Премини към съдържанието
b3s7ch0

Възможна зараза с вирус

Препоръчан отговор


Здравейте, пиша ви тъй като както някои от вас, които ми помогнаха преди няколко дни(благодаря) знаят, ми се наложи спешно да си направя чиста инсталация на нов Windows 10. Всичко мина нормално, но ми прави впечатление, че в сравнение с предишния ми такъв, този е по-бавен. Особено висока консумация на disc има System процесът, затова реших да пусна тази тема, за да видим дали пък няма някаква зараза, която да пречи.

Цитат

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-05-2016
Ran by BIGGIE (administrator) on DESKTOP-F8J1J0J (08-05-2016 08:30:55)
Running from C:\Users\BIGGIE\Desktop
Loaded Profiles: BIGGIE (Available Profiles: BIGGIE)
Platform: Windows 10 Pro Insider Preview Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\sdproxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\SystemPropertiesPerformance.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7391632 2016-05-07] (AVAST Software)
HKU\S-1-5-21-3774422730-3123464894-2536022987-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3774422730-3123464894-2536022987-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-3774422730-3123464894-2536022987-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3774422730-3123464894-2536022987-1001\...\MountPoints2: {344c12ce-12f7-11e6-ab74-40b89a6c2f92} - "F:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-07] (AVAST Software)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a28887a8-d1ac-4db2-afc8-bfba22ec467d}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3774422730-3123464894-2536022987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Google
SearchScopes: HKU\S-1-5-21-3774422730-3123464894-2536022987-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-06] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\BIGGIE\AppData\Roaming\Mozilla\Firefox\Profiles\airrumtb.default
FF NewTab: Google
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: Google
FF Keyword.URL: hxxps://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-05] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @baidu.com/npxbdcntb -> C:\Program Files (x86)\Baidu\BaiduPinyin\3.3.2.1028\npxbdcntb.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF SearchPlugin: C:\Users\BIGGIE\AppData\Roaming\Mozilla\Firefox\Profiles\airrumtb.default\searchplugins\google-lavasoft.xml [2016-05-06]
FF Extension: Foxtrick - C:\Users\BIGGIE\AppData\Roaming\Mozilla\Firefox\Profiles\airrumtb.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}.xpi [2016-05-05]
FF Extension: Video DownloadHelper - C:\Users\BIGGIE\AppData\Roaming\Mozilla\Firefox\Profiles\airrumtb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-06]
FF Extension: Adblock Plus - C:\Users\BIGGIE\AppData\Roaming\Mozilla\Firefox\Profiles\airrumtb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-05]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-07] (AVAST Software)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [172544 2016-04-03] (Microsoft Corporation)
U2 CDPUserSvc_10866fb; C:\Windows\system32\svchost.exe [41344 2016-04-03] (Microsoft Corporation)
U2 CDPUserSvc_10866fb; C:\Windows\SysWOW64\svchost.exe [35128 2016-04-03] (Microsoft Corporation)
S2 CDPUserSvc_2ede1; C:\Windows\system32\svchost.exe [41344 2016-04-03] (Microsoft Corporation)
S2 CDPUserSvc_2ede1; C:\Windows\SysWOW64\svchost.exe [35128 2016-04-03] (Microsoft Corporation)
S2 debugregsvc; C:\Windows\System32\debugregsvc.dll [25088 2016-04-03] (Microsoft Corporation)
S3 DeveloperToolsService; C:\Windows\System32\DeveloperToolsSvc.exe [101376 2016-04-03] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [431104 2016-04-03] (Microsoft Corporation)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67072 2016-04-03] (Microsoft Corporation)
R3 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [362120 2015-11-06] (Intel Corporation)
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [476904 2015-02-03] (Acer Incorporated)
S3 RmSvc; C:\Windows\System32\RMapi.dll [133120 2016-04-03] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Advanced Threat Protection\MsSense.exe [4374800 2016-04-03] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [348672 2016-04-03] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [348672 2016-04-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [333584 2016-04-03] (Microsoft Corporation)
S4 WebManagement; C:\Windows\system32\WebManagement.exe [944128 2016-04-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [83104 2016-04-03] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [352256 2016-04-03] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [48640 2016-04-03] (Microsoft Corporation)
U2 WpnUserService_10866fb; C:\Windows\system32\svchost.exe [41344 2016-04-03] (Microsoft Corporation)
