Премини към съдържанието

    Препоръчан отговор


    Здравейте, преди време ми помогнахте да се отърва от вирус, сега пак прибягвам до вашата помощ.

    С Window 8.1 съм.

    От няколко дни браузърите са изключително бавни в зареждането на страници, или изобщо не ги зареждат. В момента съм с IE, Mozilla я инсталирах и деинсталирах няколко пъти, защото все на второто отваряне на страница се зарежда винаги outsurfing, а обичайни линкове към някой сайт или страница ми зареждат рекламни банери и прочие и изобщо не стигам до предвидената дестинация. Сега съм я махнала.

    Имам и Гугл Хром, той пък изобщо не зарежда. Пробвах Опера - и тя се бъгна с този outsurfing... Последният го чистих с UnHack Me. В момента не ми прави проблем на IE, но пък това бавно зареждане....Farbar Recovery Scan Tool така и не успах да го сваля - 15-20 минути се точи, накрая го свалих на друг компютър и го метнах на моя на десктопа.

    Ето и лог файловете:

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
    Ran by CECA (administrator) on SVESVE (19-09-2015 11:53:13)
    Running from C:\Users\CECA\Desktop
    Loaded Profiles: CECA (Available Profiles: CECA)
    Platform: Windows 8.1 Pro (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Lenovo) C:\Windows\System32\LenovoUpdate.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
    (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    (Realtek semiconductor) C:\Windows\RTFTrack.exe
    (Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
    (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
    HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
    HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
    HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
    HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [10828056 2015-09-07] (Lenovo(beijing) Limited)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-09-06] (BitTorrent, Inc.)
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-07] (AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-06]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
    BootExecute: autocheck autochk * Partizan

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: 0.0.0.1 mssplus.mcafee.com
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{77D90807-B3E7-4DF6-A1D2-002BEAEED43B}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)

    FireFox:
    ========
    FF ProfilePath: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default
    FF NewTab:
    FF DefaultSearchEngine: Google
    FF SelectedSearchEngine: Google
    FF Homepage: hxxp://google.bg/
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-06] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-06] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
    FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]
    FF SearchPlugin: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml [2015-09-16]
    FF Extension: Default SearchProtected  - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com [2015-09-07]
    FF Extension: deskCut - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com [2015-09-07]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-07]
    FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-11]

    Chrome:
    =======
    CHR Profile: C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
    CHR Extension: (Google Docs) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07]
    CHR Extension: (Google Drive) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
    CHR Extension: (YouTube) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-07]
    CHR Extension: (Google Search) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-07]
    CHR Extension: (Google Sheets) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
    CHR Extension: (Google Docs Offline) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
    CHR Extension: (Avast Online Security) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-07]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
    CHR Extension: (Gmail) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-07]

