19 11:43 - 2015-05-20 21:34 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Mobipocket
2015-05-19 11:43 - 2015-05-19 11:45 - 00000000 ____D C:\Users\Aneliya\Documents\My eBooks
2015-05-19 10:49 - 2015-05-19 10:49 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com
2015-05-19 10:49 - 2015-05-19 10:49 - 00000000 ____D C:\Program Files (x86)\Mobipocket.com
2015-05-18 20:11 - 2015-05-18 20:11 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\WTablet
2015-05-18 19:45 - 2015-05-18 19:45 - 00000000 ____D C:\Users\Aneliya\Tracing
2015-05-15 04:56 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 04:56 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 04:50 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-15 04:50 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-15 04:50 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-15 04:50 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-15 04:50 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-15 04:50 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-15 04:50 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-15 04:50 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-15 04:50 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-15 04:50 - 2015-03-17 18:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-15 04:50 - 2015-03-13 05:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-15 04:50 - 2015-03-13 05:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-15 04:50 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-15 04:50 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-15 04:50 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-15 04:50 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-15 04:50 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-15 04:50 - 2015-03-09 03:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-15 04:50 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-15 04:50 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-15 04:50 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-15 04:50 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-15 04:50 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-15 04:50 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-15 04:50 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-15 04:50 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-15 04:49 - 2015-03-13 01:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 04:39 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 04:39 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 04:39 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 04:39 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 04:39 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 04:39 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 04:39 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 04:39 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 04:39 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 04:39 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 04:39 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 04:39 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 04:39 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 21:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-11 21:12 - 2015-02-01 12:29 - 00000000 ____D C:\FRST
2015-06-11 20:49 - 2015-02-01 16:28 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 20:06 - 2013-06-04 22:13 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2134122012-985867511-3032921148-1001
2015-06-11 19:46 - 2015-01-29 21:42 - 00000000 ____D C:\Users\Aneliya\OneDrive
2015-06-11 19:46 - 2014-12-30 08:53 - 01626371 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-11 19:43 - 2015-02-01 16:28 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 19:41 - 2013-08-22 15:46 - 00325280 _____ C:\WINDOWS\setupact.log
2015-06-11 19:41 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 19:40 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 19:37 - 2015-02-04 04:41 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-06-11 19:37 - 2015-02-04 04:41 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-06-11 19:37 - 2015-02-04 04:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-06-11 19:01 - 2014-12-30 08:27 - 00000000 ____D C:\Users\Aneliya
2015-06-11 18:57 - 2013-06-09 17:45 - 00002828 ___SH C:\ProgramData\KGyGaAvL.sys
2015-06-11 18:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-06-11 17:56 - 2015-01-03 03:38 - 00000000 __SHD C:\Users\Aneliya\AppData\Local\EmieBrowserModeList
2015-06-11 17:56 - 2015-01-01 09:19 - 00000000 __SHD C:\Users\Aneliya\AppData\Local\EmieUserList
2015-06-11 17:56 - 2015-01-01 09:19 - 00000000 __SHD C:\Users\Aneliya\AppData\Local\EmieSiteList
2015-06-11 17:55 - 2015-01-01 09:19 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B57EAF4F-132E-4F57-8CB3-E89092DD5591}
2015-06-11 10:38 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 10:25 - 2013-08-22 15:44 - 05205568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-11 10:23 - 2014-09-24 08:03 - 00068076 _____ C:\WINDOWS\PFRO.log
2015-06-11 10:20 - 2013-11-05 16:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 10:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 10:12 - 2013-06-06 06:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 10:12 - 2013-06-06 03:01 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 06:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-10 21:31 - 2015-01-03 00:53 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\ViberPC
2015-06-10 19:21 - 2015-02-04 04:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-10 19:20 - 2013-06-13 21:14 - 00000000 ____D C:\Users\Aneliya\AppData\Local\Adobe
2015-06-10 07:13 - 2013-06-15 00:15 - 00000000 ____D C:\Users\Aneliya\AppData\Roaming\Skype
2015-06-09 20:51 - 2015-02-01 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-09 20:37 - 2013-07-19 12:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-06 19:02 - 2013-06-04 22:03 - 00000000 ____D C:\Users\Aneliya\AppData\Local\VirtualStore
2015-06-03 17:18 - 2015-03-15 22:16 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 17:18 - 2015-01-01 09:32 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 15:49 - 2015-01-03 00:53 - 00001006 _____ C:\Users\Aneliya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-06-01 15:49 - 2015-01-03 00:52 - 00000000 ____D C:\Users\Aneliya\AppData\Local\Viber
2015-05-29 14:28 - 2014-09-24 08:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-28 16:57 - 2014-07-13 01:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 07:07 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-05-21 22:24 - 2015-04-06 00:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-21 22:24 - 2015-04-06 00:00 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-20 04:53 - 2015-02-23 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-05-18 19:44 - 2013-06-15 00:15 - 00000000 ____D C:\ProgramData\Skype
2015-05-17 08:28 - 2015-02-01 16:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-17 08:28 - 2015-02-01 16:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-17 08:23 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-17 08:23 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-17 05:44 - 2015-02-01 16:28 - 00003652 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 05:44 - 2013-06-04 22:38 - 00003888 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 04:49 - 2015-02-01 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-15 04:44 - 2014-09-24 07:53 - 00000000 ____D C:\Program Files\Windows Journal
 