U2 WpnUserService_10866fb; C:\Windows\SysWOW64\svchost.exe [35128 2016-04-03] (Microsoft Corporation)
S2 WpnUserService_2ede1; C:\Windows\system32\svchost.exe [41344 2016-04-03] (Microsoft Corporation)
S2 WpnUserService_2ede1; C:\Windows\SysWOW64\svchost.exe [35128 2016-04-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [17920 2016-04-03] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [10240 2016-04-03] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-07] (AVAST Software)
R2 clreg; C:\Windows\System32\drivers\registry.sys [69120 2016-04-03] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-05-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-05-05] (Disc Soft Ltd)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [67856 2016-04-03] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-05] (REALiX(tm))
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [34304 2016-04-03] (Microsoft Corporation)
S3 IoRate; C:\Windows\System32\drivers\iorate.sys [20992 2016-04-03] (Microsoft Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-05-05] (Intel Corporation)
S3 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [209168 2016-04-03] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-04-03] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [54544 2016-04-03] (Avago Technologies)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2399432 2016-05-05] (Qualcomm Atheros, Inc.)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-17] (Acer Incorporated)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-05-05] (Realsil Semiconductor Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [83728 2016-04-03] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [97792 2016-04-03] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-05] (Synaptics Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [47784 2016-05-05] (Synaptics Incorporated)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-04-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [11536 2016-04-03] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [112400 2016-04-03] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [62464 2016-04-03] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [40256 2016-04-03] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281872 2016-04-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119056 2016-04-03] (Microsoft Corporation)
R1 WofCld; C:\Windows\System32\Drivers\WofCld.sys [108304 2016-04-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-08 08:30 - 2016-05-08 08:31 - 00015935 _____ C:\Users\BIGGIE\Desktop\FRST.txt
2016-05-08 08:30 - 2016-05-08 08:30 - 00000000 ____D C:\FRST
2016-05-08 08:29 - 2016-05-08 08:30 - 02379264 _____ (Farbar) C:\Users\BIGGIE\Desktop\FRST64.exe
2016-05-08 08:09 - 2016-05-08 08:09 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-08 07:59 - 2016-05-08 07:59 - 00003212 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2016-05-08 07:59 - 2016-05-08 07:59 - 00003208 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2016-05-08 07:59 - 2016-05-08 07:59 - 00001239 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2016-05-08 07:59 - 2016-05-08 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-05-08 07:59 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-05-07 10:39 - 2016-05-07 10:39 - 00003030 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (BIGGIE)
2016-05-07 10:34 - 2016-05-07 10:34 - 00003106 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-05-07 10:34 - 2016-05-07 10:34 - 00002956 _____ C:\Windows\System32\Tasks\Quick Access
2016-05-07 10:34 - 2016-05-07 10:34 - 00000982 _____ C:\Users\Public\Desktop\Acer DustDefender.lnk
2016-05-07 10:34 - 2016-05-07 10:34 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\OEM
2016-05-07 10:34 - 2016-05-07 10:34 - 00000000 ____D C:\Program Files\Acer
2016-05-07 10:33 - 2016-05-07 10:33 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\CareCenter
2016-05-07 10:30 - 2016-05-07 10:30 - 00004614 _____ C:\Windows\System32\Tasks\ACCAgent
2016-05-07 10:30 - 2016-05-07 10:30 - 00003778 _____ C:\Windows\System32\Tasks\ACC
2016-05-07 10:30 - 2016-05-07 10:30 - 00003060 _____ C:\Windows\System32\Tasks\ACCBackgroundApplication
2016-05-07 10:30 - 2016-05-07 10:30 - 00001810 _____ C:\Users\Public\Desktop\Acer Care Center.lnk
2016-05-07 10:29 - 2016-05-07 10:34 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-05-07 10:29 - 2016-05-07 10:29 - 00000000 ____D C:\Program Files (x86)\Acer