    Opera:
    =======
    OPR Extension: (CinemaP-1.9cV07.09) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-09-07]
    OPR Extension: (pnaiinchjaonopoejhknmgjingcnaloc) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pnaiinchjaonopoejhknmgjingcnaloc [2015-09-11]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
    R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
    R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
    R2 LenovoSetSvr; C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe [369944 2015-09-07] (Lenovo(beijing) Limited)
    R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-09-19] (Lenovo)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-07] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-07] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-07] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-07] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-07] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-07] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-07] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-07] (AVAST Software)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
    R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-07] (Intel Corporation)
    U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-09-07] (Greatis Software)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-19 11:53 - 2015-09-19 11:53 - 00017735 _____ C:\Users\CECA\Desktop\FRST.txt
    2015-09-19 11:53 - 2015-09-19 11:53 - 00000000 ____D C:\FRST
    2015-09-19 11:52 - 2015-09-19 10:47 - 02191360 _____ (Farbar) C:\Users\CECA\Desktop\FRST64.exe
    2015-09-19 09:08 - 2015-09-19 09:08 - 00000028 _____ C:\Windows\lupdate.log
    2015-09-16 18:24 - 2015-09-16 18:24 - 00000000 ____D C:\@RestoreQuarantine
    2015-09-16 18:23 - 2015-09-16 18:23 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-09-16 18:13 - 2015-09-19 11:18 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-16 18:13 - 2015-09-19 08:52 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-16 18:13 - 2015-09-16 18:13 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-16 18:13 - 2015-09-16 18:13 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-16 18:12 - 2015-09-16 18:13 - 00000000 ____D C:\Users\CECA\AppData\Local\Deployment
    2015-09-16 18:12 - 2015-09-16 18:12 - 00000000 ____D C:\Users\CECA\AppData\Local\Apps\2.0
    2015-09-16 17:33 - 2015-09-16 17:33 - 00724384 _____ (Opera Software) C:\Users\CECA\Downloads\Opera_NI_stable.exe
    2015-09-16 17:10 - 2015-09-16 17:11 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (2).exe
    2015-09-15 21:52 - 2015-09-15 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-09-15 21:52 - 2015-09-15 21:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2015-09-13 22:21 - 2015-09-13 22:21 - 00001202 _____ C:\Users\CECA\Desktop\Documents - Shortcut.lnk
    2015-09-12 15:14 - 2015-09-16 21:27 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ArcSoft
    2015-09-12 10:21 - 2015-09-16 21:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\vlc
    2015-09-12 10:21 - 2015-09-12 20:06 - 00000000 ____D C:\Users\CECA\AppData\Temp
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\Program Files\VideoLAN
    2015-09-12 10:20 - 2015-09-12 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
    2015-09-12 10:19 - 2015-09-13 21:19 - 00000000 ____D C:\ProgramData\ArcSoft
    2015-09-12 10:19 - 2015-09-12 10:21 - 00000000 ____D C:\Users\CECA\AppData\Local\ArcSoft
    2015-09-12 10:19 - 2015-09-12 10:19 - 00002033 _____ C:\Users\Public\Desktop\TotalMedia Theatre.lnk
    2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre
    2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\Program Files (x86)\ArcSoft
    2015-09-12 10:19 - 2008-01-25 14:06 - 00010624 _____ C:\Windows\SysWOW64\Drivers\archlp.sys
    2015-09-12 10:19 - 2008-01-22 17:55 - 00061440 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MMCEDT.exe
    2015-09-12 10:19 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
    2015-09-12 10:19 - 2005-05-27 14:58 - 00393216 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUP60.dll
    2015-09-12 10:19 - 2005-05-27 14:58 - 00249856 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLURT.dll
    2015-09-12 10:19 - 2003-03-18 22:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
    2015-09-12 10:19 - 2003-02-21 04:42 - 00348160 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
    2015-09-12 10:18 - 2015-09-12 10:18 - 00015533 _____ C:\Users\CECA\Downloads\VLC Media Player 2.1.3.torrent
    2015-09-12 10:18 - 2015-09-12 10:18 - 00000000 ____D C:\Users\CECA\Downloads\VLC Media Player 2.1.3
    2015-09-12 10:12 - 2015-09-12 10:13 - 00000000 ____D C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre
    2015-09-12 10:12 - 2015-09-12 10:12 - 00016411 _____ C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre.torrent
    2015-09-11 19:10 - 2015-09-13 22:21 - 00000000 ____D C:\Users\CECA\Documents\kids
    2015-09-10 20:06 - 2015-07-04 00:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2015-09-10 20:06 - 2015-07-03 17:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2015-09-10 20:05 - 2015-09-03 05:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-09-10 20:05 - 2015-09-03 05:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-09-10 20:05 - 2015-09-02 21:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-09-10 20:05 - 2015-09-02 20:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-09-10 20:05 - 2015-07-22 17:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-09-10 20:05 - 2015-07-22 16:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-09-10 20:05 - 2015-07-17 17:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-09-10 20:05 - 2015-07-17 17:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-09-10 20:05 - 2015-07-13 22:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
    2015-09-10 20:05 - 2015-07-10 22:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
    2015-09-10 20:05 - 2015-07-09 19:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-09-10 20:05 - 2015-06-27 14:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2015-09-10 20:05 - 2015-06-19 20:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2015-09-10 18:43 - 2015-09-10 18:43 - 00058231 _____ C:\Users\CECA\Downloads\pnew.zip
    2015-09-10 18:38 - 2015-09-10 18:41 - 253063997 _____ C:\Users\CECA\Downloads\flotren.zip
    2015-09-10 18:17 - 2015-09-10 18:17 - 00065446 _____ C:\Users\CECA\Documents\cc_20150910_181717.reg
    2015-09-10 18:14 - 2015-08-27 05:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-09-10 18:14 - 2015-08-26 21:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-09-10 18:14 - 2015-08-26 17:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-09-10 18:14 - 2015-08-26 17:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-09-10 18:14 - 2015-08-26 17:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-09-10 18:14 - 2015-08-26 17:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-09-10 18:13 - 2015-07-30 20:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-09-10 18:13 - 2015-07-30 19:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-09-10 18:12 - 2015-09-02 05:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-09-10 18:12 - 2015-09-02 05:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-09-10 18:12 - 2015-09-02 05:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-09-10 18:12 - 2015-09-02 05:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-09-10 18:12 - 2015-09-02 05:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-09-10 18:12 - 2015-08-22 21:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-09-10 18:12 - 2015-08-22 20:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-09-10 18:12 - 2015-08-22 20:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-09-10 18:12 - 2015-08-22 20:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-09-10 18:12 - 2015-08-22 20:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-09-10 18:12 - 2015-08-22 20:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-09-10 18:12 - 2015-08-22 19:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-09-10 18:12 - 2015-08-22 19:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-09-10 18:12 - 2015-08-22 19:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-09-10 18:12 - 2015-08-22 19:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-09-10 18:12 - 2015-08-22 19:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-09-10 18:12 - 2015-08-22 19:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-09-10 18:12 - 2015-08-22 19:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-09-10 18:12 - 2015-08-22 19:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-09-10 18:12 - 2015-08-22 19:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-09-10 18:12 - 2015-08-22 19:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-09-10 18:12 - 2015-08-22 19:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-09-10 18:12 - 2015-08-22 19:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2015-09-10 18:12 - 2015-08-22 19:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-09-10 18:12 - 2015-08-22 19:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-09-10 18:12 - 2015-08-22 19:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-09-10 18:12 - 2015-08-22 19:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-09-10 18:12 - 2015-08-22 19:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-09-10 18:12 - 2015-08-22 19:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-09-10 18:12 - 2015-08-22 18:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-09-10 18:12 - 2015-08-22 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-09-10 18:12 - 2015-08-04 00:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-09-10 18:12 - 2015-08-04 00:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-09-10 18:12 - 2015-08-01 17:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-09-10 18:12 - 2015-08-01 06:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
    2015-09-10 18:12 - 2015-08-01 06:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
    2015-09-10 18:12 - 2015-08-01 06:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2015-09-10 18:12 - 2015-08-01 06:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2015-09-10 18:12 - 2015-08-01 06:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2015-09-10 18:12 - 2015-07-22 17:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2015-09-10 18:12 - 2015-07-22 17:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2015-09-10 18:12 - 2015-07-22 17:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2015-09-10 18:12 - 2015-07-22 17:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2015-09-10 18:12 - 2015-07-18 21:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2015-09-10 18:12 - 2015-07-18 21:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2015-09-10 18:12 - 2015-07-18 21:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
    2015-09-10 18:12 - 2015-07-18 21:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2015-09-10 18:12 - 2015-07-14 06:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
    2015-09-08 23:59 - 2015-09-19 11:48 - 00807151 _____ C:\Windows\WindowsUpdate.log
    2015-09-08 23:57 - 2015-09-08 23:57 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (1).exe
    2015-09-08 19:45 - 2015-09-08 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
    2015-09-08 19:44 - 2015-09-08 22:44 - 00000000 ____D C:\Users\CECA\Documents\Adobe
    2015-09-07 21:22 - 2015-09-07 21:22 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-07 21:21 - 2015-09-07 21:22 - 06667640 _____ (Piriform Ltd) C:\Users\CECA\Downloads\ccsetup509.exe
    2015-09-07 20:38 - 2015-09-07 20:38 - 00000000 ____D C:\Users\CECA\AppData\Local\GWX
    2015-09-07 20:03 - 2015-09-07 20:03 - 00001085 _____ C:\Users\CECA\Desktop\Exposure 7.lnk
    2015-09-07 20:03 - 2015-09-07 20:03 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alien Skin Software
    2015-09-07 19:55 - 2015-09-07 19:56 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}
    2015-09-07 19:48 - 2015-09-07 19:48 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Alien Skin
    2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\AppData\Local\Alien Skin
    2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\.AS
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\ProgramData\Alien Skin
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files\Alien Skin
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files (x86)\Alien Skin
    2015-09-07 19:19 - 2015-09-19 08:51 - 00000818 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
    2015-09-07 19:17 - 2015-09-07 19:17 - 00043312 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2015-09-07 19:13 - 2015-09-16 18:23 - 00000000 ____D C:\Users\Public\Documents\regruninfo
    2015-09-07 19:13 - 2015-09-08 23:53 - 00000000 ____D C:\Users\CECA\Documents\RegRun2
    2015-09-07 19:13 - 2015-09-08 23:52 - 00000000 ____D C:\ProgramData\RegRun
    2015-09-07 19:13 - 2015-09-07 19:13 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2015-09-07 19:13 - 2015-09-07 19:13 - 00003318 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2015-09-07 19:13 - 2015-09-07 19:13 - 00001023 _____ C:\Users\CECA\Desktop\UnHackMe.lnk
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\winstart.bat
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\Program Files (x86)\UnHackMe
    2015-09-07 19:13 - 2015-07-21 12:26 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
    2015-09-07 19:12 - 2015-09-07 19:12 - 17152670 _____ C:\Users\CECA\Downloads\unhackme(1).zip
    2015-09-07 19:11 - 2015-09-07 19:12 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]
    2015-09-07 19:10 - 2015-09-07 19:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-09-07 19:10 - 2015-09-07 19:10 - 00000000 ____D C:\Program Files (x86)\28936315-a632-47fa-b3d1-e3b83f7897c5
    2015-09-07 19:09 - 2015-09-07 19:10 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe
    2015-09-07 19:07 - 2015-09-16 18:04 - 00000000 ____D C:\Program Files (x86)\Opera
    2015-09-07 19:07 - 2015-09-07 19:07 - 17152670 _____ C:\Users\CECA\Downloads\unhackme.zip
    2015-09-07 19:07 - 2015-09-07 19:07 - 00001271 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
    2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Opera Software
    2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Opera Software
    2015-09-07 19:06 - 2015-09-07 19:06 - 00075752 _____ C:\Users\CECA\Downloads\unhackme-57046385.exe
    2015-09-07 19:06 - 2015-09-07 19:06 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    2015-09-07 19:03 - 2015-09-07 19:04 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe
    2015-09-07 19:01 - 2015-09-07 19:01 - 00000000 ____D C:\ProgramData\Lenovo
    2015-09-07 18:51 - 2015-09-07 18:51 - 00002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-bit.lnk
    2015-09-07 18:51 - 2015-09-07 18:51 - 00002083 _____ C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
    2015-09-07 11:07 - 2015-09-12 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2015-09-07 11:07 - 2015-09-11 20:43 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-07 11:07 - 2015-09-07 11:07 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
    2015-09-07 11:07 - 2015-09-06 22:41 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-09-07 11:06 - 2015-09-06 22:00 - 00002375 _____ C:\Users\CECA\Desktop\New Text Document.txt
    2015-09-07 11:01 - 2015-07-30 17:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-09-07 11:01 - 2015-07-30 16:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-09-07 06:07 - 2015-09-07 06:07 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2015-09-07 06:07 - 2015-09-07 06:07 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
    2015-09-07 06:07 - 2015-09-07 06:07 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2015-09-07 06:07 - 2015-09-07 06:07 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-09-07 06:07 - 2015-09-07 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-09-07 06:04 - 2015-09-16 18:23 - 00000000 ____D C:\Program Files (x86)\Google
    2015-09-07 06:04 - 2015-09-07 06:07 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Roaming\AVAST Software
    2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Google
    2015-09-07 06:03 - 2015-09-07 06:03 - 00000000 ____D C:\Program Files\AVAST Software
    2015-09-07 06:02 - 2015-09-07 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
    2015-09-07 02:53 - 2015-09-16 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-09-07 02:53 - 2015-09-07 10:39 - 00000000 ____D C:\Users\CECA\AppData\Local\Mozilla
    2015-09-07 02:53 - 2015-09-07 02:54 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Mozilla
    2015-09-07 02:53 - 2015-09-07 02:53 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3.exe
    2015-09-07 02:37 - 2015-04-30 02:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2015-09-07 02:37 - 2015-03-17 20:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2015-09-07 02:36 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-09-07 02:36 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-09-07 02:36 - 2015-07-16 22:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2015-09-07 02:36 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-09-07 02:36 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-09-07 02:36 - 2015-07-16 22:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2015-09-07 02:36 - 2015-07-16 21:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2015-09-07 02:36 - 2015-07-09 21:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-09-07 02:36 - 2015-06-28 08:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-09-07 02:36 - 2015-06-28 08:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-09-07 02:36 - 2015-06-28 08:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-09-07 02:36 - 2015-06-28 08:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-09-07 02:36 - 2015-06-27 19:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-09-07 02:36 - 2015-06-27 06:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-09-07 02:36 - 2015-06-27 06:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-09-07 02:36 - 2015-06-27 06:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-09-07 02:36 - 2015-06-27 06:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-09-07 02:36 - 2015-06-27 06:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-09-07 02:36 - 2015-06-27 05:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-09-07 02:36 - 2015-06-27 05:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-09-07 02:36 - 2015-06-27 05:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-09-07 02:36 - 2015-06-27 05:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-09-07 02:36 - 2015-06-27 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-09-07 02:36 - 2015-06-27 04:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-09-07 02:36 - 2015-06-16 01:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2015-09-07 02:36 - 2015-06-16 01:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-09-07 02:36 - 2015-06-16 01:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2015-09-07 02:36 - 2015-06-16 01:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2015-09-07 02:36 - 2015-06-16 00:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-09-07 02:36 - 2015-06-16 00:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-09-07 02:36 - 2015-06-16 00:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-09-07 02:36 - 2015-06-16 00:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2015-09-07 02:36 - 2015-06-16 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-09-07 02:36 - 2015-06-16 00:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2015-09-07 02:36 - 2015-06-15 23:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2015-09-07 02:36 - 2015-06-15 23:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-09-07 02:36 - 2015-06-15 23:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-09-07 02:36 - 2015-06-15 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2015-09-07 02:36 - 2015-06-15 23:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-09-07 02:36 - 2015-05-31 00:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-09-07 02:36 - 2015-05-30 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-09-07 02:36 - 2015-05-30 22:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-09-07 02:36 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-09-07 02:36 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-09-07 02:36 - 2015-05-07 20:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2015-09-07 02:36 - 2015-05-07 20:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2015-09-07 02:36 - 2015-05-07 19:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2015-09-07 02:36 - 2015-05-07 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2015-09-07 02:36 - 2015-05-07 18:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
    2015-09-07 02:36 - 2015-05-07 18:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
    2015-09-07 02:36 - 2015-05-01 02:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-09-07 02:36 - 2015-05-01 01:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-09-07 02:36 - 2015-04-21 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2015-09-07 02:36 - 2015-04-10 03:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-09-07 02:36 - 2015-04-10 03:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-09-07 02:36 - 2015-03-30 08:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-09-07 02:36 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2015-09-07 02:36 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2015-09-07 02:36 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2015-09-07 02:36 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2015-09-07 02:36 - 2015-03-20 04:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-09-07 02:36 - 2015-03-14 11:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-09-07 02:36 - 2015-03-14 11:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-09-07 02:36 - 2015-03-14 04:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-09-07 02:36 - 2015-03-09 05:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
    2015-09-07 02:36 - 2015-03-04 04:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2015-09-07 02:36 - 2015-03-04 04:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2015-09-07 02:36 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2015-09-07 02:36 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
    2015-09-07 02:35 - 2015-07-29 17:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-09-07 02:35 - 2015-07-29 17:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-09-07 02:35 - 2015-07-29 17:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-09-07 02:35 - 2015-07-29 02:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2015-09-07 02:35 - 2015-07-28 17:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-09-07 02:35 - 2015-07-16 03:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-09-07 02:35 - 2015-07-16 03:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-09-07 02:35 - 2015-07-16 03:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2015-09-07 02:35 - 2015-07-16 03:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-09-07 02:35 - 2015-07-15 00:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2015-09-07 02:35 - 2015-07-15 00:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2015-09-07 02:35 - 2015-07-15 00:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2015-09-07 02:35 - 2015-07-13 22:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-09-07 02:35 - 2015-07-13 22:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2015-09-07 02:35 - 2015-07-10 21:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2015-09-07 02:35 - 2015-07-10 20:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2015-09-07 02:35 - 2015-07-10 20:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2015-09-07 02:35 - 2015-07-10 20:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2015-09-07 02:35 - 2015-07-10 19:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2015-09-07 02:35 - 2015-07-09 19:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2015-09-07 02:35 - 2015-07-07 12:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2015-09-07 02:35 - 2015-07-07 12:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
    2015-09-07 02:35 - 2015-07-07 12:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2015-09-07 02:35 - 2015-07-02 01:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2015-09-07 02:35 - 2015-07-02 01:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2015-09-07 02:35 - 2015-07-02 00:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2015-09-07 02:35 - 2015-07-02 00:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2015-09-07 02:35 - 2015-06-27 02:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-09-07 02:35 - 2015-06-16 08:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2015-09-07 02:35 - 2015-06-16 08:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2015-09-07 02:35 - 2015-06-12 20:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2015-09-07 02:35 - 2015-06-12 19:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2015-09-07 02:35 - 2015-06-11 23:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2015-09-07 02:35 - 2015-06-11 23:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2015-09-07 02:35 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-09-07 02:35 - 2015-05-12 16:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2015-09-07 02:35 - 2015-05-11 21:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2015-09-07 02:35 - 2015-05-11 19:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
    2015-09-07 02:35 - 2015-05-07 19:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-09-07 02:35 - 2015-05-03 18:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-07 02:35 - 2015-05-03 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-07 02:35 - 2015-05-03 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2015-09-07 02:35 - 2015-05-03 17:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
    2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\system32\locale.nls
    2015-09-07 02:35 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2015-09-07 02:35 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2015-09-07 02:35 - 2015-04-25 05:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2015-09-07 02:35 - 2015-04-23 18:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2015-09-07 02:35 - 2015-04-23 18:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2015-09-07 02:35 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2015-09-07 02:35 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
    2015-09-07 02:35 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
    2015-09-07 02:35 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
    2015-09-07 02:35 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
    2015-09-07 02:35 - 2015-04-09 01:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-09-07 02:35 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
    2015-09-07 02:35 - 2015-04-03 03:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2015-09-07 02:35 - 2015-04-03 03:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2015-09-07 02:35 - 2015-04-02 01:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2015-09-07 02:35 - 2015-04-02 01:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2015-09-07 02:35 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2015-09-07 02:35 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2015-09-07 02:35 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2015-09-07 02:35 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2015-09-07 02:35 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2015-09-07 02:35 - 2015-04-01 06:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2015-09-07 02:35 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2015-09-07 02:35 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2015-09-07 02:35 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2015-09-07 02:35 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2015-09-07 02:35 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2015-09-07 02:35 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2015-09-07 02:35 - 2015-04-01 05:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2015-09-07 02:35 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2015-09-07 02:35 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2015-09-07 02:35 - 2015-03-24 00:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-09-07 02:35 - 2015-03-24 00:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-09-07 02:35 - 2015-03-20 07:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
    2015-09-07 02:35 - 2015-03-20 07:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-09-07 02:35 - 2015-03-20 07:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-09-07 02:35 - 2015-03-20 06:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-09-07 02:35 - 2015-03-20 05:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-09-07 02:35 - 2015-03-14 03:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2015-09-07 02:35 - 2015-03-13 07:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2015-09-07 02:35 - 2015-03-13 07:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2015-09-07 02:35 - 2015-03-13 05:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2015-09-07 02:35 - 2015-03-13 05:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2015-09-07 02:35 - 2015-03-13 05:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2015-09-07 02:35 - 2015-03-13 04:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2015-09-07 02:35 - 2015-03-13 03:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2015-09-07 02:35 - 2015-03-11 04:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-09-07 02:35 - 2015-03-11 04:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-09-07 02:35 - 2015-03-09 05:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
    2015-09-07 02:35 - 2015-03-06 06:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-09-07 02:35 - 2015-03-06 05:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2015-09-07 02:35 - 2015-03-06 05:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-09-07 02:35 - 2015-03-04 13:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2015-09-07 02:35 - 2015-03-04 06:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2015-09-07 02:35 - 2015-03-04 05:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2015-09-07 02:35 - 2015-02-24 11:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2015-09-07 02:35 - 2015-02-21 02:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2015-09-07 02:35 - 2015-02-18 02:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2015-09-07 02:34 - 2015-05-03 18:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2015-09-07 02:34 - 2015-05-03 17:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2015-09-07 02:30 - 2015-09-07 02:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2015-09-07 02:16 - 2015-09-07 02:16 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Macromedia
    2015-09-07 02:12 - 2015-09-19 08:55 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B794C6B0-B401-414A-8690-EE66D60178F8}
    2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieUserList
    2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieSiteList
    2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieBrowserModeList
    2015-09-07 02:11 - 2015-09-07 02:11 - 00002088 _____ C:\Users\Public\Desktop\Ръководства на потребителя.lnk
    2015-09-07 02:11 - 2015-09-07 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
    2015-09-07 02:08 - 2015-09-07 02:08 - 00000000 __SHD C:\UserGuidePDF
    2015-09-07 02:05 - 2015-09-07 02:11 - 00000000 ____D C:\Program Files (x86)\Lenovo
    2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\Lenovo
    2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\DIFX
    2015-09-07 02:05 - 2015-09-07 02:04 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
    2015-09-07 02:05 - 2015-09-07 02:04 - 00035576 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
    2015-09-07 02:04 - 2015-09-07 02:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Downloaded Installations
    2015-09-07 02:02 - 2014-03-25 15:14 - 09113304 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
    2015-09-07 02:02 - 2014-03-25 15:14 - 06340312 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
    2015-09-07 02:02 - 2014-03-25 15:14 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
    2015-09-07 02:02 - 2014-03-25 15:14 - 01157563 _____ C:\Windows\FTDataP.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00946032 _____ C:\Windows\FTData.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00817241 _____ C:\Windows\FTDataR1.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00817191 _____ C:\Windows\FTDataR0.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00472792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
    2015-09-07 02:02 - 2014-03-25 15:14 - 00419032 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
    2015-09-07 01:58 - 2015-09-07 01:58 - 00000000 ____D C:\Program Files\Elantech
    2015-09-07 01:58 - 2014-08-20 06:07 - 00045896 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller.dll
    2015-09-07 01:58 - 2014-08-19 10:59 - 00425736 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
    2015-09-07 01:55 - 2015-09-07 01:55 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Users\CECA\Intel.sav
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel.sav
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Common Files\Intel
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files (x86)\Cisco
    2015-09-07 01:53 - 2015-09-07 01:53 - 00000000 ____D C:\Windows\SysWOW64\sda
    2015-09-07 01:53 - 2014-03-27 06:06 - 00331992 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
    2015-09-07 01:53 - 2014-01-27 08:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
    2015-09-07 01:51 - 2015-09-13 21:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2015-09-07 01:51 - 2015-09-07 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
    2015-09-07 01:51 - 2014-05-29 10:55 - 00873176 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
    2015-09-07 01:51 - 2014-05-29 10:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2015-09-07 01:50 - 2015-09-19 08:54 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
    2015-09-07 01:47 - 2015-09-16 22:19 - 00181364 _____ C:\Users\Public\CAFADEBUG.log
    2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
    2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\Dolby Digital Plus
    2015-09-07 01:46 - 2015-09-07 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
    2015-09-07 01:45 - 2011-09-01 10:23 - 00447104 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
    2015-09-07 01:43 - 2014-07-16 04:34 - 00001852 _____ C:\Windows\system32\Drivers\SamSfPa.dat
    2015-09-07 01:42 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\CONEXANT
    2015-09-07 01:42 - 2015-09-07 01:42 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2015-09-07 01:42 - 2014-09-12 06:45 - 01462464 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
    2015-09-07 01:42 - 2014-03-18 20:02 - 02867928 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A52.DLL
    2015-09-07 01:42 - 2014-01-08 08:26 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
    2015-09-07 01:42 - 2013-11-15 10:08 - 00944832 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64BP07.dll
    2015-09-07 01:42 - 2013-11-15 09:37 - 01790168 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP86.dll
    2015-09-07 01:42 - 2013-08-05 13:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2015-09-07 01:42 - 2013-07-25 09:39 - 00206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
    2015-09-07 01:42 - 2013-05-15 10:27 - 00406208 _____ (Conexant Systems, Inc.) C:\Windows\system32\CSpkExt64.dll
    2015-09-07 01:42 - 2012-06-29 08:04 - 00050848 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
    2015-09-07 01:42 - 2012-01-16 05:42 - 00666240 _____ (Conexant Systems, Inc.) C:\Windows\system32\C3DHPExt64.dll
    2015-09-07 01:42 - 2011-01-18 03:35 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
    2015-09-07 01:41 - 2015-09-07 01:42 - 00000000 ____D C:\ProgramData\Conexant
    2015-09-07 01:40 - 2015-09-07 01:40 - 00872506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-09-07 01:40 - 2015-09-07 01:40 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel Corporation
    2015-09-07 01:39 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel
    2015-09-07 01:39 - 2015-09-07 01:53 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
    2015-09-07 01:39 - 2015-09-07 01:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2015-09-07 01:39 - 2015-09-07 01:39 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
    2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____D C:\ProgramData\Intel® Update Manager
    2015-09-07 01:36 - 2015-09-07 01:36 - 00000000 ____D C:\Users\CECA\Intel
    2015-09-07 01:35 - 2015-09-07 19:30 - 00000000 ____D C:\ProgramData\Package Cache
    2015-09-07 01:32 - 2015-09-07 01:32 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-09-06 22:44 - 2015-09-06 22:47 - 00001038 _____ C:\Users\Public\Desktop\Adobe Photoshop CC 2014.lnk
    2015-09-06 22:44 - 2015-09-06 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014
    2015-09-06 22:39 - 2015-09-06 22:39 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
    2015-09-06 22:37 - 2015-09-06 22:37 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
    2015-09-06 22:25 - 2015-09-06 22:27 - 00000000 ___SD C:\Windows\system32\GWX
    2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-09-06 21:53 - 2015-09-06 21:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\NVIDIA
    2015-09-06 21:52 - 2015-09-06 21:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
    2015-09-06 21:43 - 2015-09-07 18:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2015-09-06 21:39 - 2015-09-07 18:50 - 00000000 ____D C:\Program Files\Adobe
    2015-09-06 21:26 - 2015-09-06 21:29 - 00000000 ____D C:\Users\CECA\Downloads\Adobe Photoshop CC 2014 v15.2.2 RePack
    2015-09-06 21:20 - 2015-09-06 21:20 - 00659496 _____ (Best Installer) C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.exe
    2015-09-06 21:11 - 2015-09-06 20:03 - 00000000 _____ C:\Users\CECA\Downloads\password is 123
    2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\Users\CECA\AppData\Roaming\WinRAR
    2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-09-06 21:07 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files\WinRAR
    2015-09-06 21:07 - 2015-09-06 21:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Macromedia
    2015-09-06 21:06 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG
    2015-09-06 21:02 - 2015-09-06 21:03 - 00203010 ____N C:\Users\CECA\Downloads\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.zip
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\CECA\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2015-09-06 20:28 - 2015-09-19 11:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-09-06 20:28 - 2015-09-15 21:52 - 00001950 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-09-06 20:28 - 2015-09-06 20:28 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee Security Scan
    2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee
    2015-09-06 20:27 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Local\Adobe
    2015-09-06 20:26 - 2015-09-06 20:26 - 00000000 ____D C:\Users\CECA\Downloads\Adobe CS6 All Products Activator (x32 & x64)
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000959 _____ C:\Users\Public\Desktop\µTorrent.lnk
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000000 ____D C:\Program Files (x86)\uTorrent
    2015-09-06 20:23 - 2015-09-19 11:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\uTorrent
    2015-09-05 10:24 - 2015-09-05 10:24 - 00000425 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2015-09-05 10:23 - 2015-09-07 01:56 - 00000000 ____D C:\Program Files (x86)\Intel
    2015-09-05 10:23 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Intel
    2015-09-05 10:23 - 2015-09-05 10:23 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
    2015-09-05 10:23 - 2015-09-05 10:23 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
    2015-09-05 10:23 - 2014-09-23 06:41 - 24237936 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 23432464 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 17342080 _____ C:\Windows\system32\igd11dxva64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01508488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01365504 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01061376 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00768104 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00764520 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00685568 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00629272 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00510304 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00303208 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00255624 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00225792 _____ C:\Windows\system32\igdde64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00207496 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00186368 _____ C:\Windows\SysWOW64\igdde32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00175024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00174592 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00131208 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00123528 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 23969280 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 18843648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 16858480 _____ C:\Windows\SysWOW64\igd11dxva32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 08813056 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 08313344 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07802880 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07715672 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07012176 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 06932992 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 05866352 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 04726928 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
    2015-09-05 10:22 - 2014-09-23 06:41 - 04619480 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
    2015-09-05 10:22 - 2014-09-23 06:41 - 02810128 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 02772616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 02020352 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01137080 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01132960 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00883848 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00612488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00562824 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00471656 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00456296 _____ C:\Windows\system32\igfxTray.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00417896 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00397312 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00350344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00349696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00254976 _____ C:\Windows\system32\igfxCPL.cpl
    2015-09-05 10:22 - 2014-09-23 06:41 - 00224256 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00220392 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00194664 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00193672 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00184312 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3947.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00162304 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00144896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00087144 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00086632 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ C:\Windows\system32\igfxCUIServicePS.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00059392 _____ ( ) C:\Windows\system32\igfxDHLib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00031408 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00003944 _____ C:\Windows\system32\iglhxs64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
    2015-09-05 10:19 - 2015-09-16 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1004
    2015-09-05 10:19 - 2015-09-05 10:19 - 00000000 ____D C:\Intel
    2015-09-05 10:19 - 2014-09-23 06:41 - 00453872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
    2015-09-05 10:18 - 2015-09-07 19:10 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Users\CECA\AppData\Local\NVIDIA
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2015-09-05 10:18 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2015-09-05 10:18 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 06682256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 03498184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 01072272 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00929936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-09-05 10:18 - 2014-09-15 02:19 - 00606528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-09-05 10:18 - 2014-09-11 23:11 - 03961833 _____ C:\Windows\system32\nvcoproc.bin
    2015-09-05 10:17 - 2014-09-16 10:55 - 30414656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 22994632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 18314248 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 18241624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 15880864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 15246896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 12737864 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-09-05 10:17 - 2014-09-16 10:55 - 11591896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 09735816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 09693568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 03133760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 03126600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 02939208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 02755216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 01882312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433360.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 01509576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433360.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00931648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00893584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00886088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00853192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00478408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00404808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00355016 _____ C:\Windows\system32\NvIFROpenGL.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00313672 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00168664 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00141384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00023662 _____ C:\Windows\system32\nvinfo.pb
    2015-09-05 10:16 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2015-09-05 10:16 - 2014-09-16 10:55 - 25256648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 11643408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 03085600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 02709168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-09-05 10:11 - 2015-09-05 10:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll
    2015-09-05 10:11 - 2015-09-05 10:11 - 00000073 _____ C:\Users\CECA\Desktop\ActStatus.log
    2015-09-05 10:09 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Adobe
    2015-09-05 10:09 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA
    2015-09-05 10:09 - 2015-09-07 11:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Packages
    2015-09-05 10:09 - 2015-09-05 10:09 - 00001446 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-09-05 10:09 - 2015-09-05 10:09 - 00000020 ___SH C:\Users\CECA\ntuser.ini
    2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Windows\CSC
    2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Users\CECA\AppData\Local\VirtualStore
    2015-09-05 10:09 - 2015-03-11 23:47 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-05 10:09 - 2014-11-24 21:36 - 00194560 _____ C:\Users\CECA\Desktop\KMScmd.exe
    2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-09-05 10:09 - 2014-03-03 12:55 - 01425461 _____ (ByELDI 'nova-s release') C:\Users\CECA\Desktop\KMSpico.exe
    2015-09-05 10:09 - 2013-08-22 18:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-09-05 10:05 - 2015-09-05 10:05 - 00002308 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-500
    2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 __SHD C:\Recovery
    2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2015-09-05 10:04 - 2015-09-19 08:51 - 00153336 _____ C:\Windows\system32\wpbbin.exe
    2015-09-05 10:04 - 2015-09-19 08:51 - 00111088 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoCheck.exe
    2015-09-05 10:04 - 2015-09-19 08:51 - 00026608 _____ (Lenovo) C:\Windows\system32\LenovoUpdate.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-19 11:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
    2015-09-19 08:58 - 2014-11-21 10:38 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-09-19 08:51 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-09-16 22:19 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2015-09-16 17:21 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
    2015-09-12 10:34 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
    2015-09-11 18:16 - 2013-08-22 17:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-09-10 23:05 - 2015-03-11 23:16 - 00000000 ____D C:\Windows\system32\MRT
    2015-09-10 23:05 - 2014-11-21 10:18 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-10 23:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-09-08 19:51 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppCompat
    2015-09-07 21:25 - 2015-03-11 17:05 - 00000000 ____D C:\Windows\Panther
    2015-09-07 20:42 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\NDF
    2015-09-07 20:08 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Resources
    2015-09-07 11:04 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
    2015-09-07 01:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Default
    2015-09-07 01:40 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\restore
    2015-09-06 22:25 - 2015-03-11 22:04 - 00000000 ____D C:\Windows\system32\appraiser
    2015-09-06 22:25 - 2014-11-21 18:14 - 00000000 ___SD C:\Windows\system32\CompatTel
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\WinStore
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Windows Defender
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2015-09-06 22:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2015-09-06 21:43 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-09-05 11:03 - 2013-08-22 18:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
    2015-09-05 10:18 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Help
    2015-09-05 10:09 - 2015-03-11 17:28 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-09-05 10:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\Recovery
    2015-08-26 18:37 - 2015-03-11 23:16 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2015-09-07 01:42 - 2015-09-07 01:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2015-09-07 19:06 - 2015-09-07 19:06 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

