Премини към съдържанието

Препоръчан отговор


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2015
Ran by Administrator (administrator) on PC (30-08-2015 15:13:35)
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() C:\WINDOWS\system32\dmwu.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) D:\avast\AvastSvc.exe
(AVAST Software) D:\avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => D:\avast\AvastUI.exe [6109776 2015-08-30] (AVAST Software)
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-1177238915-448539723-682003330-500\...\Run: [NextLive] => C:\WINDOWS\system32\rundll32.exe ",EntryPoint -m l
HKU\S-1-5-21-1177238915-448539723-682003330-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1177238915-448539723-682003330-500\...\Run: [uTorrent] => C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe [1696096 2015-08-28] (BitTorrent Inc.)
HKU\S-1-5-21-1177238915-448539723-682003330-500\...\Run: [FreeRAM XP] => C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe [1591808 2006-03-23] (YourWare Solutions )
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\avast\ashShell.dll [2015-08-30] (AVAST Software)
BootExecute: autocheck autochk * autocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1177238915-448539723-682003330-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX
HKU\S-1-5-21-1177238915-448539723-682003330-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX
URLSearchHook: [s-1-5-21-1177238915-448539723-682003330-500] ATTENTION => Default URLSearchHook is missing
URLSearchHook: HKU\S-1-5-21-1177238915-448539723-682003330-500 - SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&i=48&did=10844&ppd=search,36198649482,winamp,e,,c,Winamp,,,www.fileparade.com&barid=1523565561930253006
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&i=48&did=10844&ppd=search,36198649482,winamp,e,,c,Winamp,,,www.fileparade.com&barid=1523565561930253006
SearchScopes: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1CEC0019662462D1&affID=128235&tt=240414_41&tsp=5233
SearchScopes: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1cec47560000000000000023cdb24226&tlver=1.4.19.19&affID=16553
SearchScopes: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=n12521-348&apn_uid=3756682745224700&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&i=48&did=10844&ppd=search,36198649482,winamp,e,,c,Winamp,,,www.fileparade.com&barid=1523565561930253006
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
BHO: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30] (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30] (SweetIM Technologies Ltd.)
Toolbar: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-1177238915-448539723-682003330-500 -> SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30] (SweetIM Technologies Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C8EBFBE8-1227-4D31-A404-C18312CB9226}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1434660207&z=6ef70cda96674e482209328g5z4cdzbq1qeecofg2e&from=wpc&uid=HitachiXHDT725032VLA360_VFB200R2D3AHNJD3AHNJX
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.google.bg/
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=A92BD0A0-8B19-424E-A256-A96776A83571&n=780cbdac&ind=2014100908&p2=^HJ^xdm007^YYA^bg&si=CLLanKGQoMECFQ3LtAodyVEA4w&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @raidcall.en/RCplugin -> C:\Documents and Settings\Administrator\Application Data\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1177238915-448539723-682003330-500: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-07] (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\searchplugins\ask-web-search.xml [2014-07-03]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\searchplugins\buenosearch.xml [2014-04-30]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\searchplugins\search-here.xml [2014-05-23]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\searchplugins\sweetim.xml [2014-04-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\searchplugins\Sweetpacks Search.xml [2014-04-02]
FF Extension: VideoDownloadConverter - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-10-09]
FF Extension: PriceeMinus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\Extensions\nGN@9.edu [2015-06-18]
FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nb5vvlsp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-01]
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha2340.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha2340\ff
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha2340\ff [2014-02-11]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewerV1alpha1598.net] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1598\ff