2016-05-07 10:28 - 2016-05-07 10:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-07 10:27 - 2016-04-27 15:18 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 02994744 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 01265720 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-05-07 10:27 - 2016-04-27 15:18 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-05-07 10:27 - 2016-04-27 15:18 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-05-07 10:27 - 2016-04-25 08:33 - 06381278 _____ C:\Windows\system32\nvcoproc.bin
2016-05-07 10:19 - 2016-04-28 19:18 - 12631616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-05-07 10:19 - 2016-04-27 17:33 - 42921920 _____ C:\Windows\system32\nvcompiler.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 31598136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 25350712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 21365048 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 20906872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 20079168 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 17756440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 17369768 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 17350288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 17333344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 14227888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 03685280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 03262784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 02614208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 02258368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436510.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436510.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00960056 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00887744 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00694208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00678704 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00632152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00379480 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-05-07 10:19 - 2016-04-27 17:33 - 00038050 _____ C:\Windows\system32\nvinfo.pb
2016-05-07 10:19 - 2016-04-27 17:33 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-05-07 10:19 - 2016-04-27 17:33 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-05-07 10:19 - 2016-04-16 01:53 - 00130328 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-05-07 10:19 - 2016-04-16 01:53 - 00040216 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-05-07 10:19 - 2016-04-16 01:52 - 00130840 _____ C:\Windows\system32\vulkan-1.dll
2016-05-07 10:19 - 2016-04-16 01:52 - 00045336 _____ C:\Windows\system32\vulkaninfo.exe
2016-05-07 10:04 - 2016-05-07 10:04 - 00000000 ____D C:\Users\BIGGIE\Desktop\FM GRAPHICS
2016-05-07 09:41 - 2016-05-07 09:41 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2016-05-07 09:41 - 2016-05-07 09:41 - 00000000 ____D C:\Users\BIGGIE\Documents\Sports Interactive
2016-05-07 09:41 - 2016-05-07 09:41 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Sports Interactive
2016-05-07 09:21 - 2016-05-07 09:21 - 00342424 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-07 09:20 - 2016-05-07 09:20 - 00004012 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462601636
2016-05-07 09:19 - 2016-05-07 09:19 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-07 09:19 - 2016-05-07 09:11 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-07 09:19 - 2016-05-07 09:11 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-05-07 09:19 - 2016-05-07 09:11 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-07 09:12 - 2016-05-07 09:20 - 00001985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-05-07 09:12 - 2016-05-07 09:20 - 00001973 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-07 09:12 - 2016-05-07 09:12 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\AVAST Software
2016-05-07 09:11 - 2016-05-07 09:11 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-05-07 09:10 - 2016-05-07 09:21 - 00000000 ____D C:\Program Files\AVAST Software
2016-05-07 09:09 - 2016-05-07 09:20 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-07 09:02 - 2016-05-07 09:02 - 00000402 __RSH C:\Users\BIGGIE\ntuser.pol
2016-05-06 11:13 - 2016-05-06 11:13 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-06 10:52 - 2016-05-07 10:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-05-06 10:31 - 2016-05-06 10:31 - 00000000 ____D C:\Users\BIGGIE\dwhelper
2016-05-06 10:01 - 2016-05-06 10:01 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2016-05-06 10:01 - 2016-05-06 10:01 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2016-05-06 10:01 - 2016-05-06 10:01 - 00002888 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-05-06 10:01 - 2016-05-06 10:01 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2016-05-06 10:00 - 2016-05-06 10:01 - 00000000 ____D C:\ProgramData\Auslogics