    Files to move or delete:
    ====================
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-09-16 09:39

    ==================== End of FRST.txt ============================

    Addition.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте..! :)

     

    remove%20outdated.jpg Деинсталиране нa програми

    • Натиснете WindowsKey.png + R на клавиатурата си по едно и също време. Въведете appwiz.cpl и щракнете върху OK. Деинсталирайте  програмата които съм ви написал в карето:

     

    McAfee Security Scan Plus

     

    След завършване на деинсталацията, моля  да рестартирате машината си!

     

    FRST.gif Фикс с Farbar Recovery Scan Tool

     
    icon13.gif Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => fixlist.txt
    Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.
    Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

     
    ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

     

     

    xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
     
    В следващия си отговор, моля да включите следните дневници:

    • FixLog.txt
    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

     

     

     

     

    Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
    Ran by CECA (2015-09-19 12:39:25) Run:1
    Running from C:\Users\CECA\Desktop
    Loaded Profiles: CECA (Available Profiles: CECA)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    Task: {35B80DDE-DBB0-4774-9F45-354862995313} - \WPD\SqmUpload_S-1-5-21-1218914521-3287957943-3067180699-1001 -> No File <==== ATTENTION
    Task: {962C1B62-7CD1-4C78-B618-FD1BA30BF82F} - \Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1001 -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe:typelib
    AlternateDataStreams: C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe:typelib
    RemoveProxy:
    Hosts:
    cmd: netsh winsock reset catalog
    cmd: ipconfig /flushdns
    emptytemp:
    reboot:
    end
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35B80DDE-DBB0-4774-9F45-354862995313}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35B80DDE-DBB0-4774-9F45-354862995313}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1218914521-3287957943-3067180699-1001" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{962C1B62-7CD1-4C78-B618-FD1BA30BF82F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{962C1B62-7CD1-4C78-B618-FD1BA30BF82F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1001" => key removed successfully
    C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe => ":typelib" ADS removed successfully.
    C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe => ":typelib" ADS removed successfully.

    ========= RemoveProxy: =========

    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

    ========= End of RemoveProxy: =========

    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.

    =========  netsh winsock reset catalog =========

    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.

    ========= End of CMD: =========

    =========  ipconfig /flushdns =========

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========

    EmptyTemp: => 65 MB temporary data Removed.

    The system needed a reboot..

    ==== End of Fixlog 12:39:55 ====

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Моля, изтеглете ZOEK (by Smeenk) и да го запишете на вашия работен плот
    Временно деактивирайте вашата антивирусна и антишпионска защита - инструкции тук

    • Щракнете с десния бутон върху тази икона  51a612a8b27e2-Zoek.pngи изберете RunAsAdmin.jpg Run as Administrator, за да стартирате инструмента.
    • Изчакайте търпеливо, докато  се появи  главната конзола (може да отнеме минута или две).

     

    52b6de58f1952-Zoek_Startpagina_5.0.0.0.P

     

    • В главния прозорец, моля поставете в следния скрипт:

     

    createsrpoint;
    autoclean;
    emptyclsid;
    emptyalltemp;

     

    • Уверете се, че  опцията Scan All Users е маркирана.
    • Натиснете Run Script и изчакайте. Сканирането може да отнеме няколко минути.
    • Когато сканирането приключи, ще се отвори лог файл с име zoek-results.
    • Ако е необходимо рестартиране, той ще се отвори след това.
    • Копирайте съдържанието му в следващия си отговор.