FF Extension: Media Viewer - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1598\ff [2014-02-24]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha1298.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha1298\ff
FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha1298\ff [2014-02-28]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha942.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha942\ff
FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha942\ff [2014-03-15]
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home499.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home499\ff
FF Extension: Media Watch - C:\Program Files\MediaWatchV1\MediaWatchV1home499\ff [2014-03-23]
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode4731.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4731\ff
FF Extension: Media Buzz - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4731\ff [2014-04-25]
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release406.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release406\ff
FF Extension: Rich Media View - C:\Program Files\RichMediaViewV1\RichMediaViewV1release406\ff [2014-05-13]
FF HKLM\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha5695.net] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha5695\ff
FF Extension: Trust Media Viewer - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha5695\ff [2014-06-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\avast\WebRep\FF
FF Extension: Avast Online Security - D:\avast\WebRep\FF [2015-08-30]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2015-05-29] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-26]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-26]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-26]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-30]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-26]
CHR HKLM\...\Chrome\Extension: [aeaaghklclcdgnkoaapfojgofoaddifi] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1598\ch\MediaViewerV1alpha1598.crx <not found>
CHR HKLM\...\Chrome\Extension: [akdlhmjfcipdnibddeedeoklgdaknjho] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4731\ch\MediaBuzzV1mode4731.crx <not found>
CHR HKLM\...\Chrome\Extension: [akjfcfamcocpfknehbpnpepniimedgjg] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release406\ch\RichMediaViewV1release406.crx <not found>
CHR HKLM\...\Chrome\Extension: [caiffmpiclolclbkfghdpbjpejkcnnhl] - C:\Program Files\MediaViewV1\MediaViewV1alpha1298\ch\MediaViewV1alpha1298.crx <not found>
CHR HKLM\...\Chrome\Extension: [concjfklebbhclegnkcbcehhnajoecga] - C:\Program Files\MediaWatchV1\MediaWatchV1home499\ch\MediaWatchV1home499.crx <not found>
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [eboffjmjecjmegnfkgkmnomddeaehgha] - C:\Program Files\MediaViewV1\MediaViewV1alpha942\ch\MediaViewV1alpha942.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-30]
CHR HKLM\...\Chrome\Extension: [jojekbplmldchihclpkbdobfkcgebklk] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha5695\ch\TrustMediaViewerV1alpha5695.crx <not found>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U2 avast! Antivirus; D:\avast\AvastSvc.exe [146600 2015-08-30] (AVAST Software)
S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
R2 IBUpdaterService; C:\WINDOWS\system32\dmwu.exe [1824560 2014-03-19] ()
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-11] (Oracle Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-30] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-08-30] (AVAST Software)
S3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-30] (AVAST Software)
R3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-30] (AVAST Software)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-23] (Disc Soft Ltd)
R3 eapihdrv; C:\Documents and Settings\Administrator\Local Settings\Temp\ehdrv.sys [135760 2015-08-30] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 ip100xp; C:\WINDOWS\System32\DRIVERS\ipfnd51.sys [26752 2005-02-02] (IC Plus Corp.                                                                                                                                                                                                                                                 )
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [13616 2011-02-14] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2011-02-14] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [13616 2011-02-14] (Marvell Semiconductor Inc.)
