Премини към съдържанието
svesmile

Браузърите са много бавни, Mozzila с outsurfing

Препоръчан отговор


Здравейте, преди време ми помогнахте да се отърва от вирус, сега пак прибягвам до вашата помощ.

С Window 8.1 съм.

От няколко дни браузърите са изключително бавни в зареждането на страници, или изобщо не ги зареждат. В момента съм с IE, Mozilla я инсталирах и деинсталирах няколко пъти, защото все на второто отваряне на страница се зарежда винаги outsurfing, а обичайни линкове към някой сайт или страница ми зареждат рекламни банери и прочие и изобщо не стигам до предвидената дестинация. Сега съм я махнала.

Имам и Гугл Хром, той пък изобщо не зарежда. Пробвах Опера - и тя се бъгна с този outsurfing... Последният го чистих с UnHack Me. В момента не ми прави проблем на IE, но пък това бавно зареждане....Farbar Recovery Scan Tool така и не успах да го сваля - 15-20 минути се точи, накрая го свалих на друг компютър и го метнах на моя на десктопа.

Ето и лог файловете:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by CECA (administrator) on SVESVE (19-09-2015 11:53:13)
Running from C:\Users\CECA\Desktop
Loaded Profiles: CECA (Available Profiles: CECA)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [10828056 2015-09-07] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-09-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-07] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77D90807-B3E7-4DF6-A1D2-002BEAEED43B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default
FF NewTab:
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://google.bg/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]
FF SearchPlugin: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml [2015-09-16]
FF Extension: Default SearchProtected  - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com [2015-09-07]
FF Extension: deskCut - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com [2015-09-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-07]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-11]

Chrome:
=======
CHR Profile: C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Google Docs) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07]
CHR Extension: (Google Drive) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (YouTube) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-07]
CHR Extension: (Google Search) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-07]
CHR Extension: (Google Sheets) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Google Docs Offline) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
CHR Extension: (Avast Online Security) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Gmail) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-07]