     

    xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • Лог файл с име zoek-results
    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Знам, че е Off Topic и нямам право да пиша тук колега Icotonev, но се радвам, че отново си сред нас.  :)


    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Пуснах скан на зоек, обаче нещата май спряха до: --- Create Backups 16:15:28,54

     

    И оттогава нищо не се изписва...Зоек-файл няма създаден.

     

    Emokostov, то не че е хубав поводът да се появявам, но пък е радост да общувам с хората от сайта :)

     

    П.П.

    Ето това е всичко от началото на зоек-скан:

    Zoek.exe v5.0.0.0 Updated 19-09-2015
    Tool run by CECA on бкЎ 19.09.2015 Ј. at 16:03:30,99.
    Microsoft Windows 8.1 Pro 6.3.9600  x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\CECA\Desktop\zoek.exe [scan all users] [script inserted]

    ===== Runcheck 16:06:22,45 =====

    --- Create Environment Variables 16:06:25,43
    --- Create System Restore Point 16:06:37,56
    --- Checking Input 16:06:51,99
    --- AU AppData Check 16:07:02,67
    --- Remove From Windows Installer 16:07:04,72
    --- Empty Folders Check 16:07:37,96
    --- Registry HKLM Software Check 16:07:37,98
    --- Quick Launch Shortcut Check 16:07:45,87
    --- IE Startpage Check 16:07:48,33
    --- Program Files DB Check 16:07:58,16
    --- C:\Users\CECA\AppData\Roaming DB Check 16:08:42,43
    --- C:\Users\Default\AppData\Roaming DB Check 16:08:42,43
    --- C:\Users\Default User\AppData\Roaming DB Check 16:08:42,43
    --- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 16:08:42,43
    --- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 16:08:42,43
    --- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 16:08:42,43
    --- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 16:08:42,43
    --- C:\Users\CECA DB Check 16:10:43,81
    --- C:\PROGRA~3 DB Check 16:10:59,80
    --- C:\Users\CECA\AppData\Local DB Check 16:11:02,95
    --- C:\Users\Default\AppData\Local DB Check 16:11:02,95
    --- C:\Users\Default User\AppData\Local DB Check 16:11:02,95
    --- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 16:11:02,95
    --- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 16:11:02,95
    --- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 16:11:02,95
    --- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 16:11:02,95
    --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 16:12:23,72
    --- C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 16:12:32,44
    --- Tasks DB Check 16:12:37,88
    --- Downloads DB Check 16:12:41,74
    --- C:\Users\CECA\AppData\LocalLow DB Check 16:12:45,82
    --- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 16:12:45,82
    --- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 16:12:45,82
    --- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 16:12:45,82
    --- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 16:12:45,82
    --- Tasks2 DB Check 16:13:29,45
    --- Documents DB Check 16:13:55,78
    --- C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default DB Check 16:14:02,19
    --- C:\Users\Public\Desktop DB Check 16:14:04,14
    --- C:\Users\CECA\Desktop DB Check 16:14:08,14
    --- Services DB Check 16:14:14,91
    --- FF prefs.js DB Check 16:14:28,85
    --- Emptyclsid 16:15:01,24
    --- Del by CLSID 16:15:02,62
    --- Delete Services 16:15:24,56
    --- Firefox Fix 16:15:26,32
    --- Delete files\folders 16:15:28,47
    --- Create Backups 16:15:28,54

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Какво е моментното състояние на системата..Има ли подобрение..? Наблюдавате ли някакви нередности..? Как са браузърите..?

     

     

    icon_zps423a0d9f.jpgМоля изтеглете ZHPcleaner и я запазете на вашия десктоп.

    • Стартирайте ZHPCleaner с десен клик върху файла и изберете от контекстното меню "Run as administrator"
    • Кликнете върху Ashampoo_Snap_20140819_13h09m50s_001__zp за да се съгласите с лицензионното споразумение.
    • Изберете бутона y3pI4LR.png.
    • Браузърите ще бъдат затворени автоматично.
    • Ще се отвори лог файл след приключването на проверката.
    • Публикувайте лог файла в следващия си коментар.

     

     

    Сканиране с AdwCleaner
     
    Моля, изтеглете и стартирайте програмата AdwCleaner (by Xplode):

    • Затворете всички стартирани програми и браузъри
    • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
    • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
    • Маркирайте Clean
    • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
    • Моля, да публикувате съдържанието на този лог в отговора си
    • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

     

     

    Сканиране с Junkware Removal Tool
     
    Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

    • Спрете временно работата на защитните програми.
    • Стартирайте инструмента JRT.exe
    • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
    • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
    • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
    • Моля копирайте съдържанието на лог файла в следващия си пост.

     

     

     

    Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • Лог файл от ZHPCleaner
    • AdwCleaner[s0].txt
    • JRT.txt
    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте,

     

    Програмата зоек си остана на същото ниво. Като се опитам да я изключа, ми излиза надпис, че все още работи. Какво да я правя? :)

    За браузърите - има частично подобрение, в смисъл  - някои страници зарежда бързо, други ги върти до откат...Facebook се затруднява да отвори например.

     

    Другото странно нещо е, че като отворя една страница, автоматично ме мята долу в нейния край. Първо мислех, че е някаква опция тук на форумите да те препращат направо долу, където се публикува ново мнение, но от вчера го забелязвам и при други страници и сайтове.

     

    Сега ще пусна другите програми...,

    ~ ZHPCleaner v2015.9.19.352 by Nicolas Coolman (2015/09/19)
    ~ Run by CECA (Administrator)  (20/09/2015 10:07:32)
    ~ Site : http://www.nicolascoolman.fr
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version : Version OK
    ~ Type : Scan
    ~ Report : C:\Users\CECA\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\CECA\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 8.1 Pro, 64-bit  (Build 9600)

    ---\\  Services (0)
    ~ No malicious or unnecessary items found.

    ---\\  Browser internet (21)
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.alias", "oursurfing");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.iconURL", "http://www.oursurfing.com/favicon.ico");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.name", "oursurfing");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.ptid", "amt");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.uid", "ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC");  =>PUP.Optional.SearchEngine
    FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.url", "http://www.oursurfing.com/web/?type=ds&ts=1441641884&z[...]  =>PUP.Optional.SearchEngine
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml    =>PUP.Optional.OurSurfing
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\chrome    =>PUP.Optional.PriceFountain
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\chrome.manifest    =>PUP.Optional.PriceFountain
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\install.rdf    =>PUP.Optional.PriceFountain
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\chrome    =>PUP.Optional.DeskCut
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\chrome.manifest    =>PUP.Optional.DeskCut
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\defaults    =>PUP.Optional.DeskCut
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\install.rdf    =>PUP.Optional.DeskCut
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\modules    =>PUP.Optional.DeskCut
    FOUND folder: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com  =>PUP.Optional.PriceFountain
    FOUND folder: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com  =>PUP.Optional.DeskCut
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com    =>PUP.Optional.PriceFountain
    FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com    =>PUP.Optional.DeskCut
    FOUND folder: C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi  =>Opera

    ---\\  Hosts file (1)
    ~ The hosts file is legitimate (1)

    ---\\  Scheduled automatic tasks. (0)
    ~ No malicious or unnecessary items found.

    ---\\  Explorer ( File, Folder) (14)
    FOUND file: C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk  [bad : C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe]  =>PUP.Optional.CrossBrowse
    FOUND file: C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk    =>PUP.Optional.CrossBrowse
    FOUND file: C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf    =>PUP.Optional.CrossBrowse
    FOUND file: C:\Windows\Prefetch\KMSPICO.EXE-79BADEE3.pf    =>HackTool.KMSpico
    FOUND file: C:\Users\CECA\Desktop\KMSpico.exe [byELDI 'nova-s release' - KMSpico portable]  =>HackTool.KMSpico
    FOUND file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse\Crossbrowse.lnk    =>PUP.Optional.CrossBrowse
    FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse  =>PUP.Optional.CrossBrowse
    FOUND folder: C:\Windows\Installer\MSIA11B.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSIA245.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSIBC52.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSIC135.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSICA71.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSIF3E1.tmp-  =>Empty
    FOUND folder: C:\Windows\Installer\MSIF4CC.tmp-  =>Empty

    ---\\  Registry ( Key, Value, Data) (87)
    FOUND value: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\defsearchp@gmail.com [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com]  =>PUP.Optional.PriceFountain
    FOUND value: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com]  =>PUP.Optional.DeskCut
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 [globalUpdate Update]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 [globalUpdate Update]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse ["C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" (Not File)]  =>PUP.Optional.CrossBrowse
    FOUND value: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
    FOUND value: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
    FOUND value: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
    FOUND value: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
    FOUND value: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
    FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>Heuristic.CrossRider
    FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>Heuristic.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\10b4f199-2687-41ac-add3-c31f74b8a819 []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>Heuristic.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>Heuristic.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\ArenaHD []  =>PUP.Optional.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Crossbrowse []  =>PUP.Optional.CrossBrowse
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CrossBrowser []  =>PUP.Optional.CrossBrowser
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\globalUpdate []  =>PUP.Optional.GlobalUpdate
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\HighDefAction []  =>PUP.Optional.CrossRider
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
    FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\YorkNewCin []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\ArenaHD []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\Crossbrowse []  =>PUP.Optional.CrossBrowse
    FOUND key: HKCU\Software\CrossBrowser []  =>PUP.Optional.CrossBrowser
    FOUND key: HKCU\Software\globalUpdate []  =>PUP.Optional.GlobalUpdate
    FOUND key: HKCU\Software\HighDefAction []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
    FOUND key: HKCU\Software\YorkNewCin []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\AppDataLow\Software\Crossrider []  =>PUP.Optional.CrossRider
    FOUND key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com []  =>Toolbar.Ask
    FOUND key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [12]  =>Toolbar.Ask
    FOUND key: HKCU\Software\Mozilla\Extends []  =>PUP.Optional.FastStart
    FOUND key: [X64] HKLM\SOFTWARE\Classes\Crossbrowse []  =>PUP.Optional.CrossBrowse
    FOUND key: [X64] HKLM\SOFTWARE\Classes\CRSBRWSHTML [Crossbrowse HTML Document]  =>PUP.Optional.CrossBrowse
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 [globalUpdate Update Plugin]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine [globalUpdate.OneClickProcessLauncher]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 [globalUpdate.OneClickProcessLauncher]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 [globalUpdate Update Plugin]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync [CoCreateAsync]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 [CoCreateAsync]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine [GoogleUpdate CredentialDialog]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 [GoogleUpdate CredentialDialog]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher [Google Update Process Launcher Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro []  =>PUP.Optional.WdsManPro
    FOUND key: [X64] HKLM\SOFTWARE\ArenaHD []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\HighDefAction []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
    FOUND key: [X64] HKLM\SOFTWARE\YorkNewCin []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe []  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Crossbrowse []  =>PUP.Optional.CrossBrowse
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\FFPluginHp []  =>PUP.Optional.SweetSearch
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate []  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware []  =>PUP.Optional.OurSurfing
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\WdsManPro []  =>PUP.Optional.WdsManPro
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin []  =>PUP.Optional.CrossRider
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [C:\Program Files (x86)\globalUpdate\Update (Not File)]  =>PUP.Optional.GlobalUpdate
    FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 (Not File)]  =>PUP.Optional.GlobalUpdate

    ---\\ Result of repair
    ~ Any repair made

    ---\\ Statistics
    ~ Items scanned : 69075
    ~ Items found : 128
    ~ Items cancelled : 0
    ~ Items repaired : 0

    ~ End of search in 2 minutes
    ===================
    ZHPCleaner--20092015-10_09_37.txt

     

     

     

    # AdwCleaner v5.008 - Logfile created 20/09/2015 at 10:18:54
    # Updated 18/09/2015 by Xplode
    # Database : 2015-09-17.3 [server]
    # Operating system : Windows 8.1 Pro  (x64)
    # Username : CECA - SVESVE
    # Running from : C:\Users\CECA\Desktop\adwcleaner_5.008.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****

    ***** [ Folders ] *****

    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
    [-] Folder Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com
    [-] Folder Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com

    ***** [ Files ] *****

    [-] File Deleted : C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
    [-] File Deleted : C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
    [-] File Deleted : C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
    [-] File Deleted : C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
    [-] File Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml

    ***** [ Shortcuts ] *****

    ***** [ Scheduled tasks ] *****

    [-] Task Deleted : amiupdaterExd
    [-] Task Deleted : amiupdaterExi

    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
    [-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
    [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
    [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
    [-] Key Deleted : HKCU\Software\Mozilla\Extends
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
    [-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
    [-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
    [-] Key Deleted : HKLM\SOFTWARE\10b4f199-2687-41ac-add3-c31f74b8a819
    [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
    [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
    [-] Key Deleted : HKCU\Software\GlobalUpdate
    [-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
    [-] Key Deleted : HKCU\Software\CrossBrowser
    [-] Key Deleted : HKCU\Software\Crossbrowse
    [-] Key Deleted : HKCU\Software\YorkNewCin
    [-] Key Deleted : HKCU\Software\HighDefAction
    [-] Key Deleted : HKCU\Software\ArenaHD
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    [-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
    [-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
    [-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    [-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
    [-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
    [-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
    [-] Key Deleted : HKLM\SOFTWARE\HighDefAction
    [-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
    [-] Key Deleted : HKLM\SOFTWARE\ArenaHD
    [-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
    [-] Key Deleted : HKLM\SOFTWARE\WdsManPro
    [!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
    [!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
    [!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
    [!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
    [!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
    [!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
    [!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
    [-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
    [-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
    [-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
    [-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
    [!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
    [!] Key Not Deleted : HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\AppDataLow\Software\Crossrider
    [!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE

    ***** [ Web browsers ] *****

    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "oursurfing");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/favicon.ico");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "oursurfing");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.ptid", "amt");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.uid", "ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC");
    [-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=ds&ts=1441641884&z=9355f2c44cc90163249910dgbzczbg9qazbg3t5g5z&from=amt&uid=ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC&q[...]
    [-] [C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com

    *************************

    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9952 bytes] ##########

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • Лог файл от ZHPCleaner
    • AdwCleaner[s0].txt
    • JRT.txt

     

    Остана още един дневник..?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.6.2 (09.14.2015:1)
    OS: Windows 8.1 Pro x64
    Ran by CECA on ­Ґ¤ 20.09.2015 Ј. at 10:24:30,70
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    ~~~ Services

     

    ~~~ Tasks

     

    ~~~ Registry Values

     

    ~~~ Registry Keys

     

    ~~~ Files

     

    ~~~ Folders

     

    ~~~ Chrome

    [C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []

     

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on ­Ґ¤ 20.09.2015 Ј. at 10:29:25,27
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    • Стартирайте ZHPCleaner с десен клик върху файла и изберете от контекстното меню "Run as administrator"
    • Кликнете върху Ashampoo_Snap_20140819_13h09m50s_001__zp за да се съгласите с лицензионното споразумение.
    • Направете нова проверка и след като приключи натиснете бутона slm23Pe.png
    • Браузърите ще бъдат затворени автоматично.
    • Ще се отвори лог файл след прикючването на проверката.
    • Публикувайте лог файла в следващия си коментар.
    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Направих го, но не ми се появи лог файл, а се отвори Гугл Хроме с този линк: http://www.nicolascoolman.fr/forum/

     

    Как да изкарам лог, има един бутон Report, дали от него няма да излезе?