==================== Files in the root of some directories =======
 
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Aneliya\AppData\Roaming\124Iith9Cu4Xrajyk4g2oO
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Aneliya\AppData\Roaming\124Iith9Cu4Xrajyk4g2oO.exe
2015-06-09 17:59 - 2015-06-09 18:00 - 0001283 _____ () C:\Users\Aneliya\AppData\Roaming\Bubble Dock.boostrap.log
2015-06-09 17:59 - 2015-06-09 18:00 - 0005724 _____ () C:\Users\Aneliya\AppData\Roaming\Bubble Dock.installation.log
2015-06-09 18:00 - 2015-06-09 18:00 - 0000078 _____ () C:\Users\Aneliya\AppData\Roaming\Selection Tools.installation.log
2015-06-11 00:04 - 2015-06-11 00:04 - 0000043 _____ () C:\Users\Aneliya\AppData\Roaming\WB.CFG
2015-06-09 17:59 - 2015-06-09 17:59 - 0000097 _____ () C:\Users\Aneliya\AppData\Roaming\WindApp.boostrap.log
2015-06-09 18:00 - 2015-06-09 18:00 - 0000078 _____ () C:\Users\Aneliya\AppData\Roaming\WindApp.installation.log
2015-06-09 20:15 - 2015-06-09 20:15 - 0613255 _____ (CMI Limited) C:\Users\Aneliya\AppData\Local\nst9DD6.tmp
2013-06-09 17:45 - 2013-06-09 18:58 - 0000088 __RSH () C:\ProgramData\1BD38D9980.sys
2015-06-09 18:16 - 2015-06-11 18:58 - 0000112 _____ () C:\ProgramData\42ucsBJX.dat
2015-01-03 04:08 - 2015-03-11 21:34 - 0000868 _____ () C:\ProgramData\dleascan.log
2013-06-09 17:45 - 2015-06-11 18:57 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
 
Files to move or delete:
====================
C:\ProgramData\42ucsBJX.dat
C:\Users\Aneliya\mediaenchx32.dll
C:\Users\Aneliya\mediaenchx321.dll
C:\Users\Aneliya\mediaenchx322.dll
C:\Users\Aneliya\mediaenchx323.dll
C:\Users\Aneliya\webphonecfgb.dat
 