Opera:
=======
OPR Extension: (CinemaP-1.9cV07.09) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-09-07]
OPR Extension: (pnaiinchjaonopoejhknmgjingcnaloc) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pnaiinchjaonopoejhknmgjingcnaloc [2015-09-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LenovoSetSvr; C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe [369944 2015-09-07] (Lenovo(beijing) Limited)
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-09-19] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-07] (AVAST Software)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-07] (Intel Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-09-07] (Greatis Software)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-19 11:53 - 2015-09-19 11:53 - 00017735 _____ C:\Users\CECA\Desktop\FRST.txt
2015-09-19 11:53 - 2015-09-19 11:53 - 00000000 ____D C:\FRST
2015-09-19 11:52 - 2015-09-19 10:47 - 02191360 _____ (Farbar) C:\Users\CECA\Desktop\FRST64.exe
2015-09-19 09:08 - 2015-09-19 09:08 - 00000028 _____ C:\Windows\lupdate.log
2015-09-16 18:24 - 2015-09-16 18:24 - 00000000 ____D C:\@RestoreQuarantine
2015-09-16 18:23 - 2015-09-16 18:23 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-16 18:13 - 2015-09-19 11:18 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 18:13 - 2015-09-19 08:52 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 18:13 - 2015-09-16 18:13 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 18:13 - 2015-09-16 18:13 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:12 - 2015-09-16 18:13 - 00000000 ____D C:\Users\CECA\AppData\Local\Deployment
2015-09-16 18:12 - 2015-09-16 18:12 - 00000000 ____D C:\Users\CECA\AppData\Local\Apps\2.0
2015-09-16 17:33 - 2015-09-16 17:33 - 00724384 _____ (Opera Software) C:\Users\CECA\Downloads\Opera_NI_stable.exe
2015-09-16 17:10 - 2015-09-16 17:11 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (2).exe
2015-09-15 21:52 - 2015-09-15 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-15 21:52 - 2015-09-15 21:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-13 22:21 - 2015-09-13 22:21 - 00001202 _____ C:\Users\CECA\Desktop\Documents - Shortcut.lnk
2015-09-12 15:14 - 2015-09-16 21:27 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ArcSoft
2015-09-12 10:21 - 2015-09-16 21:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\vlc
2015-09-12 10:21 - 2015-09-12 20:06 - 00000000 ____D C:\Users\CECA\AppData\Temp
2015-09-12 10:21 - 2015-09-12 10:21 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\Program Files\VideoLAN
2015-09-12 10:20 - 2015-09-12 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2015-09-12 10:19 - 2015-09-13 21:19 - 00000000 ____D C:\ProgramData\ArcSoft
2015-09-12 10:19 - 2015-09-12 10:21 - 00000000 ____D C:\Users\CECA\AppData\Local\ArcSoft
2015-09-12 10:19 - 2015-09-12 10:19 - 00002033 _____ C:\Users\Public\Desktop\TotalMedia Theatre.lnk
2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre
2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2015-09-12 10:19 - 2008-01-25 14:06 - 00010624 _____ C:\Windows\SysWOW64\Drivers\archlp.sys
2015-09-12 10:19 - 2008-01-22 17:55 - 00061440 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MMCEDT.exe
2015-09-12 10:19 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-09-12 10:19 - 2005-05-27 14:58 - 00393216 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUP60.dll
2015-09-12 10:19 - 2005-05-27 14:58 - 00249856 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLURT.dll
2015-09-12 10:19 - 2003-03-18 22:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-09-12 10:19 - 2003-02-21 04:42 - 00348160 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-09-12 10:18 - 2015-09-12 10:18 - 00015533 _____ C:\Users\CECA\Downloads\VLC Media Player 2.1.3.torrent
2015-09-12 10:18 - 2015-09-12 10:18 - 00000000 ____D C:\Users\CECA\Downloads\VLC Media Player 2.1.3
2015-09-12 10:12 - 2015-09-12 10:13 - 00000000 ____D C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre
2015-09-12 10:12 - 2015-09-12 10:12 - 00016411 _____ C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre.torrent
2015-09-11 19:10 - 2015-09-13 22:21 - 00000000 ____D C:\Users\CECA\Documents\kids
2015-09-10 20:06 - 2015-07-04 00:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 20:06 - 2015-07-03 17:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 20:05 - 2015-09-03 05:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 20:05 - 2015-09-03 05:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 20:05 - 2015-09-02 21:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 20:05 - 2015-09-02 20:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 20:05 - 2015-07-22 17:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 20:05 - 2015-07-22 16:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 20:05 - 2015-07-17 17:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 20:05 - 2015-07-17 17:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 20:05 - 2015-07-13 22:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 20:05 - 2015-07-10 22:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 20:05 - 2015-07-09 19:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 20:05 - 2015-06-27 14:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 20:05 - 2015-06-19 20:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-10 18:43 - 2015-09-10 18:43 - 00058231 _____ C:\Users\CECA\Downloads\pnew.zip
2015-09-10 18:38 - 2015-09-10 18:41 - 253063997 _____ C:\Users\CECA\Downloads\flotren.zip
2015-09-10 18:17 - 2015-09-10 18:17 - 00065446 _____ C:\Users\CECA\Documents\cc_20150910_181717.reg
2015-09-10 18:14 - 2015-08-27 05:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 18:14 - 2015-08-26 21:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 18:14 - 2015-08-26 17:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 18:14 - 2015-08-26 17:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 18:14 - 2015-08-26 17:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 18:14 - 2015-08-26 17:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 18:13 - 2015-07-30 20:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 18:13 - 2015-07-30 19:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 18:12 - 2015-09-02 05:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 18:12 - 2015-09-02 05:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 18:12 - 2015-09-02 05:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 18:12 - 2015-09-02 05:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 18:12 - 2015-09-02 05:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 18:12 - 2015-08-22 21:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 18:12 - 2015-08-22 20:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 18:12 - 2015-08-22 20:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 18:12 - 2015-08-22 20:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 18:12 - 2015-08-22 20:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 18:12 - 2015-08-22 20:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 18:12 - 2015-08-22 19:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 18:12 - 2015-08-22 19:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 18:12 - 2015-08-22 19:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-10 18:12 - 2015-08-22 19:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 18:12 - 2015-08-22 19:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 18:12 - 2015-08-22 19:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 18:12 - 2015-08-22 19:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 18:12 - 2015-08-22 19:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 18:12 - 2015-08-22 19:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 18:12 - 2015-08-22 19:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-10 18:12 - 2015-08-22 19:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 18:12 - 2015-08-22 19:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-10 18:12 - 2015-08-22 19:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 18:12 - 2015-08-22 19:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 18:12 - 2015-08-22 19:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 18:12 - 2015-08-22 19:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 18:12 - 2015-08-22 19:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 18:12 - 2015-08-22 19:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 18:12 - 2015-08-22 18:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 18:12 - 2015-08-22 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 18:12 - 2015-08-04 00:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 18:12 - 2015-08-04 00:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 18:12 - 2015-08-01 17:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 18:12 - 2015-08-01 06:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-10 18:12 - 2015-08-01 06:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-10 18:12 - 2015-08-01 06:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 18:12 - 2015-08-01 06:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-10 18:12 - 2015-08-01 06:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-10 18:12 - 2015-07-22 17:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 18:12 - 2015-07-22 17:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-10 18:12 - 2015-07-22 17:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-10 18:12 - 2015-07-22 17:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 18:12 - 2015-07-18 21:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-10 18:12 - 2015-07-18 21:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-10 18:12 - 2015-07-18 21:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-10 18:12 - 2015-07-18 21:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-10 18:12 - 2015-07-14 06:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-08 23:59 - 2015-09-19 11:48 - 00807151 _____ C:\Windows\WindowsUpdate.log
2015-09-08 23:57 - 2015-09-08 23:57 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (1).exe
2015-09-08 19:45 - 2015-09-08 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-09-08 19:44 - 2015-09-08 22:44 - 00000000 ____D C:\Users\CECA\Documents\Adobe
2015-09-07 21:22 - 2015-09-07 21:22 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-07 21:22 - 2015-09-07 21:22 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\Program Files\CCleaner
2015-09-07 21:21 - 2015-09-07 21:22 - 06667640 _____ (Piriform Ltd) C:\Users\CECA\Downloads\ccsetup509.exe
2015-09-07 20:38 - 2015-09-07 20:38 - 00000000 ____D C:\Users\CECA\AppData\Local\GWX
2015-09-07 20:03 - 2015-09-07 20:03 - 00001085 _____ C:\Users\CECA\Desktop\Exposure 7.lnk
2015-09-07 20:03 - 2015-09-07 20:03 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alien Skin Software
2015-09-07 19:55 - 2015-09-07 19:56 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}
2015-09-07 19:48 - 2015-09-07 19:48 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Alien Skin
2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\AppData\Local\Alien Skin
2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\.AS
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\ProgramData\Alien Skin
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files\Alien Skin
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files (x86)\Alien Skin
2015-09-07 19:19 - 2015-09-19 08:51 - 00000818 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2015-09-07 19:17 - 2015-09-07 19:17 - 00043312 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-09-07 19:13 - 2015-09-16 18:23 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-09-07 19:13 - 2015-09-08 23:53 - 00000000 ____D C:\Users\CECA\Documents\RegRun2
2015-09-07 19:13 - 2015-09-08 23:52 - 00000000 ____D C:\ProgramData\RegRun
2015-09-07 19:13 - 2015-09-07 19:13 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2015-09-07 19:13 - 2015-09-07 19:13 - 00003318 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2015-09-07 19:13 - 2015-09-07 19:13 - 00001023 _____ C:\Users\CECA\Desktop\UnHackMe.lnk
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\winstart.bat
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2015-09-07 19:13 - 2015-07-21 12:26 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2015-09-07 19:12 - 2015-09-07 19:12 - 17152670 _____ C:\Users\CECA\Downloads\unhackme(1).zip
2015-09-07 19:11 - 2015-09-07 19:12 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]
2015-09-07 19:10 - 2015-09-07 19:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-07 19:10 - 2015-09-07 19:10 - 00000000 ____D C:\Program Files (x86)\28936315-a632-47fa-b3d1-e3b83f7897c5
2015-09-07 19:09 - 2015-09-07 19:10 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe
2015-09-07 19:07 - 2015-09-16 18:04 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-07 19:07 - 2015-09-07 19:07 - 17152670 _____ C:\Users\CECA\Downloads\unhackme.zip
2015-09-07 19:07 - 2015-09-07 19:07 - 00001271 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Opera Software
2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Opera Software
2015-09-07 19:06 - 2015-09-07 19:06 - 00075752 _____ C:\Users\CECA\Downloads\unhackme-57046385.exe
2015-09-07 19:06 - 2015-09-07 19:06 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-07 19:03 - 2015-09-07 19:04 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe
2015-09-07 19:01 - 2015-09-07 19:01 - 00000000 ____D C:\ProgramData\Lenovo
2015-09-07 18:51 - 2015-09-07 18:51 - 00002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-bit.lnk
2015-09-07 18:51 - 2015-09-07 18:51 - 00002083 _____ C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
2015-09-07 11:07 - 2015-09-12 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-07 11:07 - 2015-09-11 20:43 - 00000000 ____D C:\ProgramData\Adobe
2015-09-07 11:07 - 2015-09-07 11:07 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-09-07 11:07 - 2015-09-06 22:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-07 11:06 - 2015-09-06 22:00 - 00002375 _____ C:\Users\CECA\Desktop\New Text Document.txt
2015-09-07 11:01 - 2015-07-30 17:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 11:01 - 2015-07-30 16:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 06:07 - 2015-09-07 06:07 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-07 06:07 - 2015-09-07 06:07 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-07 06:07 - 2015-09-07 06:07 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-07 06:07 - 2015-09-07 06:07 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-07 06:07 - 2015-09-07 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-07 06:04 - 2015-09-16 18:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-07 06:04 - 2015-09-07 06:07 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Roaming\AVAST Software
2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Google
2015-09-07 06:03 - 2015-09-07 06:03 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-07 06:02 - 2015-09-07 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-07 02:53 - 2015-09-16 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-07 02:53 - 2015-09-07 10:39 - 00000000 ____D C:\Users\CECA\AppData\Local\Mozilla
2015-09-07 02:53 - 2015-09-07 02:54 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Mozilla
2015-09-07 02:53 - 2015-09-07 02:53 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3.exe
2015-09-07 02:37 - 2015-04-30 02:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-09-07 02:37 - 2015-03-17 20:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-09-07 02:36 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-07 02:36 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-07 02:36 - 2015-07-16 22:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-09-07 02:36 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-07 02:36 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-07 02:36 - 2015-07-16 22:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-09-07 02:36 - 2015-07-16 21:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-09-07 02:36 - 2015-07-09 21:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-07 02:36 - 2015-06-28 08:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-07 02:36 - 2015-06-28 08:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-07 02:36 - 2015-06-28 08:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-07 02:36 - 2015-06-28 08:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-07 02:36 - 2015-06-27 19:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-07 02:36 - 2015-06-27 06:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-07 02:36 - 2015-06-27 06:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-07 02:36 - 2015-06-27 06:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-07 02:36 - 2015-06-27 06:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-07 02:36 - 2015-06-27 06:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-07 02:36 - 2015-06-27 05:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-09-07 02:36 - 2015-06-27 05:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-07 02:36 - 2015-06-27 05:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-07 02:36 - 2015-06-27 05:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-07 02:36 - 2015-06-27 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-09-07 02:36 - 2015-06-27 04:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-07 02:36 - 2015-06-16 01:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-07 02:36 - 2015-06-16 01:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-07 02:36 - 2015-06-16 01:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-07 02:36 - 2015-06-16 01:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-09-07 02:36 - 2015-06-16 00:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-07 02:36 - 2015-06-16 00:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-07 02:36 - 2015-06-16 00:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-07 02:36 - 2015-06-16 00:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-09-07 02:36 - 2015-06-16 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-07 02:36 - 2015-06-16 00:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-09-07 02:36 - 2015-06-15 23:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-09-07 02:36 - 2015-06-15 23:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-07 02:36 - 2015-06-15 23:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-07 02:36 - 2015-06-15 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-09-07 02:36 - 2015-06-15 23:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-07 02:36 - 2015-05-31 00:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-09-07 02:36 - 2015-05-30 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-09-07 02:36 - 2015-05-30 22:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-09-07 02:36 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-07 02:36 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-07 02:36 - 2015-05-07 20:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 02:36 - 2015-05-07 20:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-09-07 02:36 - 2015-05-07 19:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-07 02:36 - 2015-05-07 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-09-07 02:36 - 2015-05-07 18:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-09-07 02:36 - 2015-05-07 18:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-09-07 02:36 - 2015-05-01 02:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-07 02:36 - 2015-05-01 01:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-07 02:36 - 2015-04-21 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-09-07 02:36 - 2015-04-10 03:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-07 02:36 - 2015-04-10 03:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-07 02:36 - 2015-03-30 08:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-09-07 02:36 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-09-07 02:36 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-09-07 02:36 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-09-07 02:36 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-09-07 02:36 - 2015-03-20 04:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-09-07 02:36 - 2015-03-14 11:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-09-07 02:36 - 2015-03-14 11:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-09-07 02:36 - 2015-03-14 04:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-07 02:36 - 2015-03-09 05:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-09-07 02:36 - 2015-03-04 04:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-09-07 02:36 - 2015-03-04 04:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-09-07 02:36 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-09-07 02:36 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-09-07 02:35 - 2015-07-29 17:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-07 02:35 - 2015-07-29 17:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-07 02:35 - 2015-07-29 17:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-07 02:35 - 2015-07-29 02:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 02:35 - 2015-07-28 17:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 02:35 - 2015-07-16 03:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-07 02:35 - 2015-07-16 03:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-07 02:35 - 2015-07-16 03:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 02:35 - 2015-07-16 03:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-07 02:35 - 2015-07-15 00:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-09-07 02:35 - 2015-07-15 00:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-09-07 02:35 - 2015-07-15 00:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-09-07 02:35 - 2015-07-13 22:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-07 02:35 - 2015-07-13 22:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 02:35 - 2015-07-10 21:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-07 02:35 - 2015-07-10 20:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 02:35 - 2015-07-10 20:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-07 02:35 - 2015-07-10 20:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 02:35 - 2015-07-10 19:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 02:35 - 2015-07-09 19:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-07 02:35 - 2015-07-07 12:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-09-07 02:35 - 2015-07-07 12:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-09-07 02:35 - 2015-07-07 12:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-09-07 02:35 - 2015-07-02 01:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 02:35 - 2015-07-02 01:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 02:35 - 2015-07-02 00:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-07 02:35 - 2015-07-02 00:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-07 02:35 - 2015-06-27 02:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 02:35 - 2015-06-16 08:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-09-07 02:35 - 2015-06-16 08:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-09-07 02:35 - 2015-06-12 20:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-09-07 02:35 - 2015-06-12 19:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-09-07 02:35 - 2015-06-11 23:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-09-07 02:35 - 2015-06-11 23:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-09-07 02:35 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-09-07 02:35 - 2015-05-12 16:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-09-07 02:35 - 2015-05-11 21:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-09-07 02:35 - 2015-05-11 19:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-09-07 02:35 - 2015-05-07 19:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-09-07 02:35 - 2015-05-03 18:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 02:35 - 2015-05-03 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 02:35 - 2015-05-03 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-09-07 02:35 - 2015-05-03 17:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-09-07 02:35 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-09-07 02:35 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-09-07 02:35 - 2015-04-25 05:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-09-07 02:35 - 2015-04-23 18:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-09-07 02:35 - 2015-04-23 18:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-09-07 02:35 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-09-07 02:35 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-09-07 02:35 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-09-07 02:35 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-09-07 02:35 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-09-07 02:35 - 2015-04-09 01:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-09-07 02:35 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-09-07 02:35 - 2015-04-03 03:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-09-07 02:35 - 2015-04-03 03:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-09-07 02:35 - 2015-04-02 01:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-09-07 02:35 - 2015-04-02 01:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-09-07 02:35 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-09-07 02:35 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-09-07 02:35 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-09-07 02:35 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-09-07 02:35 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-09-07 02:35 - 2015-04-01 06:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-09-07 02:35 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-09-07 02:35 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-09-07 02:35 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-09-07 02:35 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-09-07 02:35 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-09-07 02:35 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-09-07 02:35 - 2015-04-01 05:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-09-07 02:35 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-09-07 02:35 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-09-07 02:35 - 2015-03-24 00:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-09-07 02:35 - 2015-03-24 00:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-09-07 02:35 - 2015-03-20 07:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-09-07 02:35 - 2015-03-20 07:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-07 02:35 - 2015-03-20 07:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-07 02:35 - 2015-03-20 06:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-09-07 02:35 - 2015-03-20 05:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-09-07 02:35 - 2015-03-14 03:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-09-07 02:35 - 2015-03-13 07:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-09-07 02:35 - 2015-03-13 07:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-09-07 02:35 - 2015-03-13 05:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-09-07 02:35 - 2015-03-13 05:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-09-07 02:35 - 2015-03-13 05:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-09-07 02:35 - 2015-03-13 04:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-09-07 02:35 - 2015-03-13 03:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-09-07 02:35 - 2015-03-11 04:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-09-07 02:35 - 2015-03-11 04:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-09-07 02:35 - 2015-03-09 05:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-09-07 02:35 - 2015-03-06 06:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-09-07 02:35 - 2015-03-06 05:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-09-07 02:35 - 2015-03-06 05:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-09-07 02:35 - 2015-03-04 13:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-09-07 02:35 - 2015-03-04 06:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-09-07 02:35 - 2015-03-04 05:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-09-07 02:35 - 2015-02-24 11:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-09-07 02:35 - 2015-02-21 02:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-09-07 02:35 - 2015-02-18 02:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-09-07 02:34 - 2015-05-03 18:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-09-07 02:34 - 2015-05-03 17:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-09-07 02:30 - 2015-09-07 02:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-09-07 02:16 - 2015-09-07 02:16 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Macromedia
2015-09-07 02:12 - 2015-09-19 08:55 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B794C6B0-B401-414A-8690-EE66D60178F8}
2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieUserList
2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieSiteList
2015-09-07 02:12 - 2015-09-07 19:23 - 00000000 __SHD C:\Users\CECA\AppData\Local\EmieBrowserModeList
2015-09-07 02:11 - 2015-09-07 02:11 - 00002088 _____ C:\Users\Public\Desktop\Ръководства на потребителя.lnk
2015-09-07 02:11 - 2015-09-07 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-09-07 02:08 - 2015-09-07 02:08 - 00000000 __SHD C:\UserGuidePDF
2015-09-07 02:05 - 2015-09-07 02:11 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\Lenovo
2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\DIFX
2015-09-07 02:05 - 2015-09-07 02:04 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2015-09-07 02:05 - 2015-09-07 02:04 - 00035576 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2015-09-07 02:04 - 2015-09-07 02:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Downloaded Installations
2015-09-07 02:02 - 2014-03-25 15:14 - 09113304 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-09-07 02:02 - 2014-03-25 15:14 - 06340312 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2015-09-07 02:02 - 2014-03-25 15:14 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2015-09-07 02:02 - 2014-03-25 15:14 - 01157563 _____ C:\Windows\FTDataP.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00946032 _____ C:\Windows\FTData.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00817241 _____ C:\Windows\FTDataR1.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00817191 _____ C:\Windows\FTDataR0.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00472792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2015-09-07 02:02 - 2014-03-25 15:14 - 00419032 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2015-09-07 01:58 - 2015-09-07 01:58 - 00000000 ____D C:\Program Files\Elantech
2015-09-07 01:58 - 2014-08-20 06:07 - 00045896 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller.dll
2015-09-07 01:58 - 2014-08-19 10:59 - 00425736 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2015-09-07 01:55 - 2015-09-07 01:55 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Users\CECA\Intel.sav
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel.sav
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-09-07 01:53 - 2015-09-07 01:53 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-09-07 01:53 - 2014-03-27 06:06 - 00331992 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2015-09-07 01:53 - 2014-01-27 08:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-09-07 01:51 - 2015-09-13 21:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-07 01:51 - 2015-09-07 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-07 01:51 - 2014-05-29 10:55 - 00873176 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-09-07 01:51 - 2014-05-29 10:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-09-07 01:50 - 2015-09-19 08:54 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-09-07 01:47 - 2015-09-16 22:19 - 00181364 _____ C:\Users\Public\CAFADEBUG.log
2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-09-07 01:46 - 2015-09-07 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-09-07 01:45 - 2011-09-01 10:23 - 00447104 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
2015-09-07 01:43 - 2014-07-16 04:34 - 00001852 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2015-09-07 01:42 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\CONEXANT
2015-09-07 01:42 - 2015-09-07 01:42 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-07 01:42 - 2014-09-12 06:45 - 01462464 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2015-09-07 01:42 - 2014-03-18 20:02 - 02867928 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A52.DLL
2015-09-07 01:42 - 2014-01-08 08:26 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-09-07 01:42 - 2013-11-15 10:08 - 00944832 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64BP07.dll
2015-09-07 01:42 - 2013-11-15 09:37 - 01790168 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP86.dll
2015-09-07 01:42 - 2013-08-05 13:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-09-07 01:42 - 2013-07-25 09:39 - 00206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2015-09-07 01:42 - 2013-05-15 10:27 - 00406208 _____ (Conexant Systems, Inc.) C:\Windows\system32\CSpkExt64.dll
2015-09-07 01:42 - 2012-06-29 08:04 - 00050848 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
2015-09-07 01:42 - 2012-01-16 05:42 - 00666240 _____ (Conexant Systems, Inc.) C:\Windows\system32\C3DHPExt64.dll
2015-09-07 01:42 - 2011-01-18 03:35 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
2015-09-07 01:41 - 2015-09-07 01:42 - 00000000 ____D C:\ProgramData\Conexant
2015-09-07 01:40 - 2015-09-07 01:40 - 00872506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-07 01:40 - 2015-09-07 01:40 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel Corporation
2015-09-07 01:39 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel
2015-09-07 01:39 - 2015-09-07 01:53 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-09-07 01:39 - 2015-09-07 01:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-07 01:39 - 2015-09-07 01:39 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____D C:\ProgramData\Intel® Update Manager
2015-09-07 01:36 - 2015-09-07 01:36 - 00000000 ____D C:\Users\CECA\Intel
2015-09-07 01:35 - 2015-09-07 19:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-07 01:32 - 2015-09-07 01:32 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-06 22:44 - 2015-09-06 22:47 - 00001038 _____ C:\Users\Public\Desktop\Adobe Photoshop CC 2014.lnk
2015-09-06 22:44 - 2015-09-06 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014
2015-09-06 22:39 - 2015-09-06 22:39 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-09-06 22:37 - 2015-09-06 22:37 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-09-06 22:25 - 2015-09-06 22:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-09-06 21:53 - 2015-09-06 21:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\NVIDIA
2015-09-06 21:52 - 2015-09-06 21:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-09-06 21:43 - 2015-09-07 18:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-06 21:39 - 2015-09-07 18:50 - 00000000 ____D C:\Program Files\Adobe
2015-09-06 21:26 - 2015-09-06 21:29 - 00000000 ____D C:\Users\CECA\Downloads\Adobe Photoshop CC 2014 v15.2.2 RePack
2015-09-06 21:20 - 2015-09-06 21:20 - 00659496 _____ (Best Installer) C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.exe
2015-09-06 21:11 - 2015-09-06 20:03 - 00000000 _____ C:\Users\CECA\Downloads\password is 123
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\Users\CECA\AppData\Roaming\WinRAR
2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-06 21:07 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files\WinRAR
2015-09-06 21:07 - 2015-09-06 21:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Macromedia
2015-09-06 21:06 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG
2015-09-06 21:02 - 2015-09-06 21:03 - 00203010 ____N C:\Users\CECA\Downloads\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.zip
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\CECA\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-09-06 20:28 - 2015-09-19 11:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-06 20:28 - 2015-09-15 21:52 - 00001950 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-06 20:28 - 2015-09-06 20:28 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 20:27 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Local\Adobe
2015-09-06 20:26 - 2015-09-06 20:26 - 00000000 ____D C:\Users\CECA\Downloads\Adobe CS6 All Products Activator (x32 & x64)
2015-09-06 20:24 - 2015-09-06 20:24 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-06 20:24 - 2015-09-06 20:24 - 00000959 _____ C:\Users\Public\Desktop\µTorrent.lnk
2015-09-06 20:24 - 2015-09-06 20:24 - 00000000 ____D C:\Program Files (x86)\uTorrent
2015-09-06 20:23 - 2015-09-19 11:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\uTorrent
2015-09-05 10:24 - 2015-09-05 10:24 - 00000425 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-05 10:23 - 2015-09-07 01:56 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-05 10:23 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Intel
2015-09-05 10:23 - 2015-09-05 10:23 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-09-05 10:23 - 2015-09-05 10:23 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2015-09-05 10:23 - 2014-09-23 06:41 - 24237936 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 23432464 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 17342080 _____ C:\Windows\system32\igd11dxva64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01508488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01365504 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01061376 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00768104 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00764520 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00685568 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00629272 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00510304 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00303208 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00255624 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00225792 _____ C:\Windows\system32\igdde64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00207496 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00186368 _____ C:\Windows\SysWOW64\igdde32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00175024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00174592 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00131208 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00123528 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 23969280 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 18843648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 16858480 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 08813056 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 08313344 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07802880 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07715672 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07012176 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 06932992 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 05866352 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 04726928 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-09-05 10:22 - 2014-09-23 06:41 - 04619480 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2015-09-05 10:22 - 2014-09-23 06:41 - 02810128 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 02772616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 02020352 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01137080 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01132960 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00883848 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00612488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00562824 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00471656 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00456296 _____ C:\Windows\system32\igfxTray.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00417896 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00397312 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00350344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00349696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00254976 _____ C:\Windows\system32\igfxCPL.cpl
2015-09-05 10:22 - 2014-09-23 06:41 - 00224256 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00220392 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00194664 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00193672 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00184312 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3947.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00162304 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00144896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00087144 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00086632 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ C:\Windows\system32\igfxCUIServicePS.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00059392 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00031408 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00003944 _____ C:\Windows\system32\iglhxs64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2015-09-05 10:19 - 2015-09-16 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1004
2015-09-05 10:19 - 2015-09-05 10:19 - 00000000 ____D C:\Intel
2015-09-05 10:19 - 2014-09-23 06:41 - 00453872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-09-05 10:18 - 2015-09-07 19:10 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Users\CECA\AppData\Local\NVIDIA
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-05 10:18 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-05 10:18 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 06682256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 03498184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 01072272 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00929936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-09-05 10:18 - 2014-09-15 02:19 - 00606528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-09-05 10:18 - 2014-09-11 23:11 - 03961833 _____ C:\Windows\system32\nvcoproc.bin
2015-09-05 10:17 - 2014-09-16 10:55 - 30414656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 22994632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 18314248 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 18241624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 15880864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 15246896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 12737864 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-05 10:17 - 2014-09-16 10:55 - 11591896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 09735816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 09693568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 03133760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 03126600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 02939208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 02755216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 01882312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433360.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 01509576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433360.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00931648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00893584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00886088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00853192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00478408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00404808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00355016 _____ C:\Windows\system32\NvIFROpenGL.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00313672 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00168664 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00141384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00023662 _____ C:\Windows\system32\nvinfo.pb
2015-09-05 10:16 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-05 10:16 - 2014-09-16 10:55 - 25256648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 11643408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 03085600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 02709168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 00000073 _____ C:\Users\CECA\Desktop\ActStatus.log
2015-09-05 10:09 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Adobe
2015-09-05 10:09 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA
2015-09-05 10:09 - 2015-09-07 11:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Packages
2015-09-05 10:09 - 2015-09-05 10:09 - 00001446 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-05 10:09 - 2015-09-05 10:09 - 00000020 ___SH C:\Users\CECA\ntuser.ini
2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Windows\CSC
2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Users\CECA\AppData\Local\VirtualStore
2015-09-05 10:09 - 2015-03-11 23:47 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-05 10:09 - 2014-11-24 21:36 - 00194560 _____ C:\Users\CECA\Desktop\KMScmd.exe
2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-05 10:09 - 2014-03-03 12:55 - 01425461 _____ (ByELDI 'nova-s release') C:\Users\CECA\Desktop\KMSpico.exe
2015-09-05 10:09 - 2013-08-22 18:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-05 10:05 - 2015-09-05 10:05 - 00002308 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-500
2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 __SHD C:\Recovery
2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-05 10:04 - 2015-09-19 08:51 - 00153336 _____ C:\Windows\system32\wpbbin.exe
2015-09-05 10:04 - 2015-09-19 08:51 - 00111088 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoCheck.exe
2015-09-05 10:04 - 2015-09-19 08:51 - 00026608 _____ (Lenovo) C:\Windows\system32\LenovoUpdate.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-19 11:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-19 08:58 - 2014-11-21 10:38 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-19 08:51 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-16 22:19 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-16 17:21 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
2015-09-12 10:34 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-11 18:16 - 2013-08-22 17:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 23:05 - 2015-03-11 23:16 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 23:05 - 2014-11-21 10:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-08 19:51 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppCompat
2015-09-07 21:25 - 2015-03-11 17:05 - 00000000 ____D C:\Windows\Panther
2015-09-07 20:42 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-07 20:08 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Resources
2015-09-07 11:04 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-07 01:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Default
2015-09-07 01:40 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\restore
2015-09-06 22:25 - 2015-03-11 22:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-06 22:25 - 2014-11-21 18:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\WinStore
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-06 22:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-09-06 21:43 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-05 11:03 - 2013-08-22 18:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-09-05 10:18 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Help
2015-09-05 10:09 - 2015-03-11 17:28 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-05 10:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-26 18:37 - 2015-03-11 23:16 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-09-07 01:42 - 2015-09-07 01:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-07 19:06 - 2015-09-07 19:06 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-16 09:39