R0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [100736 2011-02-14] (NVIDIA Corporation) [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-09] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation)
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 GGSAFERDriver; \??\D:\Garena Plus\Room\safedrv.sys [X]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 15:08 - 2015-08-30 15:13 - 00000000 ____D C:\FRST
2015-08-30 15:04 - 2015-08-30 15:04 - 00000000 ____D C:\Program Files\ESET
2015-08-30 15:00 - 2015-08-30 15:00 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\AVAST Software
2015-08-30 14:58 - 2015-08-30 14:58 - 00000478 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-08-30 14:58 - 2015-08-30 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2015-08-30 14:57 - 2015-08-30 14:57 - 00048282 _____ C:\WINDOWS\Wdf01009Inst.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00006712 _____ C:\WINDOWS\iis6.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00006183 _____ C:\WINDOWS\FaxSetup.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00003110 _____ C:\WINDOWS\ocgen.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00002821 _____ C:\WINDOWS\tsoc.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00002062 _____ C:\WINDOWS\comsetup.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00001890 _____ C:\WINDOWS\msmqinst.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-08-30 14:57 - 2015-08-30 14:57 - 00001374 _____ C:\WINDOWS\imsins.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00001248 _____ C:\WINDOWS\ntdtcsetup.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00001083 _____ C:\WINDOWS\netfxocm.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 14:57 - 2015-08-30 14:57 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00000311 _____ C:\WINDOWS\tabletoc.log
2015-08-30 14:57 - 2015-08-30 14:57 - 00000272 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-30 14:57 - 2015-08-30 14:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-08-30 14:57 - 2015-08-30 14:57 - 00000000 ____D C:\WINDOWS\LastGood
2015-08-30 14:57 - 2015-08-30 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2015-08-30 14:57 - 2015-08-30 14:56 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-30 14:57 - 2015-08-30 14:56 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-30 14:57 - 2008-11-07 18:55 - 00026144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spupdsvc.exe
2015-08-30 14:57 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-08-30 14:56 - 2015-08-30 14:56 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-08-30 14:56 - 2015-08-30 14:56 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-30 14:56 - 2015-08-30 14:56 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-08-30 14:56 - 2015-08-30 14:56 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-30 14:54 - 2015-08-30 14:54 - 00000000 ____D C:\OETemp
2015-08-30 14:51 - 2015-08-30 14:51 - 00001505 _____ C:\WINDOWS\setupapi.log
2015-08-30 14:51 - 2015-08-30 14:51 - 00000000 _____ C:\Documents and Settings\All Users\Application Data\rebootpending.txt
2015-08-30 14:38 - 2015-08-30 15:01 - 00000222 _____ C:\boot.ini
2015-08-30 14:26 - 2015-08-30 14:26 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\DriverEasy
2015-08-30 04:07 - 2015-08-30 04:07 - 00000571 _____ C:\Documents and Settings\All Users\Desktop\DriverEasy.lnk
2015-08-30 04:07 - 2015-08-30 04:07 - 00000366 _____ C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
2015-08-30 04:07 - 2015-08-30 04:07 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DriverEasy
2015-08-30 03:48 - 2015-08-30 03:48 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Easeware
2015-08-30 02:32 - 2015-08-30 02:32 - 00000060 _____ C:\WINDOWS\setupact.log
2015-08-30 02:32 - 2015-08-30 02:32 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 17:56 - 2015-08-19 17:56 - 00000886 ____X C:\Documents and Settings\Administrator\Desktop\Пряк път до Wow.exe.lnk
2015-07-31 19:55 - 2015-08-14 03:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-07-31 19:48 - 2015-07-31 19:48 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\gnupg
2015-07-31 19:48 - 2015-07-31 19:48 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\gnupg
2015-07-31 19:48 - 2015-07-31 19:48 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Appupdater
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 15:13 - 2013-10-24 10:45 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-08-30 15:01 - 2008-04-14 11:00 - 00000675 _____ C:\WINDOWS\win.ini
2015-08-30 15:01 - 2008-04-14 11:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-08-30 14:57 - 2013-10-24 12:02 - 00000000 ____D C:\Program Files\Google
2015-08-30 14:55 - 2013-10-24 12:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-08-30 14:54 - 2014-08-05 20:23 - 00350157 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-30 14:54 - 2013-10-30 01:48 - 00000000 ____D C:\Program Files\Avira