 
Some files in TEMP:
====================
C:\Users\Aneliya\AppData\Local\Temp\6492.exe
C:\Users\Aneliya\AppData\Local\Temp\70517uninstall.exe
C:\Users\Aneliya\AppData\Local\Temp\9470uninstall.exe
C:\Users\Aneliya\AppData\Local\Temp\amiupdater1822.exe
C:\Users\Aneliya\AppData\Local\Temp\beddigcaie.exe
C:\Users\Aneliya\AppData\Local\Temp\beddihcjca.exe
C:\Users\Aneliya\AppData\Local\Temp\camera raw 6.4.1 update__10924_i1533240421_il404623.exe
C:\Users\Aneliya\AppData\Local\Temp\DPInstx64.exe
C:\Users\Aneliya\AppData\Local\Temp\DPInstx86.exe
C:\Users\Aneliya\AppData\Local\Temp\DPInst_Monx64.exe
C:\Users\Aneliya\AppData\Local\Temp\DPInst_Monx86.exe
C:\Users\Aneliya\AppData\Local\Temp\InstallHelper.exe
C:\Users\Aneliya\AppData\Local\Temp\Launcher__13202.exe
C:\Users\Aneliya\AppData\Local\Temp\mVOBCC8.exe
C:\Users\Aneliya\AppData\Local\Temp\MYPCBU.exe
C:\Users\Aneliya\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Aneliya\AppData\Local\Temp\optprosetup.exe
C:\Users\Aneliya\AppData\Local\Temp\OS_Detect.exe
C:\Users\Aneliya\AppData\Local\Temp\Quarantine.exe
C:\Users\Aneliya\AppData\Local\Temp\sdf8745.exe
C:\Users\Aneliya\AppData\Local\Temp\sdf9721.exe
C:\Users\Aneliya\AppData\Local\Temp\sdfC6F2.exe
C:\Users\Aneliya\AppData\Local\Temp\setup_644.exe
C:\Users\Aneliya\AppData\Local\Temp\setup_648.exe
C:\Users\Aneliya\AppData\Local\Temp\Sqlite3.dll
C:\Users\Aneliya\AppData\Local\Temp\Uninstall.exe
C:\Users\Aneliya\AppData\Local\Temp\_is50A5.exe
C:\Users\Aneliya\AppData\Local\Temp\_is9C21.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-30 10:06
 
==================== End of log ============================
 
 
.... и  също прикачения addition.txt 
 
 
За сега това от мен
 
Сърдечно благодаря предварително... :wors:
 
Анелия

 

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

 

Системата е сериозно заразена.

 

Изтеглете KKdS6sj.pngfixlist.txt и го запазете в папката от която стартирахте FRST.exe.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

 

Пишете след това как е положението! :)

 

 

Поздрави!

 

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте отново и благодаря...

 

Сега ми се струва по-добре,  поне не изкачат реклами, но нищо не е променено по отношение на въпросния Dregol. Той, както и друга програма на има Run_Dregol все още си стоят в Program and Features необезпокоявани.

 

При опит за дезинсталация на Dregol (поне така беше преди - сега не съм пробвала, защото съм сигурна,че той е в основата на заразяването) той ми иска потвърждение, че съм съгласна да нанесе промени в системата и след моето потвърждение нищо видимо не се случва.

 

Сега, както казах има и една допълнителна програма (навярно следствие от деинсталацията), която се казва Run_Dregol.

 

Този път не съм пипала нито една от тях, до второ нареждане...

 

Каво да правя... Да ги дезинсталирам ли?

 

Поздрави

А

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

А къде е лог файла? Моля спазвайте инструкциите точно и публикувайте резултата от FixLog.txt

И не, нищо не пипайте с програми по ваше усмотрение, че затова сте на това положение...не се знае какви нови изненадки ще си инсталирате!

 

 

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Като казах -  нищо не съм пипала

 

предполагам това е файла който е съсздал 

 

 

 

 

Fixlog.txt

Редактирано от Aneliya Beaton (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Нека да проверим за остатъци: :)

 

 

 

СТЪПКА 1

 

  • Изтеглете и стартирайтe 6sv1DN9.jpgAdwCleaner.exe.
  • Натиснете бутона Scan.
  • AdwCleaner ще започне да проверява компютъра.
  • След като проверката приключи натиснете бутона Clean.
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.
  • Ще се появи автоматично лог файл с името (AdwCleaner[s0].txt) в C:\Adwcleaner
  • Публикувайте съдържанието му в следващия си коментар.

 

 

СТЪПКА 2

 

 

Моля изтеглете icon1351185104.png Junkware Removal Tool на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

здраавейте B-Boy отново, 

 

ето ко и съдържанието на файла за който помолихте...