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! :)

 

remove%20outdated.jpg Деинсталиране нa програми

  • Натиснете WindowsKey.png + R на клавиатурата си по едно и също време. Въведете appwiz.cpl и щракнете върху OK. Деинсталирайте  програмата които съм ви написал в карето:

 

McAfee Security Scan Plus

 

След завършване на деинсталацията, моля  да рестартирате машината си!

 

FRST.gif Фикс с Farbar Recovery Scan Tool

 
icon13.gif Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => fixlist.txt
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.
Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

 

xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by CECA (2015-09-19 12:39:25) Run:1
Running from C:\Users\CECA\Desktop
Loaded Profiles: CECA (Available Profiles: CECA)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Task: {35B80DDE-DBB0-4774-9F45-354862995313} - \WPD\SqmUpload_S-1-5-21-1218914521-3287957943-3067180699-1001 -> No File <==== ATTENTION
Task: {962C1B62-7CD1-4C78-B618-FD1BA30BF82F} - \Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1001 -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe:typelib
AlternateDataStreams: C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe:typelib
RemoveProxy:
Hosts:
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
emptytemp:
reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35B80DDE-DBB0-4774-9F45-354862995313}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35B80DDE-DBB0-4774-9F45-354862995313}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1218914521-3287957943-3067180699-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{962C1B62-7CD1-4C78-B618-FD1BA30BF82F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{962C1B62-7CD1-4C78-B618-FD1BA30BF82F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1001" => key removed successfully
C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe => ":typelib" ADS removed successfully.
C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe => ":typelib" ADS removed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 65 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 12:39:55 ====

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Моля, изтеглете ZOEK (by Smeenk) и да го запишете на вашия работен плот
Временно деактивирайте вашата антивирусна и антишпионска защита - инструкции тук

  • Щракнете с десния бутон върху тази икона  51a612a8b27e2-Zoek.pngи изберете RunAsAdmin.jpg Run as Administrator, за да стартирате инструмента.
  • Изчакайте търпеливо, докато  се появи  главната конзола (може да отнеме минута или две).

 

52b6de58f1952-Zoek_Startpagina_5.0.0.0.P

 

  • В главния прозорец, моля поставете в следния скрипт:

 

createsrpoint;
autoclean;
emptyclsid;
emptyalltemp;

 

  • Уверете се, че  опцията Scan All Users е маркирана.
  • Натиснете Run Script и изчакайте. Сканирането може да отнеме няколко минути.
  • Когато сканирането приключи, ще се отвори лог файл с име zoek-results.
  • Ако е необходимо рестартиране, той ще се отвори след това.
  • Копирайте съдържанието му в следващия си отговор.

 

xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
 
В следващия си отговор, моля да включите следните дневници:

 

  • Лог файл с име zoek-results
  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Знам, че е Off Topic и нямам право да пиша тук колега Icotonev, но се радвам, че отново си сред нас.  :)


  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пуснах скан на зоек, обаче нещата май спряха до: --- Create Backups 16:15:28,54

 

И оттогава нищо не се изписва...Зоек-файл няма създаден.

 

Emokostov, то не че е хубав поводът да се появявам, но пък е радост да общувам с хората от сайта :)

 

П.П.

Ето това е всичко от началото на зоек-скан:

Zoek.exe v5.0.0.0 Updated 19-09-2015
Tool run by CECA on бкЎ 19.09.2015 Ј. at 16:03:30,99.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\CECA\Desktop\zoek.exe [scan all users] [script inserted]

===== Runcheck 16:06:22,45 =====

--- Create Environment Variables 16:06:25,43
--- Create System Restore Point 16:06:37,56
--- Checking Input 16:06:51,99
--- AU AppData Check 16:07:02,67
--- Remove From Windows Installer 16:07:04,72
--- Empty Folders Check 16:07:37,96
--- Registry HKLM Software Check 16:07:37,98
--- Quick Launch Shortcut Check 16:07:45,87
--- IE Startpage Check 16:07:48,33
--- Program Files DB Check 16:07:58,16
--- C:\Users\CECA\AppData\Roaming DB Check 16:08:42,43
--- C:\Users\Default\AppData\Roaming DB Check 16:08:42,43
--- C:\Users\Default User\AppData\Roaming DB Check 16:08:42,43
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 16:08:42,43
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 16:08:42,43
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 16:08:42,43
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 16:08:42,43
--- C:\Users\CECA DB Check 16:10:43,81
--- C:\PROGRA~3 DB Check 16:10:59,80
--- C:\Users\CECA\AppData\Local DB Check 16:11:02,95
--- C:\Users\Default\AppData\Local DB Check 16:11:02,95
--- C:\Users\Default User\AppData\Local DB Check 16:11:02,95
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 16:11:02,95
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 16:11:02,95
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 16:11:02,95
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 16:11:02,95
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 16:12:23,72
--- C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 16:12:32,44
--- Tasks DB Check 16:12:37,88
--- Downloads DB Check 16:12:41,74
--- C:\Users\CECA\AppData\LocalLow DB Check 16:12:45,82
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 16:12:45,82
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 16:12:45,82
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 16:12:45,82
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 16:12:45,82
--- Tasks2 DB Check 16:13:29,45
--- Documents DB Check 16:13:55,78
--- C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default DB Check 16:14:02,19
--- C:\Users\Public\Desktop DB Check 16:14:04,14
--- C:\Users\CECA\Desktop DB Check 16:14:08,14
--- Services DB Check 16:14:14,91
--- FF prefs.js DB Check 16:14:28,85
--- Emptyclsid 16:15:01,24
--- Del by CLSID 16:15:02,62
--- Delete Services 16:15:24,56
--- Firefox Fix 16:15:26,32
--- Delete files\folders 16:15:28,47
--- Create Backups 16:15:28,54

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Какво е моментното състояние на системата..Има ли подобрение..? Наблюдавате ли някакви нередности..? Как са браузърите..?