     

    Натиснах Рипорта и ето резултат:

    ~ ZHPCleaner v2015.9.19.352 by Nicolas Coolman (2015/09/19)
    ~ Run by CECA (Administrator)  (20/09/2015 10:59:31)
    ~ Site : http://www.nicolascoolman.fr
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version : Version KO
    ~ Type : Repair
    ~ Report : C:\Users\CECA\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\CECA\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 8.1 Pro, 64-bit  (Build 9600)

    ---\\  Services (0)
    ~ No malicious or unnecessary items found.

    ---\\  Browser internet (0)

    ---\\  Hosts file (1)
    ~ The hosts file is legitimate (1)

    ---\\  Scheduled automatic tasks. (0)
    ~ No malicious or unnecessary items found.

    ---\\  Explorer ( File, Folder) (10)
    MOVED file: C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf    =>PUP.Optional.CrossBrowse
    MOVED file: C:\Users\CECA\Desktop\KMSpico.exe [byELDI 'nova-s release' - KMSpico portable]  =>HackTool.KMSpico
    MOVED folder: C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi  =>PUP.Optional.CrossRider
    MOVED folder: C:\Windows\Installer\MSIA11B.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSIA245.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSIBC52.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSIC135.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSICA71.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSIF3E1.tmp-  =>Empty
    MOVED folder: C:\Windows\Installer\MSIF4CC.tmp-  =>Empty

    ---\\  Registry ( Key, Value, Data) (13)
    DELETED key*: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    DELETED key*: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    DELETED key*: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
    DELETED key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
    DELETED key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
    DELETED key: HKCU\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com []  =>Toolbar.Ask
    DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [12]  =>Toolbar.Ask
    DELETED key*: [X64] HKLM\SOFTWARE\Classes\Crossbrowse []  =>PUP.Optional.CrossBrowse
    DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro []  =>PUP.Optional.WdsManPro
    DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider

    ---\\ Result of repair
    ~ Repair carried out successfully

    ---\\ Statistics
    ~ Items scanned : 1080
    ~ Items found : 0
    ~ Items cancelled : 0
    ~ Items repaired : 23

    ~ End of clean in 0 minutes
    ===================
    ZHPCleaner-[R]-20092015-10_59_48.txt
    ZHPCleaner--20092015-10_09_37.txt
    ZHPCleaner--20092015-10_58_57.txt

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Изтрийте FRST.exe и логовете към нея. След това изтеглете отново свежа версия и повторете сканирането по тази инструкция:

     

    Сканиране с Farbar Recovery Scan Tool

     

    • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
    • Стартирайте файла FRST.exe (или FRST64.exe)
    • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
    • Натиснете бутона YClYkft.jpg.
    • Изчакайте търпеливо проверката да приключи.
    • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
    • Копирайте съдържанието на файла FRST.txt в следващия си пост. Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

     

      Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • FRST.txt (копирате цялото съдържание)
    • Addition.txt (прикачате..)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
    Ran by CECA (administrator) on SVESVE (20-09-2015 13:01:20)
    Running from C:\Users\CECA\Desktop
    Loaded Profiles: CECA (Available Profiles: CECA)
    Platform: Windows 8.1 Pro (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
    HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
    HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
    HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
    HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [10828056 2015-09-07] (Lenovo(beijing) Limited)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-09-06] (BitTorrent, Inc.)
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-07] (AVAST Software)
    BootExecute: autocheck autochk * Partizan

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{77D90807-B3E7-4DF6-A1D2-002BEAEED43B}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
    HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKU\S-1-5-21-1218914521-3287957943-3067180699-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)

    FireFox:
    ========
    FF ProfilePath: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default
    FF NewTab:
    FF DefaultSearchEngine: Google
    FF SelectedSearchEngine: Google
    FF Homepage: hxxp://google.bg/
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-06] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-06] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-07]
    FF Extension: No Name - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com [not found]
    FF Extension: No Name - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com [not found]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-11]

    Chrome:
    =======
    CHR Profile: C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
    CHR Extension: (Google Docs) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07]
    CHR Extension: (Google Drive) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
    CHR Extension: (YouTube) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-07]
    CHR Extension: (Google Search) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-07]
    CHR Extension: (Google Sheets) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
    CHR Extension: (Google Docs Offline) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
    CHR Extension: (Avast Online Security) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-16]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-07]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
    CHR Extension: (Gmail) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-07]