 

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 17:48:26
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Aneliya - LUKE
# Running from : C:\Users\Aneliya\Desktop\adwcleaner_4.109.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\Program Files (x86)\TidyNetwork.com
Folder Deleted : C:\Program Files (x86)\Yula
Folder Deleted : C:\Users\Aneliya\AppData\Local\WeatherAlerts
Folder Deleted : C:\Users\Aneliya\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\Advanced System Protector
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Aneliya\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\WINDOWS\Reimage.ini
File Deleted : C:\WINDOWS\patsearch.bin
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\WINDOWS\System32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
File Deleted : C:\Users\Aneliya\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\5e578d8db535ef41
Key Deleted : HKLM\SOFTWARE\5e578d8db535ef41
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7736C7FA-512D-11E2-B871-DEC36088709B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Boost
Key Deleted : HKCU\Software\Conduit_Search_Protect
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\Vosteran Browser
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\HappyLyrics
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Boost
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\MyBestOffersToday
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tiger Savings
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKLM\SOFTWARE\V9Software
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\getwebcake.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istart.webssearches.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetpacks.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v40.0.2214.94
 
 
-\\ Opera v0.0.0.0
 
 
*************************
 
AdwCleaner[R0].txt - [10476 octets] - [01/02/2015 17:44:26]
AdwCleaner[s0].txt - [9601 octets] - [01/02/2015 17:48:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9661 octets] ##########
 
 
 
 
Meжду другото - ощ не съм приключила със всичките операции, а вече разликата в поведението на компютъра е чувствителна.....
 
Страхотни сте ....
Много облагодаря...
:)
 

Между другото Dragol си седи още Programs and features..... Но Instal_dragol е изчезнало

post-356594-0-24902900-1434140515_thumb.

Редактирано от Aneliya Beaton (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Публикували сте стар лог от adwcleaner:

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 17:48:26

 

Да не говорим, че последната версия на adwcleaner е 4.206. :)

 

Моля публикувайте правилния лог и не се притеснявайте за записа в Programs and Features...ще бъде премахнат (не съм забравил)... :)

 

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 2
 

Съдържанието на JRT лога 

 

______________

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.2 (06.12.2015:1)
OS: Windows 8.1 x64
Ran by Aneliya on 12/06/2015 at 21:39:53.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_2A49636DFC615F2944304000BBB40071
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_4BC2F3FF76062F858098F36BEAA87F75
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERSETUP.EXE-F44CB128.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\Aneliya\appdata\locallow\company
Successfully deleted: [Folder] C:\Users\Aneliya\documents\add-in express
Successfully deleted: [Folder] C:\Users\Aneliya\appdata\local\24768
 