 

 

icon_zps423a0d9f.jpgМоля изтеглете ZHPcleaner и я запазете на вашия десктоп.

  • Стартирайте ZHPCleaner с десен клик върху файла и изберете от контекстното меню "Run as administrator"
  • Кликнете върху Ashampoo_Snap_20140819_13h09m50s_001__zp за да се съгласите с лицензионното споразумение.
  • Изберете бутона y3pI4LR.png.
  • Браузърите ще бъдат затворени автоматично.
  • Ще се отвори лог файл след приключването на проверката.
  • Публикувайте лог файла в следващия си коментар.

 

 

Сканиране с AdwCleaner
 
Моля, изтеглете и стартирайте програмата AdwCleaner (by Xplode):

  • Затворете всички стартирани програми и браузъри
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
  • Маркирайте Clean
  • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
  • Моля, да публикувате съдържанието на този лог в отговора си
  • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

 

 

Сканиране с Junkware Removal Tool
 
Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

 

Дневници
 
В следващия си отговор, моля да включите следните дневници:

 

  • Лог файл от ZHPCleaner
  • AdwCleaner[s0].txt
  • JRT.txt
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Програмата зоек си остана на същото ниво. Като се опитам да я изключа, ми излиза надпис, че все още работи. Какво да я правя? :)

За браузърите - има частично подобрение, в смисъл  - някои страници зарежда бързо, други ги върти до откат...Facebook се затруднява да отвори например.

 

Другото странно нещо е, че като отворя една страница, автоматично ме мята долу в нейния край. Първо мислех, че е някаква опция тук на форумите да те препращат направо долу, където се публикува ново мнение, но от вчера го забелязвам и при други страници и сайтове.

 

Сега ще пусна другите програми...,

~ ZHPCleaner v2015.9.19.352 by Nicolas Coolman (2015/09/19)
~ Run by CECA (Administrator)  (20/09/2015 10:07:32)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\CECA\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\CECA\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Pro, 64-bit  (Build 9600)

---\\  Services (0)
~ No malicious or unnecessary items found.

---\\  Browser internet (21)
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.alias", "oursurfing");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.iconURL", "http://www.oursurfing.com/favicon.ico");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.name", "oursurfing");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.ptid", "amt");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.uid", "ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC");  =>PUP.Optional.SearchEngine
FOUND: [p77hdsrm.default] - user_pref("browser.search.searchengine.url", "http://www.oursurfing.com/web/?type=ds&ts=1441641884&z[...]  =>PUP.Optional.SearchEngine
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml    =>PUP.Optional.OurSurfing
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\chrome    =>PUP.Optional.PriceFountain
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\chrome.manifest    =>PUP.Optional.PriceFountain
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com\install.rdf    =>PUP.Optional.PriceFountain
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\chrome    =>PUP.Optional.DeskCut
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\chrome.manifest    =>PUP.Optional.DeskCut
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\defaults    =>PUP.Optional.DeskCut
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\install.rdf    =>PUP.Optional.DeskCut
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com\modules    =>PUP.Optional.DeskCut
FOUND folder: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com  =>PUP.Optional.PriceFountain
FOUND folder: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com  =>PUP.Optional.DeskCut
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com    =>PUP.Optional.PriceFountain
FOUND file: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com    =>PUP.Optional.DeskCut
FOUND folder: C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi  =>Opera

---\\  Hosts file (1)
~ The hosts file is legitimate (1)

---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\  Explorer ( File, Folder) (14)
FOUND file: C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk  [bad : C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe]  =>PUP.Optional.CrossBrowse
FOUND file: C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk    =>PUP.Optional.CrossBrowse
FOUND file: C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf    =>PUP.Optional.CrossBrowse
FOUND file: C:\Windows\Prefetch\KMSPICO.EXE-79BADEE3.pf    =>HackTool.KMSpico
FOUND file: C:\Users\CECA\Desktop\KMSpico.exe [byELDI 'nova-s release' - KMSpico portable]  =>HackTool.KMSpico
FOUND file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse\Crossbrowse.lnk    =>PUP.Optional.CrossBrowse
FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse  =>PUP.Optional.CrossBrowse
FOUND folder: C:\Windows\Installer\MSIA11B.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSIA245.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSIBC52.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSIC135.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSICA71.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSIF3E1.tmp-  =>Empty
FOUND folder: C:\Windows\Installer\MSIF4CC.tmp-  =>Empty

---\\  Registry ( Key, Value, Data) (87)
FOUND value: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\defsearchp@gmail.com [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com]  =>PUP.Optional.PriceFountain
FOUND value: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\deskCutv2@gmail.com [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com]  =>PUP.Optional.DeskCut
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 [globalUpdate Update]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 [globalUpdate Update]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse ["C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" (Not File)]  =>PUP.Optional.CrossBrowse
FOUND value: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
FOUND value: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
FOUND value: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
FOUND value: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
FOUND value: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML []  =>PUP.Optional.CrossBrowse
FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>Heuristic.CrossRider
FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>Heuristic.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\10b4f199-2687-41ac-add3-c31f74b8a819 []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>Heuristic.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>Heuristic.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\ArenaHD []  =>PUP.Optional.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Crossbrowse []  =>PUP.Optional.CrossBrowse
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CrossBrowser []  =>PUP.Optional.CrossBrowser
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\globalUpdate []  =>PUP.Optional.GlobalUpdate
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\HighDefAction []  =>PUP.Optional.CrossRider
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
FOUND key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\YorkNewCin []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\ArenaHD []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\Crossbrowse []  =>PUP.Optional.CrossBrowse
FOUND key: HKCU\Software\CrossBrowser []  =>PUP.Optional.CrossBrowser
FOUND key: HKCU\Software\globalUpdate []  =>PUP.Optional.GlobalUpdate
FOUND key: HKCU\Software\HighDefAction []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
FOUND key: HKCU\Software\YorkNewCin []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\AppDataLow\Software\Crossrider []  =>PUP.Optional.CrossRider
FOUND key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com []  =>Toolbar.Ask
FOUND key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [12]  =>Toolbar.Ask
FOUND key: HKCU\Software\Mozilla\Extends []  =>PUP.Optional.FastStart
FOUND key: [X64] HKLM\SOFTWARE\Classes\Crossbrowse []  =>PUP.Optional.CrossBrowse
FOUND key: [X64] HKLM\SOFTWARE\Classes\CRSBRWSHTML [Crossbrowse HTML Document]  =>PUP.Optional.CrossBrowse
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 [globalUpdate Update Plugin]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine [globalUpdate.OneClickProcessLauncher]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 [globalUpdate.OneClickProcessLauncher]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 [globalUpdate Update Plugin]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync [CoCreateAsync]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 [CoCreateAsync]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 [Google Update Core Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine [GoogleUpdate CredentialDialog]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 [GoogleUpdate CredentialDialog]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher [Google Update Process Launcher Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro []  =>PUP.Optional.WdsManPro
FOUND key: [X64] HKLM\SOFTWARE\ArenaHD []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\HighDefAction []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
FOUND key: [X64] HKLM\SOFTWARE\YorkNewCin []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe []  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Crossbrowse []  =>PUP.Optional.CrossBrowse
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\FFPluginHp []  =>PUP.Optional.SweetSearch
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate []  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware []  =>PUP.Optional.OurSurfing
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\WdsManPro []  =>PUP.Optional.WdsManPro
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin []  =>PUP.Optional.CrossRider
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [C:\Program Files (x86)\globalUpdate\Update (Not File)]  =>PUP.Optional.GlobalUpdate
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 (Not File)]  =>PUP.Optional.GlobalUpdate

---\\ Result of repair
~ Any repair made

---\\ Statistics
~ Items scanned : 69075
~ Items found : 128
~ Items cancelled : 0
~ Items repaired : 0

~ End of search in 2 minutes
===================
ZHPCleaner--20092015-10_09_37.txt

 

 

 

# AdwCleaner v5.008 - Logfile created 20/09/2015 at 10:18:54
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : CECA - SVESVE
# Running from : C:\Users\CECA\Desktop\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[-] Folder Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\deskCutv2@gmail.com
[-] Folder Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\Extensions\defsearchp@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\CECA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
[-] File Deleted : C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
[-] File Deleted : C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\searchplugins\oursurfing.xml

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SOFTWARE\10b4f199-2687-41ac-add3-c31f74b8a819
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE

***** [ Web browsers ] *****

[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "oursurfing");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/favicon.ico");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "oursurfing");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.ptid", "amt");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.uid", "ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC");
[-] [C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=ds&ts=1441641884&z=9355f2c44cc90163249910dgbzczbg9qazbg3t5g5z&from=amt&uid=ST1000LM014-SSHD-8GB_W770SHWCXXXXW770SHWC&q[...]
[-] [C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9952 bytes] ##########

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Дневници
 
В следващия си отговор, моля да включите следните дневници:

 

  • Лог файл от ZHPCleaner
  • AdwCleaner[s0].txt
  • JRT.txt

 

Остана още един дневник..?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8.1 Pro x64
Ran by CECA on ­Ґ¤ 20.09.2015 Ј. at 10:24:30,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Chrome

[C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\CECA\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ­Ґ¤ 20.09.2015 Ј. at 10:29:25,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
  • Стартирайте ZHPCleaner с десен клик върху файла и изберете от контекстното меню "Run as administrator"
  • Кликнете върху Ashampoo_Snap_20140819_13h09m50s_001__zp за да се съгласите с лицензионното споразумение.
  • Направете нова проверка и след като приключи натиснете бутона slm23Pe.png
  • Браузърите ще бъдат затворени автоматично.
  • Ще се отвори лог файл след прикючването на проверката.
  • Публикувайте лог файла в следващия си коментар.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Направих го, но не ми се появи лог файл, а се отвори Гугл Хроме с този линк: http://www.nicolascoolman.fr/forum/

 

Как да изкарам лог, има един бутон Report, дали от него няма да излезе?

 

Натиснах Рипорта и ето резултат:

~ ZHPCleaner v2015.9.19.352 by Nicolas Coolman (2015/09/19)
~ Run by CECA (Administrator)  (20/09/2015 10:59:31)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Type : Repair
~ Report : C:\Users\CECA\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\CECA\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Pro, 64-bit  (Build 9600)

---\\  Services (0)
~ No malicious or unnecessary items found.