2015-08-30 14:54 - 2013-10-30 01:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avira
2015-08-30 14:52 - 2014-08-12 14:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-08-30 14:43 - 2013-10-24 11:49 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\uTorrent
2015-08-30 14:42 - 2013-10-24 10:45 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-08-30 14:42 - 2013-10-24 10:45 - 00000000 ____D C:\Documents and Settings\Administrator
2015-08-30 03:05 - 2013-10-24 10:45 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-08-30 03:05 - 2013-10-24 10:45 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-08-30 03:04 - 2013-10-24 10:40 - 00000000 ____D C:\WINDOWS\system32\Restore
2015-08-30 02:46 - 2014-08-05 20:23 - 00000216 _____ C:\WINDOWS\wiadebug.log
2015-08-30 02:46 - 2013-10-24 10:45 - 00032378 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-30 02:46 - 2013-10-24 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-30 02:22 - 2013-10-24 12:03 - 00000000 ____D C:\Program Files\CCleaner
2015-08-30 02:20 - 2013-10-24 12:06 - 00082984 ____C C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-08-30 02:19 - 2014-05-30 17:45 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\all
2015-08-30 02:15 - 2015-07-01 12:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-30 01:16 - 2014-04-22 21:21 - 00000260 _____ C:\WINDOWS\Tasks\DTChk.job
2015-08-30 00:04 - 2015-06-18 17:08 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Messenger
2015-08-29 23:20 - 2015-06-18 23:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{5b0c0ad6-efae-dca2-5b0c-c0ad6efa2b5b}
2015-08-29 23:11 - 2014-02-24 14:32 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2015-08-29 22:21 - 2013-10-24 10:39 - 00000000 ____D C:\WINDOWS\Registration
2015-08-29 21:16 - 2014-01-31 17:15 - 00000272 _____ C:\WINDOWS\Tasks\DTReg.job
2015-08-29 11:59 - 2014-01-26 16:23 - 00000422 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2015-08-29 11:02 - 2013-10-24 13:36 - 00547268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-29 10:58 - 2014-08-05 20:23 - 00000052 ____N C:\WINDOWS\wiaservc.log
2015-08-29 10:58 - 2014-01-26 16:21 - 00000282 _____ C:\WINDOWS\Tasks\GoforFilesUpdate.job
2015-08-28 11:43 - 2008-04-14 11:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-21 07:51 - 2013-10-24 13:33 - 00271784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-20 21:30 - 2013-10-24 22:37 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\WinRAR
2015-08-20 21:30 - 2013-10-24 11:54 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Adobe
2015-08-20 01:22 - 2013-10-24 11:53 - 00000000 ____D C:\Program Files\The KMPlayer
2015-08-20 00:51 - 2013-10-24 11:51 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Skype
2015-08-19 23:45 - 2015-05-05 16:18 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2015-08-19 14:00 - 2013-10-25 11:52 - 01072880 ____C C:\WINDOWS\system32\nvdrsdb1.bin
2015-08-19 14:00 - 2013-10-25 11:52 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-08-19 13:27 - 2013-10-24 10:41 - 00000000 ____D C:\WINDOWS\system32\DirectX
2015-08-19 02:00 - 2013-11-24 23:38 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2015-08-14 15:50 - 2015-05-05 16:18 - 00000000 ___RD C:\Program Files\Skype
2015-08-14 15:50 - 2013-10-24 11:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2015-08-14 15:38 - 2014-12-07 17:28 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
2015-08-14 15:17 - 2013-12-28 19:09 - 00000000 ____D C:\Program Files\Auslogics
2015-08-14 12:01 - 2014-08-05 03:19 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2015-08-14 03:47 - 2014-12-13 01:33 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\TeamViewer
2015-08-12 00:15 - 2013-10-24 11:46 - 00778440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-12 00:15 - 2013-10-24 11:46 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-08 21:09 - 2013-12-28 19:01 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-07-31 19:52 - 2015-05-29 23:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-31 19:52 - 2014-01-01 05:32 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-31 19:52 - 2014-01-01 05:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
 
==================== Files in the root of some directories =======
 
2013-10-30 01:43 - 2013-10-30 01:45 - 123650800 ____C () C:\Program Files\avira_free_antivirus_en.exe
2015-06-12 02:47 - 2015-06-17 10:00 - 0045194 ____C () C:\Documents and Settings\Administrator\Application Data\room_v3.dat
2013-10-26 18:49 - 2014-04-17 15:07 - 0015360 ____C () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\uninstaller.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Гост
Тази тема е заключена за нови отговори.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.