 
 
~~~ Chrome
 
 
[C:\Users\Aneliya\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Aneliya\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Aneliya\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Aneliya\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/06/2015 at 21:42:04.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_________________

Здравейте,

 

Публикували сте стар лог от adwcleaner:

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 17:48:26

 

Да не говорим, че последната версия на adwcleaner е 4.206. :)

 

Моля публикувайте правилния лог и не се притеснявайте за записа в Programs and Features...ще бъде премахнат (не съм забравил)... :)

 

Поздрави!

Съжалявам за грешката, (ето защо не трябва да пазя старите логове)

 

с посоченото от вас име е само файла който съм прикаччила

с актуални дари са файлове с индекси [s1] и [R1] предполагам той си ги е реиндексирал...

 

 Виж прикачените снимка и файл


# AdwCleaner v4.206 - Logfile created 12/06/2015 at 21:08:22
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [server]
# Operating system : Windows 8.1  (x64)
# Username : Aneliya - LUKE
# Running from : C:\Users\Aneliya\Downloads\adwcleaner_4.206.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : netfilter64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\download Manager
Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\abengine
Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\SwiftMediaConverter
Folder Deleted : C:\Users\Aneliya\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Users\Aneliya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\genieo
Folder Deleted : C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Folder Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Folder Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
File Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_ihokndmjeombjojnfkmapfnjeghjohim_0.localstorage
File Deleted : C:\WINDOWS\System32\drivers\netfilter64.sys
File Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_mobipocket-reader-desktop.en.softonic.com_0.localstorage
File Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_mobipocket-reader-desktop.en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : iren3006
Task Deleted : Run_Dregol
Task Deleted : amiupdaterExd
Task Deleted : amiupdaterExi
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataContainer.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataController
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataController.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTable
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTable.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic.1
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager
Key Deleted : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\abengine.EXE
Key Deleted : HKLM\SOFTWARE\1a1869cd-da6d-b605-27d6-fd80f6254b39
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{028F96B8-C73A-4C60-B82F-3944A19B046E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{879F721E-7F23-4B7F-B65B-F5A8F518864A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5544F7B-C413-4CAC-8DB4-9A8D1986DD86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9EE49F9-62A3-408D-858F-4ED9A23BAA24}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF6D8439-BAC1-4E73-94FE-9910D098AE00}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4F14684-336F-44FC-8D9E-8A73DAE003EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\Run_Dregol
Key Deleted : HKCU\Software\Hawker
Key Deleted : HKCU\Software\PCPrivacyDockLanguage
Key Deleted : HKCU\Software\SwiftMediaConverterApp
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\FlashBeat
Key Deleted : HKLM\SOFTWARE\TabNav
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\coupoon
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Hawker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Run_Dregol
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Key Deleted : [x64] HKLM\SOFTWARE\FlashBeat
Key Deleted : [x64] HKLM\SOFTWARE\coupoon
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 
[C:\Users\Aneliya\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : D35346E01E39AD77B5365BD489DE7C458D530F745E4036383A945CECE0E1F539"},"software_reporter":{"prompt_reason":"6E8A1107F285A22D2B96F7DC2EB66464292428779C210B83CC52AACC89B60A5B","prompt_seed":"E5FDCA5AFCFAA4F49CEFABA3590D0CB162F1B597ADC19D3B7CCD72B8349216B8","prompt_version":"5C2444A0D6282DFD08151E5BD701797128B667CE28A8B68674237A49C143F1BD"},"sync":{"remaining_rollback_tries":"4432613B8DF056E55E148E6FA077295525923FFB5D435FEE95CFEA2CBBE98131"}},"super_mac":"F7D10E508178E3320FA4B93A22073A78510446210BE6B878405B957195ACB84A"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.dregol.com/?f=7&a=drg_cmi_15_24&cd=2XzuyEtN2Y1L1Qzu0AyEtCyBtAtC0EyD0DtA0ByEtCzytAtDtN0D0Tzu0StCtByDyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0CyC0D0AtC0CtBtGtCyC0C0FtG0EyEyByCtGtByD0CyBtGyEtA0B0AyBtC0Azz0B0E0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyB0AtCzz0F0DyBtGyDtDyC0CtGyEyBzz0FtGzztA0BtCtGzy0FyB0A0A0AtCzytB0ByDtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztByD&cr=2125724158&ir=
 