---\\  Browser internet (0)

---\\  Hosts file (1)
~ The hosts file is legitimate (1)

---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\  Explorer ( File, Folder) (10)
MOVED file: C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf    =>PUP.Optional.CrossBrowse
MOVED file: C:\Users\CECA\Desktop\KMSpico.exe [byELDI 'nova-s release' - KMSpico portable]  =>HackTool.KMSpico
MOVED folder: C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi  =>PUP.Optional.CrossRider
MOVED folder: C:\Windows\Installer\MSIA11B.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIA245.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIBC52.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIC135.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSICA71.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIF3E1.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSIF4CC.tmp-  =>Empty

---\\  Registry ( Key, Value, Data) (13)
DELETED key*: HKCU\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv []  =>PUP.Optional.CrossRider
DELETED key: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\CinemaP-1.9cV07.09-nv-ie []  =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com []  =>Toolbar.Ask
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com [12]  =>Toolbar.Ask
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Crossbrowse []  =>PUP.Optional.CrossBrowse
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro []  =>PUP.Optional.WdsManPro
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV07.09 []  =>PUP.Optional.CrossRider

---\\ Result of repair
~ Repair carried out successfully

---\\ Statistics
~ Items scanned : 1080
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 23

~ End of clean in 0 minutes
===================
ZHPCleaner-[R]-20092015-10_59_48.txt
ZHPCleaner--20092015-10_09_37.txt
ZHPCleaner--20092015-10_58_57.txt

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтрийте FRST.exe и логовете към нея. След това изтеглете отново свежа версия и повторете сканирането по тази инструкция:

 

Сканиране с Farbar Recovery Scan Tool

 

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост. Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

 

  Дневници
 
В следващия си отговор, моля да включите следните дневници:

 

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by CECA (administrator) on SVESVE (20-09-2015 13:01:20)
Running from C:\Users\CECA\Desktop
Loaded Profiles: CECA (Available Profiles: CECA)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [10828056 2015-09-07] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [289584 2015-09-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-07] (AVAST Software)
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77D90807-B3E7-4DF6-A1D2-002BEAEED43B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1218914521-3287957943-3067180699-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1218914521-3287957943-3067180699-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default
FF NewTab:
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://google.bg/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-07]
FF Extension: No Name - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\extensions\deskCutv2@gmail.com [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-11]

Chrome:
=======
CHR Profile: C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Google Docs) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-07]
CHR Extension: (Google Drive) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-07]
CHR Extension: (YouTube) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-07]
CHR Extension: (Google Search) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-07]
CHR Extension: (Google Sheets) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Google Docs Offline) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-16]
CHR Extension: (Avast Online Security) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-07]
CHR Extension: (Gmail) - C:\Users\CECA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-07]