    Opera:
    =======
    OPR Extension: (pnaiinchjaonopoejhknmgjingcnaloc) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pnaiinchjaonopoejhknmgjingcnaloc [2015-09-11]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
    S2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
    S2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
    S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
    S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
    S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
    S2 LenovoSetSvr; C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe [369944 2015-09-07] (Lenovo(beijing) Limited)
    S3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-09-20] (Lenovo)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
    S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-07] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-07] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-07] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-07] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-07] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-07] (AVAST Software)
    S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-07] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-07] (AVAST Software)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
    R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-07] (Intel Corporation)
    U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-09-07] (Greatis Software)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-20 13:01 - 2015-09-20 13:01 - 00014408 _____ C:\Users\CECA\Desktop\FRST.txt
    2015-09-20 12:59 - 2015-09-20 13:00 - 02191360 _____ (Farbar) C:\Users\CECA\Desktop\FRST64.exe
    2015-09-20 12:07 - 2015-09-20 12:07 - 00003282 _____ C:\Users\CECA\Desktop\ZHPCleaner2.txt
    2015-09-20 10:29 - 2015-09-20 10:29 - 00001065 _____ C:\Users\CECA\Desktop\JRT.txt
    2015-09-20 10:23 - 2015-09-20 10:23 - 01798976 _____ (Malwarebytes) C:\Users\CECA\Desktop\JRT.exe
    2015-09-20 10:18 - 2015-09-20 10:18 - 00000000 ____D C:\AdwCleaner
    2015-09-20 10:16 - 2015-09-20 10:16 - 01662976 _____ C:\Users\CECA\Desktop\adwcleaner_5.008.exe
    2015-09-20 10:09 - 2015-09-20 10:59 - 00003282 _____ C:\Users\CECA\Desktop\ZHPCleaner.txt
    2015-09-20 10:07 - 2015-09-20 10:59 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ZHP
    2015-09-20 10:07 - 2015-09-20 10:56 - 00000873 _____ C:\Users\CECA\Desktop\ZHPCleaner.lnk
    2015-09-20 10:01 - 2015-09-20 10:04 - 01961472 _____ C:\Users\CECA\Desktop\ZHPCleaner.exe
    2015-09-19 20:56 - 2015-09-19 20:56 - 00010240 ___SH C:\Users\CECA\Desktop\Thumbs.db
    2015-09-19 19:18 - 2015-09-19 19:18 - 00000873 _____ C:\Users\CECA\Documents\Music - Shortcut.lnk
    2015-09-19 16:15 - 2015-09-19 16:15 - 00000021 _____ C:\folders.log
    2015-09-19 16:15 - 2015-09-19 16:15 - 00000000 ____D C:\zoek
    2015-09-19 16:15 - 2015-09-19 16:15 - 00000000 ____D C:\Users\CECA\AppData\Local\VirtualStore
    2015-09-19 16:06 - 2015-09-19 16:15 - 00002030 _____ C:\zoek-results.log
    2015-09-19 16:03 - 2015-09-19 16:15 - 00003009 _____ C:\runcheck.txt
    2015-09-19 16:01 - 2015-09-19 16:15 - 00000000 ____D C:\zoek_backup
    2015-09-19 15:57 - 2015-09-19 15:55 - 01308672 _____ C:\Users\CECA\Desktop\zoek.exe
    2015-09-19 12:38 - 2015-09-19 12:38 - 00001372 _____ C:\Users\CECA\Downloads\fixlist.txt
    2015-09-19 12:25 - 2015-09-20 10:19 - 00001142 _____ C:\Windows\setupact.log
    2015-09-19 12:25 - 2015-09-20 10:19 - 00000900 _____ C:\Windows\PFRO.log
    2015-09-19 12:25 - 2015-09-19 12:25 - 00000000 _____ C:\Windows\setuperr.log
    2015-09-19 11:53 - 2015-09-20 13:01 - 00000000 ____D C:\FRST
    2015-09-19 09:08 - 2015-09-20 10:23 - 00000196 _____ C:\Windows\lupdate.log
    2015-09-16 18:24 - 2015-09-16 18:24 - 00000000 ____D C:\@RestoreQuarantine
    2015-09-16 18:23 - 2015-09-16 18:23 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-09-16 18:13 - 2015-09-20 12:18 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-16 18:13 - 2015-09-20 10:20 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-16 18:13 - 2015-09-16 18:13 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-16 18:13 - 2015-09-16 18:13 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-16 18:12 - 2015-09-16 18:13 - 00000000 ____D C:\Users\CECA\AppData\Local\Deployment
    2015-09-16 18:12 - 2015-09-16 18:12 - 00000000 ____D C:\Users\CECA\AppData\Local\Apps\2.0
    2015-09-16 17:33 - 2015-09-16 17:33 - 00724384 _____ (Opera Software) C:\Users\CECA\Downloads\Opera_NI_stable.exe
    2015-09-16 17:10 - 2015-09-16 17:11 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (2).exe
    2015-09-13 22:21 - 2015-09-13 22:21 - 00001202 _____ C:\Users\CECA\Desktop\Documents - Shortcut.lnk
    2015-09-12 15:14 - 2015-09-16 21:27 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ArcSoft
    2015-09-12 10:21 - 2015-09-16 21:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\vlc
    2015-09-12 10:21 - 2015-09-12 20:06 - 00000000 ____D C:\Users\CECA\AppData\Temp
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\Program Files\VideoLAN
    2015-09-12 10:20 - 2015-09-12 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
    2015-09-12 10:19 - 2015-09-13 21:19 - 00000000 ____D C:\ProgramData\ArcSoft
    2015-09-12 10:19 - 2015-09-12 10:21 - 00000000 ____D C:\Users\CECA\AppData\Local\ArcSoft
    2015-09-12 10:19 - 2015-09-12 10:19 - 00002033 _____ C:\Users\Public\Desktop\TotalMedia Theatre.lnk
    2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre
    2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\Program Files (x86)\ArcSoft
    2015-09-12 10:19 - 2008-01-25 14:06 - 00010624 _____ C:\Windows\SysWOW64\Drivers\archlp.sys
    2015-09-12 10:19 - 2008-01-22 17:55 - 00061440 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MMCEDT.exe
    2015-09-12 10:19 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
    2015-09-12 10:19 - 2005-05-27 14:58 - 00393216 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUP60.dll
    2015-09-12 10:19 - 2005-05-27 14:58 - 00249856 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLURT.dll
    2015-09-12 10:19 - 2003-03-18 22:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
    2015-09-12 10:19 - 2003-02-21 04:42 - 00348160 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
    2015-09-12 10:18 - 2015-09-12 10:18 - 00015533 _____ C:\Users\CECA\Downloads\VLC Media Player 2.1.3.torrent
    2015-09-12 10:18 - 2015-09-12 10:18 - 00000000 ____D C:\Users\CECA\Downloads\VLC Media Player 2.1.3
    2015-09-12 10:12 - 2015-09-12 10:13 - 00000000 ____D C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre
    2015-09-12 10:12 - 2015-09-12 10:12 - 00016411 _____ C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre.torrent
    2015-09-11 19:10 - 2015-09-13 22:21 - 00000000 ____D C:\Users\CECA\Documents\kids
    2015-09-10 20:06 - 2015-07-04 00:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2015-09-10 20:06 - 2015-07-03 17:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2015-09-10 20:05 - 2015-09-03 05:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-09-10 20:05 - 2015-09-03 05:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-09-10 20:05 - 2015-09-02 21:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-09-10 20:05 - 2015-09-02 20:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-09-10 20:05 - 2015-07-22 17:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-09-10 20:05 - 2015-07-22 16:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-09-10 20:05 - 2015-07-17 17:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-09-10 20:05 - 2015-07-17 17:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-09-10 20:05 - 2015-07-13 22:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
    2015-09-10 20:05 - 2015-07-10 22:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
    2015-09-10 20:05 - 2015-07-09 19:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-09-10 20:05 - 2015-06-27 14:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2015-09-10 20:05 - 2015-06-19 20:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2015-09-10 18:43 - 2015-09-10 18:43 - 00058231 _____ C:\Users\CECA\Downloads\pnew.zip
    2015-09-10 18:38 - 2015-09-10 18:41 - 253063997 _____ C:\Users\CECA\Downloads\flotren.zip
    2015-09-10 18:17 - 2015-09-10 18:17 - 00065446 _____ C:\Users\CECA\Documents\cc_20150910_181717.reg
    2015-09-10 18:14 - 2015-08-27 05:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-09-10 18:14 - 2015-08-26 21:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-09-10 18:14 - 2015-08-26 21:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-09-10 18:14 - 2015-08-26 17:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-09-10 18:14 - 2015-08-26 17:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-09-10 18:14 - 2015-08-26 17:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-09-10 18:14 - 2015-08-26 17:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-09-10 18:14 - 2015-08-26 17:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-09-10 18:13 - 2015-07-30 20:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-09-10 18:13 - 2015-07-30 19:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-09-10 18:12 - 2015-09-02 05:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-09-10 18:12 - 2015-09-02 05:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-09-10 18:12 - 2015-09-02 05:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-09-10 18:12 - 2015-09-02 05:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-09-10 18:12 - 2015-09-02 05:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-09-10 18:12 - 2015-08-22 21:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-09-10 18:12 - 2015-08-22 20:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-09-10 18:12 - 2015-08-22 20:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-09-10 18:12 - 2015-08-22 20:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-09-10 18:12 - 2015-08-22 20:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-09-10 18:12 - 2015-08-22 20:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-09-10 18:12 - 2015-08-22 19:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-09-10 18:12 - 2015-08-22 19:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-09-10 18:12 - 2015-08-22 19:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-09-10 18:12 - 2015-08-22 19:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-09-10 18:12 - 2015-08-22 19:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-09-10 18:12 - 2015-08-22 19:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-09-10 18:12 - 2015-08-22 19:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-09-10 18:12 - 2015-08-22 19:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-09-10 18:12 - 2015-08-22 19:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-09-10 18:12 - 2015-08-22 19:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-09-10 18:12 - 2015-08-22 19:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-09-10 18:12 - 2015-08-22 19:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-09-10 18:12 - 2015-08-22 19:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2015-09-10 18:12 - 2015-08-22 19:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-09-10 18:12 - 2015-08-22 19:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-09-10 18:12 - 2015-08-22 19:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-09-10 18:12 - 2015-08-22 19:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-09-10 18:12 - 2015-08-22 19:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-09-10 18:12 - 2015-08-22 19:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-09-10 18:12 - 2015-08-22 18:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-09-10 18:12 - 2015-08-22 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-09-10 18:12 - 2015-08-04 00:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-09-10 18:12 - 2015-08-04 00:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-09-10 18:12 - 2015-08-01 17:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-09-10 18:12 - 2015-08-01 06:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
    2015-09-10 18:12 - 2015-08-01 06:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
    2015-09-10 18:12 - 2015-08-01 06:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2015-09-10 18:12 - 2015-08-01 06:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2015-09-10 18:12 - 2015-08-01 06:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2015-09-10 18:12 - 2015-07-22 17:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2015-09-10 18:12 - 2015-07-22 17:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
    2015-09-10 18:12 - 2015-07-22 17:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2015-09-10 18:12 - 2015-07-22 17:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2015-09-10 18:12 - 2015-07-18 21:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2015-09-10 18:12 - 2015-07-18 21:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2015-09-10 18:12 - 2015-07-18 21:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
    2015-09-10 18:12 - 2015-07-18 21:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2015-09-10 18:12 - 2015-07-14 06:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
    2015-09-08 23:59 - 2015-09-20 11:46 - 00918607 _____ C:\Windows\WindowsUpdate.log
    2015-09-08 23:57 - 2015-09-08 23:57 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (1).exe
    2015-09-08 19:44 - 2015-09-08 22:44 - 00000000 ____D C:\Users\CECA\Documents\Adobe
    2015-09-07 21:22 - 2015-09-07 21:22 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\Program Files\CCleaner
    2015-09-07 21:21 - 2015-09-07 21:22 - 06667640 _____ (Piriform Ltd) C:\Users\CECA\Downloads\ccsetup509.exe
    2015-09-07 20:38 - 2015-09-07 20:38 - 00000000 ____D C:\Users\CECA\AppData\Local\GWX
    2015-09-07 20:03 - 2015-09-07 20:03 - 00001085 _____ C:\Users\CECA\Desktop\Exposure 7.lnk
    2015-09-07 20:03 - 2015-09-07 20:03 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alien Skin Software
    2015-09-07 19:55 - 2015-09-07 19:56 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}
    2015-09-07 19:48 - 2015-09-07 19:48 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Alien Skin
    2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\AppData\Local\Alien Skin
    2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\.AS
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\ProgramData\Alien Skin
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files\Alien Skin
    2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files (x86)\Alien Skin
    2015-09-07 19:19 - 2015-09-20 10:19 - 00000248 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
    2015-09-07 19:17 - 2015-09-07 19:17 - 00043312 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2015-09-07 19:13 - 2015-09-16 18:23 - 00000000 ____D C:\Users\Public\Documents\regruninfo
    2015-09-07 19:13 - 2015-09-08 23:53 - 00000000 ____D C:\Users\CECA\Documents\RegRun2
    2015-09-07 19:13 - 2015-09-07 19:13 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2015-09-07 19:13 - 2015-09-07 19:13 - 00003318 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2015-09-07 19:13 - 2015-09-07 19:13 - 00001023 _____ C:\Users\CECA\Desktop\UnHackMe.lnk
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\winstart.bat
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\Program Files (x86)\UnHackMe
    2015-09-07 19:13 - 2015-07-21 12:26 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
    2015-09-07 19:12 - 2015-09-07 19:12 - 17152670 _____ C:\Users\CECA\Downloads\unhackme(1).zip
    2015-09-07 19:11 - 2015-09-07 19:12 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]
    2015-09-07 19:10 - 2015-09-07 19:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-09-07 19:09 - 2015-09-07 19:10 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe
    2015-09-07 19:07 - 2015-09-16 18:04 - 00000000 ____D C:\Program Files (x86)\Opera
    2015-09-07 19:07 - 2015-09-07 19:07 - 17152670 _____ C:\Users\CECA\Downloads\unhackme.zip
    2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Opera Software
    2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Opera Software
    2015-09-07 19:06 - 2015-09-07 19:06 - 00075752 _____ C:\Users\CECA\Downloads\unhackme-57046385.exe
    2015-09-07 19:03 - 2015-09-07 19:04 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe
    2015-09-07 19:01 - 2015-09-07 19:01 - 00000000 ____D C:\ProgramData\Lenovo
    2015-09-07 18:51 - 2015-09-07 18:51 - 00002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-bit.lnk
    2015-09-07 18:51 - 2015-09-07 18:51 - 00002083 _____ C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
    2015-09-07 11:07 - 2015-09-12 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2015-09-07 11:07 - 2015-09-11 20:43 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-07 11:07 - 2015-09-07 11:07 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
    2015-09-07 11:07 - 2015-09-06 22:41 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-09-07 11:06 - 2015-09-06 22:00 - 00002375 _____ C:\Users\CECA\Desktop\New Text Document.txt
    2015-09-07 11:01 - 2015-07-30 17:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-09-07 11:01 - 2015-07-30 16:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-09-07 06:07 - 2015-09-07 06:07 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2015-09-07 06:07 - 2015-09-07 06:07 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
    2015-09-07 06:07 - 2015-09-07 06:07 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2015-09-07 06:07 - 2015-09-07 06:07 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-09-07 06:07 - 2015-09-07 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-09-07 06:04 - 2015-09-16 18:23 - 00000000 ____D C:\Program Files (x86)\Google
    2015-09-07 06:04 - 2015-09-07 06:07 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2015-09-07 06:04 - 2015-09-07 06:07 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Roaming\AVAST Software
    2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Google
    2015-09-07 06:03 - 2015-09-07 06:03 - 00000000 ____D C:\Program Files\AVAST Software
    2015-09-07 06:02 - 2015-09-07 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
    2015-09-07 02:53 - 2015-09-16 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-09-07 02:53 - 2015-09-07 10:39 - 00000000 ____D C:\Users\CECA\AppData\Local\Mozilla
    2015-09-07 02:53 - 2015-09-07 02:54 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Mozilla
    2015-09-07 02:53 - 2015-09-07 02:53 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3.exe
    2015-09-07 02:37 - 2015-04-30 02:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2015-09-07 02:37 - 2015-03-17 20:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2015-09-07 02:36 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-09-07 02:36 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-09-07 02:36 - 2015-07-16 22:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2015-09-07 02:36 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-09-07 02:36 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-09-07 02:36 - 2015-07-16 22:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2015-09-07 02:36 - 2015-07-16 21:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2015-09-07 02:36 - 2015-07-09 21:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-09-07 02:36 - 2015-06-28 08:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-09-07 02:36 - 2015-06-28 08:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-09-07 02:36 - 2015-06-28 08:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-09-07 02:36 - 2015-06-28 08:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-09-07 02:36 - 2015-06-27 19:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-09-07 02:36 - 2015-06-27 06:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-09-07 02:36 - 2015-06-27 06:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-09-07 02:36 - 2015-06-27 06:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-09-07 02:36 - 2015-06-27 06:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-09-07 02:36 - 2015-06-27 06:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-09-07 02:36 - 2015-06-27 05:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-09-07 02:36 - 2015-06-27 05:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-09-07 02:36 - 2015-06-27 05:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-09-07 02:36 - 2015-06-27 05:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-09-07 02:36 - 2015-06-27 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-09-07 02:36 - 2015-06-27 04:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-09-07 02:36 - 2015-06-16 01:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2015-09-07 02:36 - 2015-06-16 01:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-09-07 02:36 - 2015-06-16 01:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2015-09-07 02:36 - 2015-06-16 01:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2015-09-07 02:36 - 2015-06-16 00:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-09-07 02:36 - 2015-06-16 00:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-09-07 02:36 - 2015-06-16 00:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-09-07 02:36 - 2015-06-16 00:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2015-09-07 02:36 - 2015-06-16 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-09-07 02:36 - 2015-06-16 00:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2015-09-07 02:36 - 2015-06-15 23:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2015-09-07 02:36 - 2015-06-15 23:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-09-07 02:36 - 2015-06-15 23:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-09-07 02:36 - 2015-06-15 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2015-09-07 02:36 - 2015-06-15 23:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-09-07 02:36 - 2015-05-31 00:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
    2015-09-07 02:36 - 2015-05-30 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2015-09-07 02:36 - 2015-05-30 22:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-09-07 02:36 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-09-07 02:36 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-09-07 02:36 - 2015-05-07 20:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2015-09-07 02:36 - 2015-05-07 20:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2015-09-07 02:36 - 2015-05-07 19:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2015-09-07 02:36 - 2015-05-07 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2015-09-07 02:36 - 2015-05-07 18:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
    2015-09-07 02:36 - 2015-05-07 18:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
    2015-09-07 02:36 - 2015-05-01 02:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-09-07 02:36 - 2015-05-01 01:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-09-07 02:36 - 2015-04-21 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2015-09-07 02:36 - 2015-04-10 03:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-09-07 02:36 - 2015-04-10 03:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-09-07 02:36 - 2015-03-30 08:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-09-07 02:36 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2015-09-07 02:36 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2015-09-07 02:36 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2015-09-07 02:36 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2015-09-07 02:36 - 2015-03-20 04:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2015-09-07 02:36 - 2015-03-14 11:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-09-07 02:36 - 2015-03-14 11:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-09-07 02:36 - 2015-03-14 04:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-09-07 02:36 - 2015-03-09 05:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
    2015-09-07 02:36 - 2015-03-04 04:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2015-09-07 02:36 - 2015-03-04 04:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2015-09-07 02:36 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2015-09-07 02:36 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
    2015-09-07 02:35 - 2015-07-29 17:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-09-07 02:35 - 2015-07-29 17:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-09-07 02:35 - 2015-07-29 17:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-09-07 02:35 - 2015-07-29 02:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2015-09-07 02:35 - 2015-07-28 17:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-09-07 02:35 - 2015-07-28 17:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-09-07 02:35 - 2015-07-16 03:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-09-07 02:35 - 2015-07-16 03:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-09-07 02:35 - 2015-07-16 03:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2015-09-07 02:35 - 2015-07-16 03:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-09-07 02:35 - 2015-07-15 00:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2015-09-07 02:35 - 2015-07-15 00:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2015-09-07 02:35 - 2015-07-15 00:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2015-09-07 02:35 - 2015-07-13 22:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-09-07 02:35 - 2015-07-13 22:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
    2015-09-07 02:35 - 2015-07-10 21:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
    2015-09-07 02:35 - 2015-07-10 20:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2015-09-07 02:35 - 2015-07-10 20:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
    2015-09-07 02:35 - 2015-07-10 20:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2015-09-07 02:35 - 2015-07-10 19:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
    2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
    2015-09-07 02:35 - 2015-07-09 19:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    2015-09-07 02:35 - 2015-07-07 12:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
    2015-09-07 02:35 - 2015-07-07 12:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
    2015-09-07 02:35 - 2015-07-07 12:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