2016-05-06 09:13 - 2016-03-22 11:02 - 00036824 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-05-06 08:56 - 2016-05-06 08:57 - 00000000 ____D C:\KVRT_Data
2016-05-06 08:44 - 2016-05-06 08:44 - 00003254 _____ C:\Windows\System32\Tasks\{B52D1F5D-4512-42C3-A546-29422A5D06F0}
2016-05-06 08:37 - 2016-05-06 08:37 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-05-06 08:26 - 2016-05-06 08:26 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-05-06 08:26 - 2016-05-06 08:26 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-05-06 08:24 - 2016-05-06 08:25 - 00000000 ____D C:\ProgramData\Tencent
2016-05-06 08:24 - 2016-05-06 08:25 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-05-06 08:24 - 2016-05-06 08:24 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Tencent
2016-05-06 08:23 - 2016-05-06 08:23 - 00000000 ____D C:\Program Files\Common Files\Baidu
2016-05-06 08:22 - 2016-05-06 10:06 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Baidu
2016-05-06 08:22 - 2016-05-06 08:23 - 00000000 ____D C:\Users\BIGGIE\AppData\LocalLow\Baidu
2016-05-06 08:22 - 2016-05-06 08:23 - 00000000 ____D C:\ProgramData\Baidu
2016-05-06 08:21 - 2016-05-06 08:21 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\vnlgp
2016-05-06 08:03 - 2016-05-06 08:03 - 00002721 _____ C:\Users\BIGGIE\Desktop\Outlook 2013.lnk
2016-05-06 03:10 - 2016-05-05 21:48 - 00000000 ____D C:\Windows\Panther
2016-05-05 23:08 - 2016-05-06 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-05-05 23:07 - 2016-05-05 23:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-05-05 23:07 - 2016-05-05 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-05-05 23:05 - 2016-05-05 23:07 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-05-05 23:05 - 2016-05-05 23:05 - 00000000 ____D C:\Windows\PCHEALTH
2016-05-05 23:02 - 2016-05-05 23:02 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-05-05 23:02 - 2016-05-05 23:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-05-05 23:01 - 2016-05-05 23:05 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-05 23:01 - 2016-05-05 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-05 22:59 - 2016-05-05 22:59 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-05 22:57 - 2016-05-05 22:57 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\WinRAR
2016-05-05 22:37 - 2016-05-05 22:37 - 00003104 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-05 22:37 - 2016-05-05 22:37 - 00003014 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-05 22:18 - 2016-05-05 22:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-05 22:16 - 2016-05-06 08:31 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Microsoft Help
2016-05-05 22:15 - 2016-05-06 10:46 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\CrashDumps
2016-05-05 22:14 - 2016-05-05 22:14 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Macromedia
2016-05-05 22:12 - 2016-05-05 22:12 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-05-05 22:12 - 2016-05-05 22:12 - 00001824 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-05-05 22:12 - 2016-05-05 22:12 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\RHEng
2016-05-05 22:12 - 2016-05-05 22:12 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Disc_Soft_Ltd
2016-05-05 22:12 - 2016-05-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-05-05 22:12 - 2016-05-05 22:12 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-05-05 22:07 - 2016-05-06 11:13 - 00000000 ____D C:\Users\BIGGIE\.oracle_jre_usage
2016-05-05 22:07 - 2016-05-06 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-05 22:07 - 2016-05-05 22:07 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Sun
2016-05-05 22:07 - 2016-05-05 22:07 - 00000000 ____D C:\Users\BIGGIE\AppData\LocalLow\Sun
2016-05-05 22:06 - 2016-05-06 11:13 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-05 22:06 - 2016-05-05 22:08 - 00000000 ____D C:\ProgramData\Oracle
2016-05-05 22:05 - 2016-05-05 22:05 - 00000000 ____D C:\Users\BIGGIE\AppData\LocalLow\Oracle
2016-05-05 22:04 - 2016-05-05 22:04 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-05-05 22:03 - 2016-05-05 22:03 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 22:03 - 2016-05-05 22:03 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-05-05 22:02 - 2016-05-05 22:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 22:01 - 2016-05-05 22:01 - 00000000 ____D C:\ProgramData\Adobe
2016-05-05 21:59 - 2016-05-05 22:08 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Adobe
2016-05-05 21:59 - 2016-05-05 21:59 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-05-05 21:58 - 2016-05-07 09:26 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\DAEMON Tools Lite
2016-05-05 21:58 - 2016-05-05 21:58 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\RPEng