Opera:
=======
OPR Extension: (pnaiinchjaonopoejhknmgjingcnaloc) - C:\Users\CECA\AppData\Roaming\Opera Software\Opera Stable\Extensions\pnaiinchjaonopoejhknmgjingcnaloc [2015-09-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
S2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-14] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S2 LenovoSetSvr; C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe [369944 2015-09-07] (Lenovo(beijing) Limited)
S3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-09-20] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-09-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-09-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-09-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-07] (AVAST Software)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-14] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-07] (Intel Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2015-09-07] (Greatis Software)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-20 13:01 - 2015-09-20 13:01 - 00014408 _____ C:\Users\CECA\Desktop\FRST.txt
2015-09-20 12:59 - 2015-09-20 13:00 - 02191360 _____ (Farbar) C:\Users\CECA\Desktop\FRST64.exe
2015-09-20 12:07 - 2015-09-20 12:07 - 00003282 _____ C:\Users\CECA\Desktop\ZHPCleaner2.txt
2015-09-20 10:29 - 2015-09-20 10:29 - 00001065 _____ C:\Users\CECA\Desktop\JRT.txt
2015-09-20 10:23 - 2015-09-20 10:23 - 01798976 _____ (Malwarebytes) C:\Users\CECA\Desktop\JRT.exe
2015-09-20 10:18 - 2015-09-20 10:18 - 00000000 ____D C:\AdwCleaner
2015-09-20 10:16 - 2015-09-20 10:16 - 01662976 _____ C:\Users\CECA\Desktop\adwcleaner_5.008.exe
2015-09-20 10:09 - 2015-09-20 10:59 - 00003282 _____ C:\Users\CECA\Desktop\ZHPCleaner.txt
2015-09-20 10:07 - 2015-09-20 10:59 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ZHP
2015-09-20 10:07 - 2015-09-20 10:56 - 00000873 _____ C:\Users\CECA\Desktop\ZHPCleaner.lnk
2015-09-20 10:01 - 2015-09-20 10:04 - 01961472 _____ C:\Users\CECA\Desktop\ZHPCleaner.exe
2015-09-19 20:56 - 2015-09-19 20:56 - 00010240 ___SH C:\Users\CECA\Desktop\Thumbs.db
2015-09-19 19:18 - 2015-09-19 19:18 - 00000873 _____ C:\Users\CECA\Documents\Music - Shortcut.lnk
2015-09-19 16:15 - 2015-09-19 16:15 - 00000021 _____ C:\folders.log
2015-09-19 16:15 - 2015-09-19 16:15 - 00000000 ____D C:\zoek
2015-09-19 16:15 - 2015-09-19 16:15 - 00000000 ____D C:\Users\CECA\AppData\Local\VirtualStore
2015-09-19 16:06 - 2015-09-19 16:15 - 00002030 _____ C:\zoek-results.log
2015-09-19 16:03 - 2015-09-19 16:15 - 00003009 _____ C:\runcheck.txt
2015-09-19 16:01 - 2015-09-19 16:15 - 00000000 ____D C:\zoek_backup
2015-09-19 15:57 - 2015-09-19 15:55 - 01308672 _____ C:\Users\CECA\Desktop\zoek.exe
2015-09-19 12:38 - 2015-09-19 12:38 - 00001372 _____ C:\Users\CECA\Downloads\fixlist.txt
2015-09-19 12:25 - 2015-09-20 10:19 - 00001142 _____ C:\Windows\setupact.log
2015-09-19 12:25 - 2015-09-20 10:19 - 00000900 _____ C:\Windows\PFRO.log
2015-09-19 12:25 - 2015-09-19 12:25 - 00000000 _____ C:\Windows\setuperr.log
2015-09-19 11:53 - 2015-09-20 13:01 - 00000000 ____D C:\FRST
2015-09-19 09:08 - 2015-09-20 10:23 - 00000196 _____ C:\Windows\lupdate.log
2015-09-16 18:24 - 2015-09-16 18:24 - 00000000 ____D C:\@RestoreQuarantine
2015-09-16 18:23 - 2015-09-16 18:23 - 00002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-16 18:23 - 2015-09-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-16 18:13 - 2015-09-20 12:18 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 18:13 - 2015-09-20 10:20 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 18:13 - 2015-09-16 18:13 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 18:13 - 2015-09-16 18:13 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 18:12 - 2015-09-16 18:13 - 00000000 ____D C:\Users\CECA\AppData\Local\Deployment
2015-09-16 18:12 - 2015-09-16 18:12 - 00000000 ____D C:\Users\CECA\AppData\Local\Apps\2.0
2015-09-16 17:33 - 2015-09-16 17:33 - 00724384 _____ (Opera Software) C:\Users\CECA\Downloads\Opera_NI_stable.exe
2015-09-16 17:10 - 2015-09-16 17:11 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (2).exe
2015-09-13 22:21 - 2015-09-13 22:21 - 00001202 _____ C:\Users\CECA\Desktop\Documents - Shortcut.lnk
2015-09-12 15:14 - 2015-09-16 21:27 - 00000000 ____D C:\Users\CECA\AppData\Roaming\ArcSoft
2015-09-12 10:21 - 2015-09-16 21:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\vlc
2015-09-12 10:21 - 2015-09-12 20:06 - 00000000 ____D C:\Users\CECA\AppData\Temp
2015-09-12 10:21 - 2015-09-12 10:21 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-09-12 10:21 - 2015-09-12 10:21 - 00000000 ____D C:\Program Files\VideoLAN
2015-09-12 10:20 - 2015-09-12 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2015-09-12 10:19 - 2015-09-13 21:19 - 00000000 ____D C:\ProgramData\ArcSoft
2015-09-12 10:19 - 2015-09-12 10:21 - 00000000 ____D C:\Users\CECA\AppData\Local\ArcSoft
2015-09-12 10:19 - 2015-09-12 10:19 - 00002033 _____ C:\Users\Public\Desktop\TotalMedia Theatre.lnk
2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre
2015-09-12 10:19 - 2015-09-12 10:19 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2015-09-12 10:19 - 2008-01-25 14:06 - 00010624 _____ C:\Windows\SysWOW64\Drivers\archlp.sys
2015-09-12 10:19 - 2008-01-22 17:55 - 00061440 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MMCEDT.exe
2015-09-12 10:19 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-09-12 10:19 - 2005-05-27 14:58 - 00393216 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLUP60.dll
2015-09-12 10:19 - 2005-05-27 14:58 - 00249856 _____ (Sample Corporation) C:\Windows\SysWOW64\MSLURT.dll
2015-09-12 10:19 - 2003-03-18 22:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-09-12 10:19 - 2003-02-21 04:42 - 00348160 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-09-12 10:18 - 2015-09-12 10:18 - 00015533 _____ C:\Users\CECA\Downloads\VLC Media Player 2.1.3.torrent
2015-09-12 10:18 - 2015-09-12 10:18 - 00000000 ____D C:\Users\CECA\Downloads\VLC Media Player 2.1.3
2015-09-12 10:12 - 2015-09-12 10:13 - 00000000 ____D C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre
2015-09-12 10:12 - 2015-09-12 10:12 - 00016411 _____ C:\Users\CECA\Downloads\ArcSoft-TotalMedia-Theatre.torrent
2015-09-11 19:10 - 2015-09-13 22:21 - 00000000 ____D C:\Users\CECA\Documents\kids
2015-09-10 20:06 - 2015-07-04 00:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-10 20:06 - 2015-07-03 17:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-10 20:05 - 2015-09-03 05:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-10 20:05 - 2015-09-03 05:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 20:05 - 2015-09-02 21:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-10 20:05 - 2015-09-02 20:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 20:05 - 2015-07-22 17:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-10 20:05 - 2015-07-22 16:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-10 20:05 - 2015-07-17 17:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-10 20:05 - 2015-07-17 17:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-10 20:05 - 2015-07-13 22:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-10 20:05 - 2015-07-10 22:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 20:05 - 2015-07-09 19:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-10 20:05 - 2015-06-27 14:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-10 20:05 - 2015-06-19 20:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-10 18:43 - 2015-09-10 18:43 - 00058231 _____ C:\Users\CECA\Downloads\pnew.zip
2015-09-10 18:38 - 2015-09-10 18:41 - 253063997 _____ C:\Users\CECA\Downloads\flotren.zip
2015-09-10 18:17 - 2015-09-10 18:17 - 00065446 _____ C:\Users\CECA\Documents\cc_20150910_181717.reg
2015-09-10 18:14 - 2015-08-27 05:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-10 18:14 - 2015-08-26 21:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-10 18:14 - 2015-08-26 21:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-10 18:14 - 2015-08-26 17:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-10 18:14 - 2015-08-26 17:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-10 18:14 - 2015-08-26 17:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-10 18:14 - 2015-08-26 17:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-10 18:14 - 2015-08-26 17:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-10 18:13 - 2015-07-30 20:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-10 18:13 - 2015-07-30 19:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 18:12 - 2015-09-02 05:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-10 18:12 - 2015-09-02 05:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-10 18:12 - 2015-09-02 05:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-10 18:12 - 2015-09-02 05:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 18:12 - 2015-09-02 05:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 18:12 - 2015-08-22 21:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-10 18:12 - 2015-08-22 20:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-10 18:12 - 2015-08-22 20:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-10 18:12 - 2015-08-22 20:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-10 18:12 - 2015-08-22 20:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-10 18:12 - 2015-08-22 20:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-10 18:12 - 2015-08-22 19:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-10 18:12 - 2015-08-22 19:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-10 18:12 - 2015-08-22 19:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-10 18:12 - 2015-08-22 19:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-10 18:12 - 2015-08-22 19:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-10 18:12 - 2015-08-22 19:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-10 18:12 - 2015-08-22 19:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-10 18:12 - 2015-08-22 19:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-10 18:12 - 2015-08-22 19:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-10 18:12 - 2015-08-22 19:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-10 18:12 - 2015-08-22 19:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-10 18:12 - 2015-08-22 19:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-10 18:12 - 2015-08-22 19:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-10 18:12 - 2015-08-22 19:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-10 18:12 - 2015-08-22 19:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-10 18:12 - 2015-08-22 19:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-10 18:12 - 2015-08-22 19:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-10 18:12 - 2015-08-22 19:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-10 18:12 - 2015-08-22 19:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-10 18:12 - 2015-08-22 18:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-10 18:12 - 2015-08-22 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 18:12 - 2015-08-04 00:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-10 18:12 - 2015-08-04 00:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 18:12 - 2015-08-01 17:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-10 18:12 - 2015-08-01 06:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-10 18:12 - 2015-08-01 06:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-10 18:12 - 2015-08-01 06:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-10 18:12 - 2015-08-01 06:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-10 18:12 - 2015-08-01 06:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-10 18:12 - 2015-07-22 17:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-10 18:12 - 2015-07-22 17:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-10 18:12 - 2015-07-22 17:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-10 18:12 - 2015-07-22 17:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 18:12 - 2015-07-18 21:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-10 18:12 - 2015-07-18 21:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-10 18:12 - 2015-07-18 21:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-10 18:12 - 2015-07-18 21:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-10 18:12 - 2015-07-14 06:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-08 23:59 - 2015-09-20 11:46 - 00918607 _____ C:\Windows\WindowsUpdate.log
2015-09-08 23:57 - 2015-09-08 23:57 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3 (1).exe
2015-09-08 19:44 - 2015-09-08 22:44 - 00000000 ____D C:\Users\CECA\Documents\Adobe
2015-09-07 21:22 - 2015-09-07 21:22 - 00002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-07 21:22 - 2015-09-07 21:22 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-07 21:22 - 2015-09-07 21:22 - 00000000 ____D C:\Program Files\CCleaner
2015-09-07 21:21 - 2015-09-07 21:22 - 06667640 _____ (Piriform Ltd) C:\Users\CECA\Downloads\ccsetup509.exe
2015-09-07 20:38 - 2015-09-07 20:38 - 00000000 ____D C:\Users\CECA\AppData\Local\GWX
2015-09-07 20:03 - 2015-09-07 20:03 - 00001085 _____ C:\Users\CECA\Desktop\Exposure 7.lnk
2015-09-07 20:03 - 2015-09-07 20:03 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alien Skin Software
2015-09-07 19:55 - 2015-09-07 19:56 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}
2015-09-07 19:48 - 2015-09-07 19:48 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Alien Skin
2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\AppData\Local\Alien Skin
2015-09-07 19:34 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA\.AS
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\ProgramData\Alien Skin
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files\Alien Skin
2015-09-07 19:30 - 2015-09-07 20:03 - 00000000 ____D C:\Program Files (x86)\Alien Skin
2015-09-07 19:19 - 2015-09-20 10:19 - 00000248 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2015-09-07 19:17 - 2015-09-07 19:17 - 00043312 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-09-07 19:13 - 2015-09-16 18:23 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-09-07 19:13 - 2015-09-08 23:53 - 00000000 ____D C:\Users\CECA\Documents\RegRun2
2015-09-07 19:13 - 2015-09-07 19:13 - 00040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2015-09-07 19:13 - 2015-09-07 19:13 - 00003318 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2015-09-07 19:13 - 2015-09-07 19:13 - 00001023 _____ C:\Users\CECA\Desktop\UnHackMe.lnk
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\winstart.bat
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\CONFIG.NT
2015-09-07 19:13 - 2015-09-07 19:13 - 00000002 RSHOT C:\Windows\SysWOW64\AUTOEXEC.NT
2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2015-09-07 19:13 - 2015-09-07 19:13 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2015-09-07 19:13 - 2015-07-21 12:26 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2015-09-07 19:12 - 2015-09-07 19:12 - 17152670 _____ C:\Users\CECA\Downloads\unhackme(1).zip
2015-09-07 19:11 - 2015-09-07 19:12 - 00000000 ____D C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]
2015-09-07 19:10 - 2015-09-07 19:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-07 19:09 - 2015-09-07 19:10 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe
2015-09-07 19:07 - 2015-09-16 18:04 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-07 19:07 - 2015-09-07 19:07 - 17152670 _____ C:\Users\CECA\Downloads\unhackme.zip
2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Opera Software
2015-09-07 19:07 - 2015-09-07 19:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Opera Software
2015-09-07 19:06 - 2015-09-07 19:06 - 00075752 _____ C:\Users\CECA\Downloads\unhackme-57046385.exe
2015-09-07 19:03 - 2015-09-07 19:04 - 00726192 _____ C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe
2015-09-07 19:01 - 2015-09-07 19:01 - 00000000 ____D C:\ProgramData\Lenovo
2015-09-07 18:51 - 2015-09-07 18:51 - 00002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.1 64-bit.lnk
2015-09-07 18:51 - 2015-09-07 18:51 - 00002083 _____ C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
2015-09-07 11:07 - 2015-09-12 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-09-07 11:07 - 2015-09-11 20:43 - 00000000 ____D C:\ProgramData\Adobe
2015-09-07 11:07 - 2015-09-07 11:07 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-09-07 11:07 - 2015-09-06 22:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-07 11:06 - 2015-09-06 22:00 - 00002375 _____ C:\Users\CECA\Desktop\New Text Document.txt
2015-09-07 11:01 - 2015-07-30 17:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 11:01 - 2015-07-30 16:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 06:07 - 2015-09-07 06:07 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-07 06:07 - 2015-09-07 06:07 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-07 06:07 - 2015-09-07 06:07 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-07 06:07 - 2015-09-07 06:07 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-07 06:07 - 2015-09-07 06:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-07 06:04 - 2015-09-16 18:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-07 06:04 - 2015-09-07 06:07 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-07 06:04 - 2015-09-07 06:07 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Roaming\AVAST Software
2015-09-07 06:04 - 2015-09-07 06:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Google
2015-09-07 06:03 - 2015-09-07 06:03 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-07 06:02 - 2015-09-07 06:02 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-07 02:53 - 2015-09-16 17:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-07 02:53 - 2015-09-07 10:39 - 00000000 ____D C:\Users\CECA\AppData\Local\Mozilla
2015-09-07 02:53 - 2015-09-07 02:54 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Mozilla
2015-09-07 02:53 - 2015-09-07 02:53 - 00242752 _____ C:\Users\CECA\Downloads\Firefox Setup Stub 40.0.3.exe
2015-09-07 02:37 - 2015-04-30 02:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-09-07 02:37 - 2015-03-17 20:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-09-07 02:36 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-07 02:36 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-07 02:36 - 2015-07-16 22:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-09-07 02:36 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-07 02:36 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-07 02:36 - 2015-07-16 22:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-09-07 02:36 - 2015-07-16 21:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-09-07 02:36 - 2015-07-09 21:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-07 02:36 - 2015-06-28 08:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-07 02:36 - 2015-06-28 08:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-07 02:36 - 2015-06-28 08:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-07 02:36 - 2015-06-28 08:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-07 02:36 - 2015-06-27 19:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-07 02:36 - 2015-06-27 06:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-07 02:36 - 2015-06-27 06:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-07 02:36 - 2015-06-27 06:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-07 02:36 - 2015-06-27 06:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-07 02:36 - 2015-06-27 06:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-07 02:36 - 2015-06-27 05:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-09-07 02:36 - 2015-06-27 05:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-07 02:36 - 2015-06-27 05:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-07 02:36 - 2015-06-27 05:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-07 02:36 - 2015-06-27 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-09-07 02:36 - 2015-06-27 04:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-07 02:36 - 2015-06-16 01:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-07 02:36 - 2015-06-16 01:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-07 02:36 - 2015-06-16 01:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-07 02:36 - 2015-06-16 01:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-09-07 02:36 - 2015-06-16 00:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-07 02:36 - 2015-06-16 00:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-07 02:36 - 2015-06-16 00:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-07 02:36 - 2015-06-16 00:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-09-07 02:36 - 2015-06-16 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-07 02:36 - 2015-06-16 00:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-09-07 02:36 - 2015-06-15 23:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-09-07 02:36 - 2015-06-15 23:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-07 02:36 - 2015-06-15 23:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-07 02:36 - 2015-06-15 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-09-07 02:36 - 2015-06-15 23:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-07 02:36 - 2015-05-31 00:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-09-07 02:36 - 2015-05-30 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-09-07 02:36 - 2015-05-30 22:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-09-07 02:36 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-07 02:36 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-07 02:36 - 2015-05-07 20:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 02:36 - 2015-05-07 20:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-09-07 02:36 - 2015-05-07 19:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-09-07 02:36 - 2015-05-07 19:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-09-07 02:36 - 2015-05-07 18:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-09-07 02:36 - 2015-05-07 18:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-09-07 02:36 - 2015-05-01 02:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-07 02:36 - 2015-05-01 01:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-07 02:36 - 2015-04-21 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-09-07 02:36 - 2015-04-10 03:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-07 02:36 - 2015-04-10 03:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-07 02:36 - 2015-03-30 08:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-09-07 02:36 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-09-07 02:36 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-09-07 02:36 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-09-07 02:36 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-09-07 02:36 - 2015-03-20 04:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-09-07 02:36 - 2015-03-14 11:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-09-07 02:36 - 2015-03-14 11:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-09-07 02:36 - 2015-03-14 04:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-07 02:36 - 2015-03-09 05:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-09-07 02:36 - 2015-03-04 04:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-09-07 02:36 - 2015-03-04 04:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-09-07 02:36 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-09-07 02:36 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-09-07 02:35 - 2015-07-29 17:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-07 02:35 - 2015-07-29 17:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-07 02:35 - 2015-07-29 17:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-07 02:35 - 2015-07-29 02:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 02:35 - 2015-07-28 17:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 02:35 - 2015-07-28 17:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 02:35 - 2015-07-16 03:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-07 02:35 - 2015-07-16 03:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-07 02:35 - 2015-07-16 03:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 02:35 - 2015-07-16 03:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-07 02:35 - 2015-07-15 00:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-09-07 02:35 - 2015-07-15 00:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-09-07 02:35 - 2015-07-15 00:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-09-07 02:35 - 2015-07-13 22:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-07 02:35 - 2015-07-13 22:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 02:35 - 2015-07-10 21:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-09-07 02:35 - 2015-07-10 20:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 02:35 - 2015-07-10 20:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-09-07 02:35 - 2015-07-10 20:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 02:35 - 2015-07-10 19:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 02:35 - 2015-07-09 20:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 02:35 - 2015-07-09 19:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-09-07 02:35 - 2015-07-07 12:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-09-07 02:35 - 2015-07-07 12:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-09-07 02:35 - 2015-07-07 12:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-09-07 02:35 - 2015-07-02 01:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 02:35 - 2015-07-02 01:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 02:35 - 2015-07-02 00:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-07 02:35 - 2015-07-02 00:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-07 02:35 - 2015-06-27 02:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 02:35 - 2015-06-16 08:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-09-07 02:35 - 2015-06-16 08:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-09-07 02:35 - 2015-06-12 20:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-09-07 02:35 - 2015-06-12 19:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-09-07 02:35 - 2015-06-11 23:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-09-07 02:35 - 2015-06-11 23:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-09-07 02:35 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-09-07 02:35 - 2015-05-12 16:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-09-07 02:35 - 2015-05-11 21:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-09-07 02:35 - 2015-05-11 19:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-09-07 02:35 - 2015-05-07 19:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-09-07 02:35 - 2015-05-03 18:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 02:35 - 2015-05-03 17:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 02:35 - 2015-05-03 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-09-07 02:35 - 2015-05-03 17:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-09-07 