    2015-09-07 02:35 - 2015-07-02 01:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2015-09-07 02:35 - 2015-07-02 01:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2015-09-07 02:35 - 2015-07-02 00:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2015-09-07 02:35 - 2015-07-02 00:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2015-09-07 02:35 - 2015-06-27 02:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-09-07 02:35 - 2015-06-16 08:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2015-09-07 02:35 - 2015-06-16 08:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2015-09-07 02:35 - 2015-06-12 20:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2015-09-07 02:35 - 2015-06-12 19:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2015-09-07 02:35 - 2015-06-11 23:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2015-09-07 02:35 - 2015-06-11 23:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2015-09-07 02:35 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-09-07 02:35 - 2015-05-12 16:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2015-09-07 02:35 - 2015-05-11 21:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2015-09-07 02:35 - 2015-05-11 19:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
    2015-09-07 02:35 - 2015-05-07 19:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-09-07 02:35 - 2015-05-03 18:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-07 02:35 - 2015-05-03 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-09-07 02:35 - 2015-05-03 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2015-09-07 02:35 - 2015-05-03 17:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
    2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\system32\locale.nls
    2015-09-07 02:35 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2015-09-07 02:35 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2015-09-07 02:35 - 2015-04-25 05:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2015-09-07 02:35 - 2015-04-23 18:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2015-09-07 02:35 - 2015-04-23 18:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2015-09-07 02:35 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2015-09-07 02:35 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
    2015-09-07 02:35 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
    2015-09-07 02:35 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
    2015-09-07 02:35 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
    2015-09-07 02:35 - 2015-04-09 01:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-09-07 02:35 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
    2015-09-07 02:35 - 2015-04-03 03:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2015-09-07 02:35 - 2015-04-03 03:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2015-09-07 02:35 - 2015-04-02 01:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2015-09-07 02:35 - 2015-04-02 01:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2015-09-07 02:35 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2015-09-07 02:35 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2015-09-07 02:35 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2015-09-07 02:35 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2015-09-07 02:35 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2015-09-07 02:35 - 2015-04-01 06:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2015-09-07 02:35 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2015-09-07 02:35 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2015-09-07 02:35 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2015-09-07 02:35 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2015-09-07 02:35 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2015-09-07 02:35 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2015-09-07 02:35 - 2015-04-01 05:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2015-09-07 02:35 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2015-09-07 02:35 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2015-09-07 02:35 - 2015-03-24 00:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-09-07 02:35 - 2015-03-24 00:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-09-07 02:35 - 2015-03-20 07:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
    2015-09-07 02:35 - 2015-03-20 07:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-09-07 02:35 - 2015-03-20 07:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-09-07 02:35 - 2015-03-20 06:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-09-07 02:35 - 2015-03-20 05:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-09-07 02:35 - 2015-03-14 03:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2015-09-07 02:35 - 2015-03-13 07:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2015-09-07 02:35 - 2015-03-13 07:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2015-09-07 02:35 - 2015-03-13 05:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2015-09-07 02:35 - 2015-03-13 05:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2015-09-07 02:35 - 2015-03-13 05:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2015-09-07 02:35 - 2015-03-13 04:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2015-09-07 02:35 - 2015-03-13 03:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2015-09-07 02:35 - 2015-03-11 04:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-09-07 02:35 - 2015-03-11 04:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-09-07 02:35 - 2015-03-09 05:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
    2015-09-07 02:35 - 2015-03-06 06:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-09-07 02:35 - 2015-03-06 05:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2015-09-07 02:35 - 2015-03-06 05:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-09-07 02:35 - 2015-03-04 13:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2015-09-07 02:35 - 2015-03-04 06:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2015-09-07 02:35 - 2015-03-04 05:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2015-09-07 02:35 - 2015-02-24 11:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2015-09-07 02:35 - 2015-02-21 02:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
    2015-09-07 02:35 - 2015-02-18 02:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2015-09-07 02:34 - 2015-05-03 18:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2015-09-07 02:34 - 2015-05-03 17:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2015-09-07 02:30 - 2015-09-07 02:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
    2015-09-07 02:16 - 2015-09-07 02:16 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Macromedia
    2015-09-07 02:12 - 2015-09-20 09:51 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B794C6B0-B401-414A-8690-EE66D60178F8}
    2015-09-07 02:11 - 2015-09-07 02:11 - 00002088 _____ C:\Users\Public\Desktop\Ръководства на потребителя.lnk
    2015-09-07 02:11 - 2015-09-07 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
    2015-09-07 02:08 - 2015-09-07 02:08 - 00000000 __SHD C:\UserGuidePDF
    2015-09-07 02:05 - 2015-09-07 02:11 - 00000000 ____D C:\Program Files (x86)\Lenovo
    2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\Lenovo
    2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\DIFX
    2015-09-07 02:05 - 2015-09-07 02:04 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
    2015-09-07 02:05 - 2015-09-07 02:04 - 00035576 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
    2015-09-07 02:04 - 2015-09-07 02:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Downloaded Installations
    2015-09-07 02:02 - 2014-03-25 15:14 - 09113304 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
    2015-09-07 02:02 - 2014-03-25 15:14 - 06340312 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
    2015-09-07 02:02 - 2014-03-25 15:14 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
    2015-09-07 02:02 - 2014-03-25 15:14 - 01157563 _____ C:\Windows\FTDataP.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00946032 _____ C:\Windows\FTData.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00817241 _____ C:\Windows\FTDataR1.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00817191 _____ C:\Windows\FTDataR0.xml
    2015-09-07 02:02 - 2014-03-25 15:14 - 00472792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
    2015-09-07 02:02 - 2014-03-25 15:14 - 00419032 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
    2015-09-07 01:58 - 2015-09-07 01:58 - 00000000 ____D C:\Program Files\Elantech
    2015-09-07 01:58 - 2014-08-20 06:07 - 00045896 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller.dll
    2015-09-07 01:58 - 2014-08-19 10:59 - 00425736 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
    2015-09-07 01:55 - 2015-09-07 01:55 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Users\CECA\Intel.sav
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel.sav
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Common Files\Intel
    2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files (x86)\Cisco
    2015-09-07 01:53 - 2015-09-07 01:53 - 00000000 ____D C:\Windows\SysWOW64\sda
    2015-09-07 01:53 - 2014-03-27 06:06 - 00331992 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
    2015-09-07 01:53 - 2014-01-27 08:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
    2015-09-07 01:51 - 2015-09-13 21:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2015-09-07 01:51 - 2015-09-07 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
    2015-09-07 01:51 - 2014-05-29 10:55 - 00873176 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
    2015-09-07 01:51 - 2014-05-29 10:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2015-09-07 01:50 - 2015-09-20 10:22 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
    2015-09-07 01:47 - 2015-09-20 10:26 - 00240378 _____ C:\Users\Public\CAFADEBUG.log
    2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
    2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\Dolby Digital Plus
    2015-09-07 01:46 - 2015-09-07 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
    2015-09-07 01:45 - 2011-09-01 10:23 - 00447104 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
    2015-09-07 01:43 - 2014-07-16 04:34 - 00001852 _____ C:\Windows\system32\Drivers\SamSfPa.dat
    2015-09-07 01:42 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\CONEXANT
    2015-09-07 01:42 - 2015-09-07 01:42 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2015-09-07 01:42 - 2014-09-12 06:45 - 01462464 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
    2015-09-07 01:42 - 2014-03-18 20:02 - 02867928 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A52.DLL
    2015-09-07 01:42 - 2014-01-08 08:26 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
    2015-09-07 01:42 - 2014-01-08 08:26 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
    2015-09-07 01:42 - 2013-11-15 10:08 - 00944832 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64BP07.dll
    2015-09-07 01:42 - 2013-11-15 09:37 - 01790168 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP86.dll
    2015-09-07 01:42 - 2013-08-05 13:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2015-09-07 01:42 - 2013-07-25 09:39 - 00206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
    2015-09-07 01:42 - 2013-05-15 10:27 - 00406208 _____ (Conexant Systems, Inc.) C:\Windows\system32\CSpkExt64.dll
    2015-09-07 01:42 - 2012-06-29 08:04 - 00050848 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
    2015-09-07 01:42 - 2012-01-16 05:42 - 00666240 _____ (Conexant Systems, Inc.) C:\Windows\system32\C3DHPExt64.dll
    2015-09-07 01:42 - 2011-01-18 03:35 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
    2015-09-07 01:41 - 2015-09-07 01:42 - 00000000 ____D C:\ProgramData\Conexant
    2015-09-07 01:40 - 2015-09-07 01:40 - 00872506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-09-07 01:40 - 2015-09-07 01:40 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel Corporation
    2015-09-07 01:39 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel
    2015-09-07 01:39 - 2015-09-07 01:53 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
    2015-09-07 01:39 - 2015-09-07 01:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2015-09-07 01:39 - 2015-09-07 01:39 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
    2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____D C:\ProgramData\Intel® Update Manager
    2015-09-07 01:36 - 2015-09-07 01:36 - 00000000 ____D C:\Users\CECA\Intel
    2015-09-07 01:32 - 2015-09-07 01:32 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-09-06 22:44 - 2015-09-06 22:47 - 00001038 _____ C:\Users\Public\Desktop\Adobe Photoshop CC 2014.lnk
    2015-09-06 22:44 - 2015-09-06 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014
    2015-09-06 22:39 - 2015-09-06 22:39 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
    2015-09-06 22:37 - 2015-09-06 22:37 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
    2015-09-06 22:25 - 2015-09-06 22:27 - 00000000 ___SD C:\Windows\system32\GWX
    2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-09-06 21:53 - 2015-09-06 21:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\NVIDIA
    2015-09-06 21:43 - 2015-09-07 18:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2015-09-06 21:39 - 2015-09-07 18:50 - 00000000 ____D C:\Program Files\Adobe
    2015-09-06 21:26 - 2015-09-06 21:29 - 00000000 ____D C:\Users\CECA\Downloads\Adobe Photoshop CC 2014 v15.2.2 RePack
    2015-09-06 21:20 - 2015-09-06 21:20 - 00659496 _____ (Best Installer) C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.exe
    2015-09-06 21:11 - 2015-09-06 20:03 - 00000000 _____ C:\Users\CECA\Downloads\password is 123
    2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\Users\CECA\AppData\Roaming\WinRAR
    2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-09-06 21:07 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files\WinRAR
    2015-09-06 21:07 - 2015-09-06 21:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Macromedia
    2015-09-06 21:06 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG
    2015-09-06 21:02 - 2015-09-06 21:03 - 00203010 ____N C:\Users\CECA\Downloads\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.zip
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\CECA\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2015-09-06 20:28 - 2015-09-20 12:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-09-06 20:28 - 2015-09-06 20:28 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee
    2015-09-06 20:27 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Local\Adobe
    2015-09-06 20:26 - 2015-09-06 20:26 - 00000000 ____D C:\Users\CECA\Downloads\Adobe CS6 All Products Activator (x32 & x64)
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000959 _____ C:\Users\Public\Desktop\µTorrent.lnk
    2015-09-06 20:24 - 2015-09-06 20:24 - 00000000 ____D C:\Program Files (x86)\uTorrent
    2015-09-06 20:23 - 2015-09-20 10:26 - 00000000 ____D C:\Users\CECA\AppData\Roaming\uTorrent
    2015-09-05 10:24 - 2015-09-05 10:24 - 00000425 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2015-09-05 10:23 - 2015-09-07 01:56 - 00000000 ____D C:\Program Files (x86)\Intel
    2015-09-05 10:23 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Intel
    2015-09-05 10:23 - 2015-09-05 10:23 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
    2015-09-05 10:23 - 2015-09-05 10:23 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
    2015-09-05 10:23 - 2014-09-23 06:41 - 24237936 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 23432464 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 17342080 _____ C:\Windows\system32\igd11dxva64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01508488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01365504 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 01061376 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00768104 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00764520 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00685568 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00629272 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00510304 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00303208 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00255624 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00225792 _____ C:\Windows\system32\igdde64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00207496 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00186368 _____ C:\Windows\SysWOW64\igdde32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00175024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00174592 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
    2015-09-05 10:23 - 2014-09-23 06:41 - 00131208 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00123528 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
    2015-09-05 10:23 - 2014-09-23 06:41 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
    2015-09-05 10:23 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 23969280 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 18843648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 16858480 _____ C:\Windows\SysWOW64\igd11dxva32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 08813056 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 08313344 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07802880 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07715672 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 07012176 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 06932992 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 05866352 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 04726928 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
    2015-09-05 10:22 - 2014-09-23 06:41 - 04619480 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
    2015-09-05 10:22 - 2014-09-23 06:41 - 02810128 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 02772616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 02020352 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01137080 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01132960 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00883848 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00612488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00562824 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00471656 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00456296 _____ C:\Windows\system32\igfxTray.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00417896 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00397312 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
    2015-09-05 10:22 - 2014-09-23 06:41 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00350344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00349696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00254976 _____ C:\Windows\system32\igfxCPL.cpl
    2015-09-05 10:22 - 2014-09-23 06:41 - 00224256 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00220392 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00194664 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00193672 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00184312 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3947.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00162304 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00144896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00087144 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00086632 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
    2015-09-05 10:22 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ C:\Windows\system32\igfxCUIServicePS.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00059392 _____ ( ) C:\Windows\system32\igfxDHLib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00031408 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
    2015-09-05 10:22 - 2014-09-23 06:41 - 00003944 _____ C:\Windows\system32\iglhxs64.vp
    2015-09-05 10:22 - 2014-09-23 06:41 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
    2015-09-05 10:19 - 2015-09-20 10:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1004
    2015-09-05 10:19 - 2015-09-05 10:19 - 00000000 ____D C:\Intel
    2015-09-05 10:19 - 2014-09-23 06:41 - 00453872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
    2015-09-05 10:18 - 2015-09-19 16:15 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Users\CECA\AppData\Local\NVIDIA
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2015-09-05 10:18 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2015-09-05 10:18 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 06682256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 03498184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 01072272 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00929936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    2015-09-05 10:18 - 2014-09-15 02:19 - 00606528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2015-09-05 10:18 - 2014-09-15 02:19 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2015-09-05 10:18 - 2014-09-11 23:11 - 03961833 _____ C:\Windows\system32\nvcoproc.bin
    2015-09-05 10:17 - 2014-09-16 10:55 - 30414656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 22994632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 18314248 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 18241624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 15880864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 15246896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 12737864 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2015-09-05 10:17 - 2014-09-16 10:55 - 11591896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 09735816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 09693568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 03133760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 03126600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 02939208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 02755216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 01882312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433360.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 01509576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433360.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00931648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00893584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00886088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00853192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00478408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00404808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00355016 _____ C:\Windows\system32\NvIFROpenGL.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00313672 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00168664 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00141384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2015-09-05 10:17 - 2014-09-16 10:55 - 00023662 _____ C:\Windows\system32\nvinfo.pb
    2015-09-05 10:16 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2015-09-05 10:16 - 2014-09-16 10:55 - 25256648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 11643408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 03085600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2015-09-05 10:16 - 2014-09-16 10:55 - 02709168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2015-09-05 10:11 - 2015-09-05 10:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll
    2015-09-05 10:11 - 2015-09-05 10:11 - 00000073 _____ C:\Users\CECA\Desktop\ActStatus.log
    2015-09-05 10:09 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Adobe
    2015-09-05 10:09 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA
    2015-09-05 10:09 - 2015-09-07 11:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Packages
    2015-09-05 10:09 - 2015-09-05 10:09 - 00001446 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-09-05 10:09 - 2015-09-05 10:09 - 00000020 ___SH C:\Users\CECA\ntuser.ini
    2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Windows\CSC
    2015-09-05 10:09 - 2015-03-11 23:47 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-05 10:09 - 2014-11-24 21:36 - 00194560 _____ C:\Users\CECA\Desktop\KMScmd.exe
    2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-09-05 10:09 - 2013-08-22 18:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-09-05 10:05 - 2015-09-05 10:05 - 00002308 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-500
    2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 __SHD C:\Recovery
    2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2015-09-05 10:04 - 2015-09-20 10:19 - 00153336 _____ C:\Windows\system32\wpbbin.exe
    2015-09-05 10:04 - 2015-09-20 10:19 - 00111088 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoCheck.exe
    2015-09-05 10:04 - 2015-09-20 10:19 - 00026608 _____ (Lenovo) C:\Windows\system32\LenovoUpdate.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-20 13:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
    2015-09-20 12:42 - 2014-11-21 10:38 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-09-20 10:19 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-09-19 12:41 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2015-09-16 17:21 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
    2015-09-12 10:34 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
    2015-09-11 18:16 - 2013-08-22 17:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-09-10 23:05 - 2015-03-11 23:16 - 00000000 ____D C:\Windows\system32\MRT
    2015-09-10 23:05 - 2014-11-21 10:18 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-10 23:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-09-08 19:51 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppCompat
    2015-09-07 21:25 - 2015-03-11 17:05 - 00000000 ____D C:\Windows\Panther
    2015-09-07 20:42 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\NDF
    2015-09-07 20:08 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Resources
    2015-09-07 11:04 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
    2015-09-07 01:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Default
    2015-09-07 01:40 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\restore
    2015-09-06 22:25 - 2015-03-11 22:04 - 00000000 ____D C:\Windows\system32\appraiser
    2015-09-06 22:25 - 2014-11-21 18:14 - 00000000 ___SD C:\Windows\system32\CompatTel
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\WinStore
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Windows Defender
    2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2015-09-06 22:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
    2015-09-06 21:43 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-09-05 11:03 - 2013-08-22 18:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
    2015-09-05 10:18 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Help
    2015-09-05 10:09 - 2015-03-11 17:28 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2015-09-05 10:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\Recovery
    2015-08-26 18:37 - 2015-03-11 23:16 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Files in the root of some directories =======