2016-05-05 21:57 - 2016-05-05 21:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-05-05 21:54 - 2016-05-05 21:54 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-05 21:54 - 2016-05-05 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-05 21:54 - 2016-05-05 21:54 - 00000000 ____D C:\Program Files\WinRAR
2016-05-05 21:48 - 2016-05-05 21:48 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-05-05 21:45 - 2016-05-05 21:45 - 00204800 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-05-05 21:45 - 2016-05-05 21:45 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2016-05-05 21:45 - 2016-05-05 21:45 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2016-05-05 21:44 - 2016-05-05 21:44 - 64397312 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-05-05 21:44 - 2016-05-05 21:44 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\PeerDistRepub
2016-05-05 21:40 - 2016-05-05 21:40 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\NVIDIA Corporation
2016-05-05 21:39 - 2016-05-05 21:39 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-05-05 21:39 - 2016-05-05 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-05 21:39 - 2016-05-02 08:39 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-05-05 21:39 - 2016-05-02 08:39 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-05-05 21:39 - 2016-05-02 08:38 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-05-05 21:39 - 2016-05-02 08:38 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-05-05 21:39 - 2016-05-02 08:38 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-05-05 21:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-05-05 21:38 - 2016-04-14 08:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-05-05 21:38 - 2016-04-14 08:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-05-05 21:38 - 2016-04-14 08:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-05-05 21:30 - 2016-04-23 08:58 - 00001140 _____ C:\Users\BIGGIE\Desktop\DarkSoulsII.lnk
2016-05-05 21:30 - 2012-07-24 03:08 - 03044352 _____ C:\Users\BIGGIE\Desktop\prototype2.exe
2016-05-05 21:21 - 2016-05-07 10:30 - 00005404 _____ C:\Windows\System32\Tasks\Software Update Application
2016-05-05 21:15 - 2016-05-06 08:31 - 00000000 ____D C:\ProgramData\360Quarant
2016-05-05 21:14 - 2016-05-05 21:14 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-05-05 21:11 - 2016-05-05 21:11 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\ProductData
2016-05-05 21:10 - 2016-05-05 21:10 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-05-05 21:10 - 2016-05-05 21:10 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-05-05 21:03 - 2016-05-05 21:09 - 00000000 ____D C:\Windows\CSC
2016-05-05 21:03 - 2016-05-05 21:03 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-05-05 21:02 - 2016-04-03 19:23 - 00032200 _____ C:\Windows\Professional.xml
2016-05-05 20:55 - 2016-05-05 23:10 - 00000000 ____D C:\Windows\Tasks\360Disabled
2016-05-05 20:52 - 2016-05-07 09:23 - 00000000 ____D C:\Program Files (x86)\360
2016-05-05 20:50 - 2016-05-05 20:50 - 00001333 _____ C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk
2016-05-05 20:49 - 2016-05-05 20:49 - 00000000 ____D C:\Windows\oem
2016-05-05 20:44 - 2016-05-05 20:44 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\MicrosoftEdge
2016-05-05 20:43 - 2016-05-07 10:30 - 00000000 ____D C:\ProgramData\Acer
2016-05-05 20:43 - 2016-05-05 20:43 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Acer
2016-05-05 20:43 - 2016-05-05 20:43 - 00000000 ____D C:\ProgramData\OEM
2016-05-05 20:38 - 2016-05-05 20:38 - 00002872 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-05 20:38 - 2016-05-05 20:38 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-05 20:38 - 2016-05-05 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-05 20:38 - 2016-05-05 20:38 - 00000000 ____D C:\Program Files\CCleaner
2016-05-05 20:36 - 2016-05-05 20:41 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Google
2016-05-05 20:35 - 2016-05-05 20:35 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-05-05 20:35 - 2016-05-05 20:35 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 05576400 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-05-05 20:35 - 2016-05-05 20:35 - 05338936 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 03198720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 02894976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-05-05 20:35 - 2016-05-05 20:35 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 02049664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 01060504 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00370840 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-05-05 20:35 - 2016-05-05 20:35 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-05-05 20:34 - 2016-05-05 21:38 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-05 20:34 - 2016-05-05 20:34 - 02399432 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\Qcamain10x64.sys