02:35 - 2015-04-28 16:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-09-07 02:35 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-09-07 02:35 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-09-07 02:35 - 2015-04-25 05:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-09-07 02:35 - 2015-04-23 18:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-09-07 02:35 - 2015-04-23 18:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-09-07 02:35 - 2015-04-16 09:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-09-07 02:35 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-09-07 02:35 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-09-07 02:35 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-09-07 02:35 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-09-07 02:35 - 2015-04-09 01:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-09-07 02:35 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-09-07 02:35 - 2015-04-03 03:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-09-07 02:35 - 2015-04-03 03:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-09-07 02:35 - 2015-04-02 01:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-09-07 02:35 - 2015-04-02 01:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-09-07 02:35 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-09-07 02:35 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-09-07 02:35 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-09-07 02:35 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-09-07 02:35 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-09-07 02:35 - 2015-04-01 06:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-09-07 02:35 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-09-07 02:35 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-09-07 02:35 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-09-07 02:35 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-09-07 02:35 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-09-07 02:35 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-09-07 02:35 - 2015-04-01 05:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-09-07 02:35 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-09-07 02:35 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-09-07 02:35 - 2015-03-24 00:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-09-07 02:35 - 2015-03-24 00:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-09-07 02:35 - 2015-03-20 07:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-09-07 02:35 - 2015-03-20 07:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-07 02:35 - 2015-03-20 07:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-07 02:35 - 2015-03-20 06:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-09-07 02:35 - 2015-03-20 05:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-09-07 02:35 - 2015-03-14 03:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-09-07 02:35 - 2015-03-13 07:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-09-07 02:35 - 2015-03-13 07:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-09-07 02:35 - 2015-03-13 05:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-09-07 02:35 - 2015-03-13 05:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-09-07 02:35 - 2015-03-13 05:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-09-07 02:35 - 2015-03-13 04:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-09-07 02:35 - 2015-03-13 03:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-09-07 02:35 - 2015-03-11 04:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-09-07 02:35 - 2015-03-11 04:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-09-07 02:35 - 2015-03-09 05:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-09-07 02:35 - 2015-03-06 06:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-09-07 02:35 - 2015-03-06 05:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-09-07 02:35 - 2015-03-06 05:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-09-07 02:35 - 2015-03-04 13:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-09-07 02:35 - 2015-03-04 06:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-09-07 02:35 - 2015-03-04 05:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-09-07 02:35 - 2015-02-24 11:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-09-07 02:35 - 2015-02-21 02:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-09-07 02:35 - 2015-02-18 02:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-09-07 02:34 - 2015-05-03 18:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-09-07 02:34 - 2015-05-03 17:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-09-07 02:30 - 2015-09-07 02:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-09-07 02:16 - 2015-09-07 02:16 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Macromedia
2015-09-07 02:12 - 2015-09-20 09:51 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B794C6B0-B401-414A-8690-EE66D60178F8}
2015-09-07 02:11 - 2015-09-07 02:11 - 00002088 _____ C:\Users\Public\Desktop\Ръководства на потребителя.lnk
2015-09-07 02:11 - 2015-09-07 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-09-07 02:08 - 2015-09-07 02:08 - 00000000 __SHD C:\UserGuidePDF
2015-09-07 02:05 - 2015-09-07 02:11 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\Lenovo
2015-09-07 02:05 - 2015-09-07 02:05 - 00000000 ____D C:\Program Files\DIFX
2015-09-07 02:05 - 2015-09-07 02:04 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2015-09-07 02:05 - 2015-09-07 02:04 - 00035576 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2015-09-07 02:04 - 2015-09-07 02:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Downloaded Installations
2015-09-07 02:02 - 2014-03-25 15:14 - 09113304 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-09-07 02:02 - 2014-03-25 15:14 - 06340312 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2015-09-07 02:02 - 2014-03-25 15:14 - 02628312 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2015-09-07 02:02 - 2014-03-25 15:14 - 01157563 _____ C:\Windows\FTDataP.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00946032 _____ C:\Windows\FTData.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00817241 _____ C:\Windows\FTDataR1.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00817191 _____ C:\Windows\FTDataR0.xml
2015-09-07 02:02 - 2014-03-25 15:14 - 00472792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2015-09-07 02:02 - 2014-03-25 15:14 - 00419032 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2015-09-07 01:58 - 2015-09-07 01:58 - 00000000 ____D C:\Program Files\Elantech
2015-09-07 01:58 - 2014-08-20 06:07 - 00045896 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller.dll
2015-09-07 01:58 - 2014-08-19 10:59 - 00425736 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2015-09-07 01:55 - 2015-09-07 01:55 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Users\CECA\Intel.sav
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel.sav
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Common Files\Intel
2015-09-07 01:54 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-09-07 01:53 - 2015-09-07 01:53 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-09-07 01:53 - 2014-03-27 06:06 - 00331992 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys
2015-09-07 01:53 - 2014-01-27 08:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-09-07 01:51 - 2015-09-13 21:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-07 01:51 - 2015-09-07 02:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-07 01:51 - 2014-05-29 10:55 - 00873176 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-09-07 01:51 - 2014-05-29 10:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-09-07 01:50 - 2015-09-20 10:22 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-09-07 01:47 - 2015-09-20 10:26 - 00240378 _____ C:\Users\Public\CAFADEBUG.log
2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-09-07 01:47 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-09-07 01:46 - 2015-09-07 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-09-07 01:45 - 2011-09-01 10:23 - 00447104 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
2015-09-07 01:43 - 2014-07-16 04:34 - 00001852 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2015-09-07 01:42 - 2015-09-07 01:47 - 00000000 ____D C:\Program Files\CONEXANT
2015-09-07 01:42 - 2015-09-07 01:42 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-07 01:42 - 2014-09-12 06:45 - 01462464 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2015-09-07 01:42 - 2014-03-18 20:02 - 02867928 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A52.DLL
2015-09-07 01:42 - 2014-01-08 08:26 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-09-07 01:42 - 2014-01-08 08:26 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-09-07 01:42 - 2013-11-15 10:08 - 00944832 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64BP07.dll
2015-09-07 01:42 - 2013-11-15 09:37 - 01790168 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64AP86.dll
2015-09-07 01:42 - 2013-08-05 13:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-09-07 01:42 - 2013-07-25 09:39 - 00206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2015-09-07 01:42 - 2013-05-15 10:27 - 00406208 _____ (Conexant Systems, Inc.) C:\Windows\system32\CSpkExt64.dll
2015-09-07 01:42 - 2012-06-29 08:04 - 00050848 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
2015-09-07 01:42 - 2012-01-16 05:42 - 00666240 _____ (Conexant Systems, Inc.) C:\Windows\system32\C3DHPExt64.dll
2015-09-07 01:42 - 2011-01-18 03:35 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
2015-09-07 01:41 - 2015-09-07 01:42 - 00000000 ____D C:\ProgramData\Conexant
2015-09-07 01:40 - 2015-09-07 01:40 - 00872506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-09-07 01:40 - 2015-09-07 01:40 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Intel Corporation
2015-09-07 01:39 - 2015-09-07 01:54 - 00000000 ____D C:\ProgramData\Intel
2015-09-07 01:39 - 2015-09-07 01:53 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-09-07 01:39 - 2015-09-07 01:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-07 01:39 - 2015-09-07 01:39 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-09-07 01:39 - 2015-09-07 01:39 - 00000000 ____D C:\ProgramData\Intel® Update Manager
2015-09-07 01:36 - 2015-09-07 01:36 - 00000000 ____D C:\Users\CECA\Intel
2015-09-07 01:32 - 2015-09-07 01:32 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-06 22:44 - 2015-09-06 22:47 - 00001038 _____ C:\Users\Public\Desktop\Adobe Photoshop CC 2014.lnk
2015-09-06 22:44 - 2015-09-06 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014
2015-09-06 22:39 - 2015-09-06 22:39 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-09-06 22:37 - 2015-09-06 22:37 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-09-06 22:25 - 2015-09-06 22:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-06 22:25 - 2015-09-06 22:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-09-06 21:53 - 2015-09-06 21:53 - 00000000 ____D C:\Users\CECA\AppData\Roaming\NVIDIA
2015-09-06 21:43 - 2015-09-07 18:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-06 21:39 - 2015-09-07 18:50 - 00000000 ____D C:\Program Files\Adobe
2015-09-06 21:26 - 2015-09-06 21:29 - 00000000 ____D C:\Users\CECA\Downloads\Adobe Photoshop CC 2014 v15.2.2 RePack
2015-09-06 21:20 - 2015-09-06 21:20 - 00659496 _____ (Best Installer) C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.exe
2015-09-06 21:11 - 2015-09-06 20:03 - 00000000 _____ C:\Users\CECA\Downloads\password is 123
2015-09-06 21:09 - 2015-09-06 21:09 - 00000000 ____D C:\Users\CECA\AppData\Roaming\WinRAR
2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-06 21:08 - 2015-09-06 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-06 21:07 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files\WinRAR
2015-09-06 21:07 - 2015-09-06 21:07 - 00000000 ____D C:\Users\CECA\AppData\Local\Macromedia
2015-09-06 21:06 - 2015-09-06 21:08 - 00000000 ____D C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG
2015-09-06 21:02 - 2015-09-06 21:03 - 00203010 ____N C:\Users\CECA\Downloads\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832%2B64Bit%29+%2B+Crack.zip
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-06 20:31 - 2015-09-06 20:31 - 00000000 ____D C:\Users\CECA\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-09-06 20:28 - 2015-09-20 12:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-06 20:28 - 2015-09-06 20:28 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\ProgramData\McAfee
2015-09-06 20:27 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Local\Adobe
2015-09-06 20:26 - 2015-09-06 20:26 - 00000000 ____D C:\Users\CECA\Downloads\Adobe CS6 All Products Activator (x32 & x64)
2015-09-06 20:24 - 2015-09-06 20:24 - 00000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-06 20:24 - 2015-09-06 20:24 - 00000959 _____ C:\Users\Public\Desktop\µTorrent.lnk
2015-09-06 20:24 - 2015-09-06 20:24 - 00000000 ____D C:\Program Files (x86)\uTorrent
2015-09-06 20:23 - 2015-09-20 10:26 - 00000000 ____D C:\Users\CECA\AppData\Roaming\uTorrent
2015-09-05 10:24 - 2015-09-05 10:24 - 00000425 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-05 10:23 - 2015-09-07 01:56 - 00000000 ____D C:\Program Files (x86)\Intel
2015-09-05 10:23 - 2015-09-07 01:54 - 00000000 ____D C:\Program Files\Intel
2015-09-05 10:23 - 2015-09-05 10:23 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2015-09-05 10:23 - 2015-09-05 10:23 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2015-09-05 10:23 - 2014-09-23 06:41 - 24237936 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 23432464 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 17342080 _____ C:\Windows\system32\igd11dxva64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01508488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSecureSourceFilter64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01365504 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 01061376 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00768104 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00764520 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00734720 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00685568 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00629272 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00510304 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00326760 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00303208 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00255624 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUtils64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00245864 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00225792 _____ C:\Windows\system32\igdde64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00207496 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00186368 _____ C:\Windows\SysWOW64\igdde32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00175024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00174592 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00154728 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-09-05 10:23 - 2014-09-23 06:41 - 00131208 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCUMD64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00123528 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiLogServer64.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2015-09-05 10:23 - 2014-09-23 06:41 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2015-09-05 10:23 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 23969280 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 18843648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 16858480 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 08813056 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 08313344 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07802880 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07715672 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 07012176 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 06932992 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 05866352 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 04726928 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-09-05 10:22 - 2014-09-23 06:41 - 04619480 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2015-09-05 10:22 - 2014-09-23 06:41 - 02810128 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiVAD64.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 02772616 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAAC64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 02020352 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01137080 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01132960 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00883848 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiWinNextAgent64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00612488 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMux64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00562824 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiAudioFilter64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00471656 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00456296 _____ C:\Windows\system32\igfxTray.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00417896 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00397312 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
2015-09-05 10:22 - 2014-09-23 06:41 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00350344 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiSilenceFilter64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00349696 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00254976 _____ C:\Windows\system32\igfxCPL.cpl
2015-09-05 10:22 - 2014-09-23 06:41 - 00224256 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00220392 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00194664 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00193672 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiDDEAgent64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00184312 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3947.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00162304 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00144896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00087144 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00086632 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2015-09-05 10:22 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ C:\Windows\system32\igfxCUIServicePS.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00059392 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00031408 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2015-09-05 10:22 - 2014-09-23 06:41 - 00003944 _____ C:\Windows\system32\iglhxs64.vp
2015-09-05 10:22 - 2014-09-23 06:41 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2015-09-05 10:19 - 2015-09-20 10:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-1004
2015-09-05 10:19 - 2015-09-05 10:19 - 00000000 ____D C:\Intel
2015-09-05 10:19 - 2014-09-23 06:41 - 00453872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-09-05 10:18 - 2015-09-19 16:15 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Users\CECA\AppData\Local\NVIDIA
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-05 10:18 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-05 10:18 - 2014-09-23 06:41 - 00082432 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-09-05 10:18 - 2014-09-23 06:41 - 00074240 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 06682256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 03498184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 01072272 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00929936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-09-05 10:18 - 2014-09-15 02:19 - 00606528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-09-05 10:18 - 2014-09-15 02:19 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-09-05 10:18 - 2014-09-11 23:11 - 03961833 _____ C:\Windows\system32\nvcoproc.bin
2015-09-05 10:17 - 2014-09-16 10:55 - 30414656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 22994632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 18314248 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 18241624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 15880864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 15246896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 12737864 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-05 10:17 - 2014-09-16 10:55 - 11591896 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 09735816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 09693568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 03133760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 03126600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 02939208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 02755216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 01882312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433360.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 01509576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433360.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00931648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00893584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00886088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00853192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00478408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00404808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00355016 _____ C:\Windows\system32\NvIFROpenGL.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00313672 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00168664 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00141384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-09-05 10:17 - 2014-09-16 10:55 - 00023662 _____ C:\Windows\system32\nvinfo.pb
2015-09-05 10:16 - 2015-09-05 10:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-05 10:16 - 2014-09-16 10:55 - 25256648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 17559184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 11643408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 03085600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-09-05 10:16 - 2014-09-16 10:55 - 02709168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-09-05 10:11 - 2015-09-05 10:11 - 00000073 _____ C:\Users\CECA\Desktop\ActStatus.log
2015-09-05 10:09 - 2015-09-11 20:42 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Adobe
2015-09-05 10:09 - 2015-09-07 19:34 - 00000000 ____D C:\Users\CECA
2015-09-05 10:09 - 2015-09-07 11:04 - 00000000 ____D C:\Users\CECA\AppData\Local\Packages
2015-09-05 10:09 - 2015-09-05 10:09 - 00001446 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-05 10:09 - 2015-09-05 10:09 - 00000020 ___SH C:\Users\CECA\ntuser.ini
2015-09-05 10:09 - 2015-09-05 10:09 - 00000000 ____D C:\Windows\CSC
2015-09-05 10:09 - 2015-03-11 23:47 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-05 10:09 - 2014-11-24 21:36 - 00194560 _____ C:\Users\CECA\Desktop\KMScmd.exe
2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-05 10:09 - 2014-11-21 18:14 - 00000000 ___RD C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-05 10:09 - 2014-11-21 10:48 - 00000369 _____ C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-05 10:09 - 2013-08-22 18:36 - 00000000 ____D C:\Users\CECA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-05 10:05 - 2015-09-05 10:05 - 00002308 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1218914521-3287957943-3067180699-500
2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 __SHD C:\Recovery
2015-09-05 10:05 - 2015-09-05 10:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-05 10:04 - 2015-09-20 10:19 - 00153336 _____ C:\Windows\system32\wpbbin.exe
2015-09-05 10:04 - 2015-09-20 10:19 - 00111088 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoCheck.exe
2015-09-05 10:04 - 2015-09-20 10:19 - 00026608 _____ (Lenovo) C:\Windows\system32\LenovoUpdate.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-20 13:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-20 12:42 - 2014-11-21 10:38 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-20 10:19 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-19 12:41 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-16 17:21 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
2015-09-12 10:34 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-11 18:16 - 2013-08-22 17:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 23:05 - 2015-03-11 23:16 - 00000000 ____D C:\Windows\system32\MRT
2015-09-10 23:05 - 2014-11-21 10:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 23:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-08 19:51 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppCompat
2015-09-07 21:25 - 2015-03-11 17:05 - 00000000 ____D C:\Windows\Panther
2015-09-07 20:42 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-07 20:08 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Resources
2015-09-07 11:04 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-07 01:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Default
2015-09-07 01:40 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\restore
2015-09-06 22:25 - 2015-03-11 22:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-06 22:25 - 2014-11-21 18:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\WinStore
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-06 22:25 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-06 22:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-09-06 21:43 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-05 11:03 - 2013-08-22 18:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-09-05 10:18 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\Help
2015-09-05 10:09 - 2015-03-11 17:28 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-05 10:05 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-26 18:37 - 2015-03-11 23:16 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-09-07 01:42 - 2015-09-07 01:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\CECA\AppData\Local\Temp\7za.exe
C:\Users\CECA\AppData\Local\Temp\DaS_21.exe
C:\Users\CECA\AppData\Local\Temp\hijackthis.exe
C:\Users\CECA\AppData\Local\Temp\NirCmd.exe
C:\Users\CECA\AppData\Local\Temp\PEVZ.EXE
C:\Users\CECA\AppData\Local\Temp\remove.exe
C:\Users\CECA\AppData\Local\Temp\sed.exe
C:\Users\CECA\AppData\Local\Temp\shortcut.exe
C:\Users\CECA\AppData\Local\Temp\sqlite3.dll
C:\Users\CECA\AppData\Local\Temp\swreg.exe
C:\Users\CECA\AppData\Local\Temp\swxcacls.exe
C:\Users\CECA\AppData\Local\Temp\wget.exe
C:\Users\CECA\AppData\Local\Temp\zoek-delete.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-20 12:14