-\\ Chromium v45.0.2423.0
 
[C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_cmi_15_24&cd=2XzuyEtN2Y1L1Qzu0AyEtCyBtAtC0EyD0DtA0ByEtCzytAtDtN0D0Tzu0StCtByDyCtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StAyDzztD0Czy0EzytGyDzytA0AtGzzzzyByEtGtCyEtDyCtGtA0ByEtCtDtD0Bzz0E0EyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyB0AtCzz0F0DyBtGyDtDyC0CtGyEyBzz0FtGzztA0BtCtGzy0FyB0A0A0AtCzytB0ByDtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztCtB&cr=1010808114&ir=&uref=chmm
[C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_cmi_15_24&cd=2XzuyEtN2Y1L1Qzu0AyEtCyBtAtC0EyD0DtA0ByEtCzytAtDtN0D0Tzu0StCtByDyCtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StAyDzztD0Czy0EzytGyDzytA0AtGzzzzyByEtGtCyEtDyCtGtA0ByEtCtDtD0Bzz0E0EyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyB0AtCzz0F0DyBtGyDtDyC0CtGyEyBzz0FtGzztA0BtCtGzy0FyB0A0A0AtCzytB0ByDtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzztCtB&cr=1010808114&ir=&uref=chmm
[C:\Users\Aneliya\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : 6A8492971572F8178085000F60C3B7721A828BF38DD8073F31EA54467D6D17B5"},"software_reporter":{"prompt_reason":"043303E0CE6D55C9572AC10361DFD1532F40B408E4C7E69074C74D9B5A3770CD","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"80638BE3A5A976A226D4A1B9AC29B3C0C463988F4CA01F3ADDEE21026D841E3A"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"64954A20BB7140770CD0DAAE3C1769FCCB157E847B47D93D1F40E274F1650365"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.dregol.com/favicon.ico
 
-\\ Opera v0.0.0.0
 
 
*************************
 
AdwCleaner[R0].txt - [10476 bytes] - [01/02/2015 18:44:26]
AdwCleaner[R1].txt - [19084 bytes] - [12/06/2015 21:03:15]
AdwCleaner[s0].txt - [9817 bytes] - [01/02/2015 18:48:26]
AdwCleaner[s1].txt - [13439 bytes] - [12/06/2015 21:08:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [13499  bytes] ##########
 
_________________

post-356594-0-63908700-1434142266_thumb.

AdwCleanerS1.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това е друго нещо....adwcleaner премахна 4 програми от списъка в Programs and Features. :)

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Run_Dregol
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}

 

Да продължим така:

 

И преди да ви "пусна" нека да направим и последните проверки:

 

 

СТЪПКА 1

 

 

Моля изтеглете Malwarebytes Anti-Malware 2.1.6.1022 Final и я запазете на вашия десктоп.

  • Стартирайте файла mbam-setup-2.1.6.1022.exe и следвайте указанията за да инсталирате програмата.
  • След като инсталацията приключи се уверете че сте сложили отметка пред:
  • Launch Malwarebytes Anti-Malware
  • Отметката активираща пробния 14 дневен период също е маркиран по-подразбиране. Ако не желаете да тествате защитата в реално време на програмата през следващите 14 дни тогава премахнете отметката.
  • Натиснете бутона Finish.
  • Отидете до табът Settings > Detection and Protection > и под категорията Detection Options включете опцията "Scan for rootkits".
  • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и след това натиснете бутона Scan Now >> . Ако е намерена актуализация тогава натиснете бутона Update Now.
  • Ще започне проверка за зловреден софтуер.
  • При някои инфекции можете да видите съобщението:
  • "Could not load DDA driver"
  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Разрешете на компютъра да се рестартира и след това продължете с останалите инструкции.
  • След като проверката приключи натиснете бутона Apply Actions.
  • Изчакайте да се появи прозореца подканващ ви да рестартирате и след това натиснете бутона Yes.
  • След рестарта, когато се появи десктопа MBAM ще се зареди още веднъж.
  • Отидете то табът History > Application Logs.
  • Отворете рапорта с последната дата и час и натиснете бутона "Copy to Clipboard"
  • Сега вече поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.

 

 

СТЪПКА 2

 

 

1.Изтеглете Hitman Pro.
За 32-битова система - dEMD6.gif.
За 64-битова система - Download-button3.gif


2.Стартирайте програмата.

3.След като сте стартирали програмата като кликнете върху иконата 5vo5F.jpg и натиснете бутона „Напред“ като се съгласите с лицензионното споразумение (EULA).

4.Сложете отметка пред "Не, искам да завърша еднократно сканиране на компютъра".

5.Натиснете бутона „Напред“.

6.Програмата ще започне да сканира. Времето за сканиране е около 2 минути.

7.След завършване на сканирането от списъка с намерените неща (ако има такива) изберете Apply to all => Ignore.

8.Натиснете "Next" и след това натиснете "Изнеси резултата в XML file" и запазете лог файла на десктопа.

9.Архивирайте файла и го прикачете в следващия си коментар или копирайте съдържанието му в следващия си коментар.
 
Забележка: Ако няма падащо меню, където да изберете ignore както на снимката:
 
6-scanfin-choose.jpg
 