2016-05-05 20:34 - 2016-05-05 20:34 - 00774704 _____ C:\Windows\system32\Drivers\qca61x4_1_1_2.bin
2016-05-05 20:34 - 2016-05-05 20:34 - 00008124 _____ C:\Windows\system32\Drivers\eeprom_ar6320_2p1_NFA344i.bin
2016-05-05 20:34 - 2016-05-05 20:34 - 00000643 _____ C:\Users\BIGGIE\Desktop\KMPlayer.lnk
2016-05-05 20:34 - 2016-05-05 20:34 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2016-05-05 20:34 - 2016-05-05 20:34 - 00000000 ____D C:\ProgramData\simplitec
2016-05-05 20:34 - 2015-05-06 15:54 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2016-05-05 20:33 - 2016-05-05 20:33 - 00000000 ____D C:\Users\BIGGIE\Documents\ViberDownloads
2016-05-05 20:32 - 2016-05-06 09:53 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\ViberPC
2016-05-05 20:32 - 2016-05-05 20:32 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-05-05 20:32 - 2016-05-05 20:32 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe
2016-05-05 20:32 - 2016-05-05 20:32 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-05-05 20:32 - 2016-05-05 20:32 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-05-05 20:32 - 2016-05-05 20:32 - 00001034 _____ C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-05-05 20:32 - 2016-05-05 20:32 - 00001032 _____ C:\Users\BIGGIE\Desktop\Viber.lnk
2016-05-05 20:32 - 2016-05-05 20:32 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-05-05 20:32 - 2016-05-05 20:32 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Viber
2016-05-05 20:32 - 2016-05-05 20:32 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Package Cache
2016-05-05 20:31 - 2016-05-05 20:31 - 01462720 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-05-05 20:31 - 2016-05-05 20:31 - 00481032 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-05-05 20:31 - 2016-05-05 20:31 - 00191512 _____ (Qualcomm®Atheros®) C:\Windows\system32\BtContextMenu.dll
2016-05-05 20:31 - 2016-05-05 20:31 - 00057792 _____ C:\Windows\system32\Drivers\AthrBT_0x00000200.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00056824 _____ C:\Windows\system32\Drivers\AthrBT_0x00000300.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00047784 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID.sys
2016-05-05 20:31 - 2016-05-05 20:31 - 00036840 _____ C:\Windows\system32\Drivers\AthrBT_TF_0x00000302.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00034508 _____ C:\Windows\system32\Drivers\AthrBT_0x00000302.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00019992 _____ (Qualcomm®Atheros®) C:\Windows\system32\BtContextMenu.dll.muien-US
2016-05-05 20:31 - 2016-05-05 20:31 - 00001969 _____ C:\Windows\system32\Drivers\ramps_TF_0x00000302_48.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00001969 _____ C:\Windows\system32\Drivers\ramps_0x00000302_48_NFA354A_10db.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00001969 _____ C:\Windows\system32\Drivers\ramps_0x00000302_48.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00001890 _____ C:\Windows\system32\Drivers\ramps_0x00000300_48.dfu
2016-05-05 20:31 - 2016-05-05 20:31 - 00001859 _____ C:\Windows\system32\Drivers\ramps_0x00000200_48.dfu
2016-05-05 20:29 - 2016-05-05 20:29 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-05-05 20:29 - 2016-05-05 20:29 - 00042600 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-05-05 20:29 - 2016-05-05 20:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-05-05 20:29 - 2016-05-05 20:29 - 00000000 ____D C:\Program Files\Synaptics
2016-05-05 20:25 - 2016-05-07 10:40 - 00000000 ____D C:\ProgramData\ProductData
2016-05-05 20:25 - 2016-05-06 09:13 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\IObit
2016-05-05 20:25 - 2016-05-05 21:11 - 00000000 ____D C:\ProgramData\IObit
2016-05-05 20:25 - 2016-05-05 21:10 - 00000000 ____D C:\Users\BIGGIE\AppData\LocalLow\IObit
2016-05-05 20:25 - 2016-05-05 20:25 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-05-05 20:25 - 2016-05-05 20:25 - 00000000 ____D C:\Windows\IObit
2016-05-05 20:24 - 2016-05-08 07:59 - 00000000 ____D C:\Program Files (x86)\IObit
2016-05-05 20:22 - 2016-05-05 20:28 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Mozilla
2016-05-05 20:22 - 2016-05-05 20:22 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-05 20:22 - 2016-05-05 20:22 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-05 20:22 - 2016-05-05 20:22 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Mozilla
2016-05-05 20:21 - 2016-05-06 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 20:21 - 2016-05-05 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-05 20:19 - 2016-05-05 20:36 - 01287724 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2016-05-05 20:19 - 2016-05-05 20:36 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-05-05 20:19 - 2016-05-05 20:36 - 00000000 ____D C:\Windows\system32\DAX2