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чиста система....! Контролни сканирания..:

 

 

emsisoft_emergency_kit.pnglogo.png

  • Моля изтеглете EmsisoftEmergencyKit, стартирайте exe файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
  • Стартирайте иконата на файла Start Emsisoft Emergency Kit от десктопа за да стартирате приложението.
  • Натиснете бутона"Yes", когато бъдете подканени да обновите дефинициите на програмата.

EKK.gif

  • След като процеса по обновяването на дефинициите приключи натиснете бутона "Scan".
  • Натиснете бутона "Yes", когато бъдете попитани дали да програмата да включи засичането на потенциално нежелани приложения (Potentially Unwanted Applications).
  • Сега вече изберете бутона Custom Scan. Премахнете от списъка всички дялове без C:\ (т.е. нека да остане само дял C:\ в списъка).
  • Натиснете Next за да започне проверката.
  • Когато проверката приключи натиснете бутона View Report.
  • Копирайте съдържанието на лог файла в следващия си коментар.

 

 

 

GUZVCQN.jpg Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .

Кликнете два пъти върху mbam-setup - 2.1.4.1018.exe и следвайте инструкциите, за да инсталирате програмата . Убедете се че преди края на инсталацията има отметка тук:

  • Launch Malwarebytes Anti-Malware
  • 14-дневен пробен период е предварително избран. Можете да премахнете отметката ако желаете, при което няма да се ограничат възможностите за сканиране и премахване на зловреден софтуер с програмата.
  • Натиснете Finish
  • В края на инсталацията, ще се извърши актуализация на база данни.
  • Отидете до табът Settings > Detection and Protection > и под категорията Detection Options включете опцията "Scan for rootkits".
  • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и кликнете върху Scan Now и ще започне сканиране за зловреден софтуер.
  • При някои инфекции можете да видите съобщението:

                                      "Could not load DDA driver"

  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Remove Selected за да се позволи на Mbam да почисти засеченото. .
  • В повечето случаи, ще се поиска рестартиране
  • Изчакайте подканата за рестартиране на компютъра, за да се появи, след това кликнете върху Yes
  • След рестарта ,стартирайте Mbam още веднъж.
  • Кликнете на History tab > Application Logs .
  • Кликнете два пъти върху реда , който показва датата и часа на сканирането и натиснете бутона "Copy to Clipboard"
  • Поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.

 

 

Сканиране с ESET Online Scan
 
 
i_arrow-r.gif Изтеглете програмата: ESET Online Scanner

  • Стартирайте esetsmartinstaller_enu.exe 7c9e83b53227ef3d.jpg
  • Сложете отметка на YES, I accept the Terms of Use и изберете Start:

04ed1c15c0abe843.jpg

  • Скенерът ще започне да изтегля компонентите, които са му необходими:

3b734079c5ccd713.jpg

  • Уверете се, че Enable detection of potentially unwanted applications е избран.

Уверете се, че е премахната отметката от:

  • Remove found threats

Уверете се че са маркирани следните позиции:

  • Scan Archives

Кликнете върху Advanced Settings и маркирайте следните опции:

  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

Накрая изберете Start
 
2.JPG
 
Скенерът ще започне да изтегля последните дефиниции и ще започне сканиране на вашия компютър.
Моля, бъдете търпеливи, тъй като това може да отнеме известно време.

  • След, като сканирането завърши кликнете на List of found threats.
  • Щракнете върху Export, и запишете файла на вашия работен плот с  име  ESETScan. Копирайте съдържанието на този доклад, в следващия си отговор.
  • Изберете бутона Back.
  • Изберете бутона Finish.

 

 

  Дневници
 
В следващия си отговор, моля да включите следните дневници:

 

  • Дневник от Emsisoft Emergency Kit
  • Дневник от Malwarebytes Anti -Malware
  • Дневник от ESET Online Scanner ( List of found threats )
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Супер, ще направя каквото трябва.

Защо обаче толкова бавно сваля тези програми? На другия компютър 159 МВ ги свали за по-малко от минута, а тук ми задава 45 минути и вероятно толкова ще се точи...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Emsisoft Emergency Kit - Version 10.0
Last update: 20.9.2015 г. 14:45:31
User account: SVESVE\CECA

Scan settings:

Scan type: Custom Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 20.9.2015 г. 14:47:51
Value: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR  detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1218914521-3287957943-3067180699-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detected: Setting.DisableRegistryTools (A)
C:\Program Files (x86)\Mozilla Firefox\cfg  detected: Adware.Mplug.JX (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\102.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\178.js  detected: Adware.JS.Crossrider.E (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\184.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\179.js  detected: Adware.JS.Agent.AN (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\195.js  detected: Application.Toolbar (A)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\180.js  detected: Adware.JS.Crossrider.E (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\223.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\232.js  detected: Adware.JS.Agent.AM (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\231.js  detected: Adware.JS.Agent.AM (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\242.js  detected: Adware.JS.Agent.AM (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\252.js  detected: Application.Toolbar (A)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\262.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\263.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\339.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\380.js  detected: Adware.JS.Crossrider.B (B)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\356.js  detected: Application.Toolbar (A)
C:\Users\CECA\AppData\Roaming\ZHP\Quarantine\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.96_0\extensionData\plugins\424.js  detected: Adware.JS.Crossrider.E (B)
C:\Users\CECA\Downloads\Alien Skin Exposure 7.0.1.83 (x86-x64) Final [ATOM]\Keygen (X-Force)\keygen.exe  detected: Trojan.GenericKD.2319495 (B)
C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe  detected: Application.Win32.InstallMon (A)
C:\Users\CECA\Downloads\Alien Skin Exposure 7.1.0.175 (x86 & x64) Final {B@tman}\Keygen\Alien Skin SN-XForce New.exe  detected: Trojan.GenericKD.2319495 (B)
C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe  detected: Application.Win32.InstallMon (A)
C:\Users\CECA\Downloads\WinRAR v5.21 Final (x32-x64) BG\KEYGEN-FFF.exe  detected: Riskware.Win32.Keygen (A)
C:\zoek_backup\C_Program Files (x86)_AGEIA Technologies_28936315-a632-47fa-b3d1-e3b83f7897c5.dll.vir  detected: Adware.Generic.1316973 (B)
C:\zoek_backup\C_PROGRA~2_28936315-a632-47fa-b3d1-e3b83f7897c5\18dc279a-837c-4292-be79-03e687cb7bb7.dll  detected: Adware.Generic.1316973 (B)
C:\zoek_backup\C_Program Files (x86)_AGEIA Technologies_35c51dbf-b70b-4dff-8eb4-5324692d342a.dll.vir  detected: Gen:Variant.Adware.Crossrider.2 (B)
C:\zoek_backup\C_PROGRA~2_28936315-a632-47fa-b3d1-e3b83f7897c5\d32c5eda-783a-4a18-aae2-b7ef1d7a688d.dll  detected: Gen:Variant.Adware.Crossrider.2 (B)

Scanned 227704
Found 29

Scan end: 20.9.2015 г. 15:01:02
Scan time: 0:13:11

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.9.2015 г.
Scan Time: 18:20
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.09.20.02
Rootkit Database: v2015.09.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: CECA

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 345873
Time Elapsed: 10 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 3
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, Crossbrowse, Quarantined, [1e04b082f596df57d0f25a355ea68f71]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, Quarantined, [ba682c068704e353b111355a08fc7c84]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, Crossbrowse, Quarantined, [de44d55de8a31e18fdc5f29d49bbae52]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.Jelbrus, C:\Users\CECA\Desktop\Adobe+Photoshop+CC+2015+%2820150529.r.88%29+%2832QuarantinedB64Bit%29+QuarantinedB+Crack.exe, [2cf61c16602b5bdb80d31890ff06f50b], , %5
PUP.Optional.Amonetize, C:\Users\CECA\Downloads\Download__15047_i1632399298_il26.exe, Quarantined, [bc66939f1972e0561e1e4694a35ee21e],
PUP.Optional.Amonetize, C:\Users\CECA\Downloads\Download__15047_i1632383850_il26.exe, Quarantined, [d84aea480289e254201c4c8e21e057a9],
PUP.Optional.Proinstall, C:\Users\CECA\Downloads\unhackme-57046385.exe, Quarantined, [f42ee0524744cf67f60c94e552af1fe1],
PUP.Optional.DefaultProtectedSearch, C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js, Good: (), Bad: (defsearchp@gmail.com), Replaced,[48da0f23c2c952e48a276f42a65f04fc]
PUP.Optional.DeskCut, C:\Users\CECA\AppData\Roaming\Mozilla\Firefox\Profiles\p77hdsrm.default\prefs.js, Good: (), Bad: (deskCutv2@gmail.com), Replaced,[1210f73b305b69cdd8da31803bcacd33]

Physical Sectors: 0
(No malicious items detected)

(end)

 


имам проблем с ESET, зацикли до тукhttp://prikachi.com/images.php?images/609/8366609x.jpg

post-355689-0-97530000-1442766159_thumb.

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

По-добра е скоростта определено. Всъщност само ИЕ ползвам в момента.

Искам пак да сваля Мозилата, дали ще е чиста? Опасявам се пак да не се натресе някой като outsurfing...

 

А ужасно бавната скорост за даунлоуд?

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

Искам пак да сваля Мозилата, дали ще е чиста? Опасявам се пак да не се натресе някой като outsurfing...

 

А ужасно бавната скорост за даунлоуд?

 

Инсталирайте си Мозила и пробвайте...Няма друг начин да разберем..! Всъщност имам едно съмнение за бавната скорост ...но нека да видим първо как ще се държи и Мозилата и тогава ще ви кажа какво предлагам..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Нещата пак са кофти. :(:(:(

Мозилата я сваля половин ден и накрая пак беше с екстри - вместо посочената страница, ми зареди alliexpress и както преди изскачат някакви рекламни страници...Деинсталирах уж, сега пък ми излиза съобщение, че 6 файла са останали...

Скоростта на браузерите онзи ден се забави пак, а днес никаква я няма отново...:( Върти, уж зарежда, а повече от половин минута минава, докато излезе страницата или изобщо не излиза.

Всичко отначало ли ще правим отново? П.П. На Google дори не ми зарежда картинката.

Редактирано от svesmile (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявам се за това, че се включвам.

1. Вчера и при мен се лепна някакъв подобен сърфинг на споменатия по-горе от автора. Частично подобрение се усети след изпълняването на следните стъпки:

Това е в случай, че още ти функционира outsurfing-a.

 

2. Пробва ли да изтриеш всичко от C:\Program Files след като деинсталираш програмата, ако е имало остатъци, както и в C:\Users\YOUR.USER\AppData\Прегледай всички папки с името на браузъра, архивирай си отметките (КЛИК) и паролите (КЛИК), за да ги имаш готови в случай, че всичко е ОК.

Успех!

Редактирано от Sc0user (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ами не знам дали още е там, защото като видях, че ми изскача пак али-експреса, затворих мозилата и следващата стъпка беше да я деинсталирам. За щастие, в интернет експлоръра не се е закачила, но очаквам неприятни изненади...Благодаря ти за включването!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Тия реклами се появяваха и при мен. Решението за тях в моя случай беше uBlock (разновидност на AdBlock), опитай с него. Принципно така си излизат като влезеш в някои сайтове и нямаш Blocker.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход


×