Тогава просто затворете програмата след края на проверката (без да премахвате нищо)...след това отворете C:\Programdata\HitmanPro\Logs, отворете и публикувайте съдържанието на лог файла в следващия си коментар.

 

 

 

СТЪПКА 3

 

 

emsisoft_emergency_kit.pnglogo.png

  • Моля изтеглете EmsisoftEmergencyKit, стартирайте exe файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
  • Стартирайте иконата на файла Start Emsisoft Emergency Kit от десктопа за да стартирате приложението.
  • Натиснете бутона"Yes", когато бъдете подканени да обновите дефинициите на програмата.

EKK.gif

  • След като процеса по обновяването на дефинициите приключи натиснете бутона "Scan".
  • Натиснете бутона "Yes", когато бъдете попитани дали да програмата да включи засичането на потенциално нежелани приложения (Potentially Unwanted Applications).
  • Сега вече изберете бутона Full Scan. Когато проверката приключи натиснете бутона View Report.
  • Копирайте съдържанието на лог файла в следващия си коментар.

 

 

Поздрави!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Run_Dregol     Dregol-ла още си стои - това е Run-Dregol, което oчевидно е различно от Dregol, но със сигурност са свързани!
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}

Съжалявам за изчезването....

 

в края на миналата седмица та до вчера бях на мобилен интернет и имах сериозно ограничения, по отношение на това какво мога да свалям.

Сядам да довърша задачата.....


 

Това е друго нещо....adwcleaner премахна 4 програми от списъка в Programs and Features. :)

 

 

Да продължим така:

 

И преди да ви "пусна" нека да направим и последните проверки:

 

 

СТЪПКА 1

 

 

Моля изтеглете Malwarebytes Anti-Malware 2.1.6.1022 Final и я запазете на вашия десктоп.

 

 

Ето го и първият проблем - оказа се, че е засекал, че преди съм инсталирала същата програма и пробния период ми е изтекъл - предлага ми да си я купя за $24.95.

 

Какво да правя?

Редактирано от Aneliya Beaton (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Деинсталирайте програмата и почистете след нея с инструмента mbam-clean.exe

Рестартирайте системата и след това я инсталирайте наново, като този път не слагате отметка за активирането на пробния период:

 

DkgJ7Zr.png

 

След това продължете нататък.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от CaptainJord
      Здравейте, искам да си почистя компа от ненужните файлове както казах и в заглавието. Защото ме е страх компютъра да не почне да ми бави тъй като ми е нов и доста време събирах пари за него. Моля някакви мнения ?
    • от Vladov
      Добра вечер. Днес една колежка в офиса пипна "Локи" (не братът на Тор, разбира се)  Не знам какви мейли е отваряла и кога, но всичко вече е на кодове и на китайски.
      Лошото е, че тя е от търговския ни отдел и купища важна документация "се криптира". IT- тата ни гледаха, подсмърчаха, ровиха по сървъри и някрая рекоха-"Всичко замина-от утре си с нов комп"...
      Има ли някакъв начин да излекуваме някак болната щайга, за да спасим важната информация? А тя наистина е доста важна и международна, и конфиденциална...тежка работа
       
    • от soulflykc
      Здравейте, имам проблем с компютър който ми се явява офисен. Най-често се проявява след обяд след 15ч.  Хард диска не спира да върти и е почти невъзможно да се работи нормално. Имаме си системен админ който не успя да установи от какво се случва и преинсталира уиндоуса който беше Win 7 64 bit professional с win 8.1 64 бит. Това нямаше голям успех тъй като проблема си остава.
      ъпдейтите на уиндоуса са спряни. като пусна таск мениджъра единствено което ми показва че ползва харддиска е MS windows search indexer, system, service host : local /имам предвид над 2 МБ/с /
       
      имам едно приложение /Activity Indicator/ което ми показва най често това съобщение:
       
      Change: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\I70M2HNG\ls.hit.gemius[1].xml
       
      Проблема не се случва всеки ден и не съм намерил логика кога се появява, също така изобщо не ползвам IE.
       
      Ако някой има някаква идея какво да търся или къде да гледам моля да я сподели. Също така каква информация бих могъл да предоставя за анализ. Логове и т.н.
       
      благодаря.
    • от Еленко Борисов
      Здравейте, искам да ви попитъм за един филм старичък е доста но се разправя за един вирус и един мъж караше с едно ферари червено по улицата и ги гледаше след това някакви се срещнаха на плажа а тоя с ферарито отиде на една писта вдигна висока скорост и се удари в един билборд...... Някакви идеи как се казва филма       
    • от geonale
      Здравейте,след изтриване на антивирусната програма на Майкрософт ми изисква рестарт,тогава видях,че има и 5 нови актуализации.Изчаках и когато го включих отново бях много неприятно изненадан да разбера,че не мога да сваля нищо.Тръгва и след секунди изписва-"Не бе успешно-Сканирането за вируси не бе успешно".Windows 7 на български.      
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.