    2015-09-07 01:42 - 2015-09-07 01:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\CECA\AppData\Local\Temp\7za.exe
    C:\Users\CECA\AppData\Local\Temp\DaS_21.exe
    C:\Users\CECA\AppData\Local\Temp\hijackthis.exe
    C:\Users\CECA\AppData\Local\Temp\NirCmd.exe
    C:\Users\CECA\AppData\Local\Temp\PEVZ.EXE
    C:\Users\CECA\AppData\Local\Temp\remove.exe
    C:\Users\CECA\AppData\Local\Temp\sed.exe
    C:\Users\CECA\AppData\Local\Temp\shortcut.exe
    C:\Users\CECA\AppData\Local\Temp\sqlite3.dll
    C:\Users\CECA\AppData\Local\Temp\swreg.exe
    C:\Users\CECA\AppData\Local\Temp\swxcacls.exe
    C:\Users\CECA\AppData\Local\Temp\wget.exe
    C:\Users\CECA\AppData\Local\Temp\zoek-delete.exe

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-09-20 12:14

    ==================== End of FRST.txt ============================

    Addition.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Чиста система....! Контролни сканирания..:

     

     

    emsisoft_emergency_kit.pnglogo.png

    • Моля изтеглете EmsisoftEmergencyKit, стартирайте exe файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
    • Стартирайте иконата на файла Start Emsisoft Emergency Kit от десктопа за да стартирате приложението.
    • Натиснете бутона"Yes", когато бъдете подканени да обновите дефинициите на програмата.

    EKK.gif

    • След като процеса по обновяването на дефинициите приключи натиснете бутона "Scan".
    • Натиснете бутона "Yes", когато бъдете попитани дали да програмата да включи засичането на потенциално нежелани приложения (Potentially Unwanted Applications).
    • Сега вече изберете бутона Custom Scan. Премахнете от списъка всички дялове без C:\ (т.е. нека да остане само дял C:\ в списъка).
    • Натиснете Next за да започне проверката.
    • Когато проверката приключи натиснете бутона View Report.
    • Копирайте съдържанието на лог файла в следващия си коментар.

     

     

     

    GUZVCQN.jpg Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .

    Кликнете два пъти върху mbam-setup - 2.1.4.1018.exe и следвайте инструкциите, за да инсталирате програмата . Убедете се че преди края на инсталацията има отметка тук:

    • Launch Malwarebytes Anti-Malware
    • 14-дневен пробен период е предварително избран. Можете да премахнете отметката ако желаете, при което няма да се ограничат възможностите за сканиране и премахване на зловреден софтуер с програмата.
    • Натиснете Finish
    • В края на инсталацията, ще се извърши актуализация на база данни.
    • Отидете до табът Settings > Detection and Protection > и под категорията Detection Options включете опцията "Scan for rootkits".
    • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и кликнете върху Scan Now и ще започне сканиране за зловреден софтуер.
    • При някои инфекции можете да видите съобщението:

                                          "Could not load DDA driver"

    • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
    • Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Remove Selected за да се позволи на Mbam да почисти засеченото. .
    • В повечето случаи, ще се поиска рестартиране
    • Изчакайте подканата за рестартиране на компютъра, за да се появи, след това кликнете върху Yes
    • След рестарта ,стартирайте Mbam още веднъж.
    • Кликнете на History tab > Application Logs .
    • Кликнете два пъти върху реда , който показва датата и часа на сканирането и натиснете бутона "Copy to Clipboard"
    • Поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.

     

     

    Сканиране с ESET Online Scan
     
     
    i_arrow-r.gif Изтеглете програмата: ESET Online Scanner

    • Стартирайте esetsmartinstaller_enu.exe 7c9e83b53227ef3d.jpg
    • Сложете отметка на YES, I accept the Terms of Use и изберете Start:

    04ed1c15c0abe843.jpg

    • Скенерът ще започне да изтегля компонентите, които са му необходими:

    3b734079c5ccd713.jpg

    • Уверете се, че Enable detection of potentially unwanted applications е избран.

    Уверете се, че е премахната отметката от:

    • Remove found threats

    Уверете се че са маркирани следните позиции:

    • Scan Archives

    Кликнете върху Advanced Settings и маркирайте следните опции:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    Накрая изберете Start
     
    2.JPG
     
    Скенерът ще започне да изтегля последните дефиниции и ще започне сканиране на вашия компютър.
    Моля, бъдете търпеливи, тъй като това може да отнеме известно време.

    • След, като сканирането завърши кликнете на List of found threats.
    • Щракнете върху Export, и запишете файла на вашия работен плот с  име  ESETScan. Копирайте съдържанието на този доклад, в следващия си отговор.
    • Изберете бутона Back.
    • Изберете бутона Finish.

     

     

      Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • Дневник от Emsisoft Emergency Kit
    • Дневник от Malwarebytes Anti -Malware
    • Дневник от ESET Online Scanner ( List of found threats )
    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Супер, ще направя каквото трябва.

    Защо обаче толкова бавно сваля тези програми? На другия компютър 159 МВ ги свали за по-малко от минута, а тук ми задава 45 минути и вероятно толкова ще се точи...

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Emsisoft Emergency Kit - Version 10.0
    Last update: 20.9.2015 г. 14:45:31
    User account: SVESVE\CECA

    Scan settings:

    Scan type: Custom Scan
    Objects: Rootkits, Memory, Traces, C:\

    Detect PUPs: On
    Scan archives: On
    ADS Scan: On
    File extension filter: Off
    Advanced caching: On
    Direct disk access: Off

    Scan start: 20.9.2015 г. 14:47:51
    Value: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR  detected: Setting.DisableTaskMgr (A)
    Value: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detected: Setting.DisableRegistryTools (A)
    C:\Program Files (x86)\Mozilla Firefox\cfg  detected: Adware.Mplug.JX (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\102.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\178.js  detected: Adware.JS.Crossrider.E (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\184.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\179.js  detected: Adware.JS.Agent.AN (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\195.js  detected: Application.Toolbar (A)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\180.js  detected: Adware.JS.Crossrider.E (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\223.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\232.js  detected: Adware.JS.Agent.AM (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\231.js  detected: Adware.JS.Agent.AM (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\242.js  detected: Adware.JS.Agent.AM (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\252.js  detected: Application.Toolbar (A)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\262.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\263.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\339.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\380.js  detected: Adware.JS.Crossrider.B (B)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\356.js  detected: Application.Toolbar (A)
    C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\424.js  detected: Adware.JS.Crossrider.E (B)
    C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]\Keygen (X-Force)\keygen.exe  detected: Trojan.GenericKD.2319495 (B)
    C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe  detected: Application.Win32.InstallMon (A)
    C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}\Keygen\Alien Skin SN-XForce New.exe  detected: Trojan.GenericKD.2319495 (B)
    C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe  detected: Application.Win32.InstallMon (A)
    C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG\KEYGEN-FFF.exe  detected: Riskware.Win32.Keygen (A)
    C:\zoek_backup\C_Program Files (x86)_AGEIA Technologies_28936315-a632-47fa-b3d1-e3b83f7897c5.dll.vir  detected: Adware.Generic.1316973 (B)
    C:\zoek_backup\C_PROGRA~2_28936315-a632-47fa-b3d1-e3b83f7897c5\18dc279a-837c-4292-be79-03e687cb7bb7.dll  detected: Adware.Generic.1316973 (B)
    C:\zoek_backup\C_Program Files (x86)_AGEIA Technologies_35c51dbf-b70b-4dff-8eb4-5324692d342a.dll.vir  detected: Gen:Variant.Adware.Crossrider.2 (B)
    C:\zoek_backup\C_PROGRA~2_28936315-a632-47fa-b3d1-e3b83f7897c5\d32c5eda-783a-4a18-aae2-b7ef1d7a688d.dll  detected: Gen:Variant.Adware.Crossrider.2 (B)

    Scanned 227704
    Found 29

    Scan end: 20.9.2015 г. 15:01:02
    Scan time: 0:13:11

     

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 20.9.2015 г.
    Scan Time: 18:20
    Logfile:
    Administrator: Yes

    Version: 2.1.8.1057
    Malware Database: v2015.09.20.02
    Rootkit Database: v2015.09.18.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: CECA

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 345873
    Time Elapsed: 10 min, 26 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 3
    PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, Crossbrowse, Quarantined, [1e04b082f596df57d0f25a355ea68f71]
    PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, Quarantined, [ba682c068704e353b111355a08fc7c84]
    PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, Crossbrowse, Quarantined, [de44d55de8a31e18fdc5f29d49bbae52]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 6
    PUP.Optional.Jelbrus, C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832QuarantinedB64Bit%29+QuarantinedB+Crack.exe, [2cf61c16602b5bdb80d31890ff06f50b], , %5
    PUP.Optional.Amonetize, C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe, Quarantined, [bc66939f1972e0561e1e4694a35ee21e],
    PUP.Optional.Amonetize, C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe, Quarantined, [d84aea480289e254201c4c8e21e057a9],
    PUP.Optional.Proinstall, C:\Users\CECA\Downloads\unhackme-57046385.exe, Quarantined, [f42ee0524744cf67f60c94e552af1fe1],
    PUP.Optional.DefaultProtectedSearch, C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js, Good: (), Bad: (defsearchp@gmail.com), Replaced,[48da0f23c2c952e48a276f42a65f04fc]
    PUP.Optional.DeskCut, C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js, Good: (), Bad: (deskCutv2@gmail.com), Replaced,[1210f73b305b69cdd8da31803bcacd33]

    Physical Sectors: 0
    (No malicious items detected)

    (end)

     


    имам проблем с ESET, зацикли до тукhttp://prikachi.com/images.php?images/609/8366609x.jpg

    post-355689-0-97530000-1442766159_thumb.

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    По-добра е скоростта определено. Всъщност само ИЕ ползвам в момента.

    Искам пак да сваля Мозилата, дали ще е чиста? Опасявам се пак да не се натресе някой като outsurfing...

     

    А ужасно бавната скорост за даунлоуд?

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

     

    Искам пак да сваля Мозилата, дали ще е чиста? Опасявам се пак да не се натресе някой като outsurfing...

     

    А ужасно бавната скорост за даунлоуд?

     

    Инсталирайте си Мозила и пробвайте...Няма друг начин да разберем..! Всъщност имам едно съмнение за бавната скорост ...но нека да видим първо как ще се държи и Мозилата и тогава ще ви кажа какво предлагам..!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Нещата пак са кофти. :(:(:(

    Мозилата я сваля половин ден и накрая пак беше с екстри - вместо посочената страница, ми зареди alliexpress и както преди изскачат някакви рекламни страници...Деинсталирах уж, сега пък ми излиза съобщение, че 6 файла са останали...

    Скоростта на браузерите онзи ден се забави пак, а днес никаква я няма отново...:( Върти, уж зарежда, а повече от половин минута минава, докато излезе страницата или изобщо не излиза.

    Всичко отначало ли ще правим отново? П.П. На Google дори не ми зарежда картинката.

    Редактирано от svesmile (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Извинявам се за това, че се включвам.

    1. Вчера и при мен се лепна някакъв подобен сърфинг на споменатия по-горе от автора. Частично подобрение се усети след изпълняването на следните стъпки:

    Това е в случай, че още ти функционира outsurfing-a.

     

    2. Пробва ли да изтриеш всичко от C:\Program Files след като деинсталираш програмата, ако е имало остатъци, както и в C:\Users\YOUR.USER\AppData\Прегледай всички папки с името на браузъра, архивирай си отметките (КЛИК) и паролите (КЛИК), за да ги имаш готови в случай, че всичко е ОК.

    Успех!

    Редактирано от Sc0user (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ами не знам дали още е там, защото като видях, че ми изскача пак али-експреса, затворих мозилата и следващата стъпка беше да я деинсталирам. За щастие, в интернет експлоръра не се е закачила, но очаквам неприятни изненади...Благодаря ти за включването!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Тия реклами се появяваха и при мен. Решението за тях в моя случай беше uBlock (разновидност на AdBlock), опитай с него. Принципно така си излизат като влезеш в някои сайтове и нямаш Blocker.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×