2016-05-05 20:19 - 2016-05-05 20:19 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-05 20:19 - 2016-05-05 20:19 - 00000000 ____D C:\Program Files\Realtek
2016-05-05 20:17 - 2016-05-06 07:47 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-05-05 20:17 - 2016-05-05 21:40 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\NVIDIA
2016-05-05 20:17 - 2016-05-05 21:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-05 20:17 - 2016-05-05 20:17 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-05-05 20:16 - 2016-05-07 10:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-05 20:16 - 2016-05-07 10:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-05 20:16 - 2016-04-03 00:52 - 04164608 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll
2016-05-05 20:16 - 2016-04-03 00:49 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2016-05-05 20:16 - 2016-04-03 00:46 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\MLS2.dll
2016-05-05 20:16 - 2016-04-03 00:37 - 04164608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0002.dll
2016-05-05 20:16 - 2016-04-03 00:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0002.dll
2016-05-05 20:16 - 2016-04-03 00:29 - 01868800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MLS2.dll
2016-05-05 20:15 - 2016-05-05 20:15 - 00002689 _____ C:\Users\BIGGIE\Desktop\µTorrent.lnk
2016-05-05 20:14 - 2016-05-07 10:37 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\uTorrent
2016-05-05 20:13 - 2016-05-05 20:13 - 00001051 _____ C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-05-05 20:13 - 2016-05-05 20:13 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Macromedia
2016-05-05 20:12 - 2016-05-05 20:04 - 00453288 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-05-05 20:09 - 2016-05-05 20:09 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-05 20:08 - 2016-05-08 08:09 - 00000000 __SHD C:\Users\BIGGIE\IntelGraphicsProfiles
2016-05-05 20:08 - 2016-05-05 22:27 - 00000000 ____D C:\Intel
2016-05-05 20:08 - 2016-05-05 21:02 - 00027136 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2016-05-05 20:08 - 2016-05-05 20:23 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-05 20:08 - 2016-05-05 20:08 - 00000000 ____D C:\Program Files\Intel
2016-05-05 20:08 - 2015-11-06 04:48 - 00091136 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-05-05 20:01 - 2016-05-05 20:01 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\NetworkTiles
2016-05-05 20:00 - 2016-05-08 08:18 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2DF1ED57-844C-423B-819F-C057111AC89D}
2016-05-05 19:54 - 2016-05-05 19:54 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Comms
2016-05-05 19:53 - 2016-05-05 19:56 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\AutorunX2
2016-05-05 16:44 - 2016-05-05 16:44 - 00002341 _____ C:\Users\BIGGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-05 16:44 - 2016-05-05 16:44 - 00000000 ___RD C:\Users\BIGGIE\OneDrive
2016-05-05 16:44 - 2016-05-05 16:44 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-05-05 16:43 - 2016-05-05 16:43 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\ConnectedDevicesPlatform
2016-05-05 16:42 - 2016-05-05 16:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-05 16:42 - 2016-05-05 16:42 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Publishers
2016-05-05 16:41 - 2016-05-08 08:09 - 00000000 ____D C:\Users\BIGGIE
2016-05-05 16:41 - 2016-05-07 10:02 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\Packages
2016-05-05 16:41 - 2016-05-06 10:12 - 00924370 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-05 16:41 - 2016-05-05 16:41 - 00000020 ___SH C:\Users\BIGGIE\ntuser.ini
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 _SHDL C:\Users\BIGGIE\My Documents
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 _SHDL C:\Users\BIGGIE\Documents\My Videos
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 _SHDL C:\Users\BIGGIE\Documents\My Pictures
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 _SHDL C:\Users\BIGGIE\Documents\My Music
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 ____D C:\Users\BIGGIE\AppData\Roaming\Adobe
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\VirtualStore
2016-05-05 16:41 - 2016-05-05 16:41 - 00000000 ____D C:\Users\BIGGIE\AppData\Local\TileDataLayer
2016-05-05 16:39 - 2016-04-03 19:17 - 02712064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default\My Documents
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-05-05 16:36 - 2016-05-05 16:36 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-05-05 16:13 - 2016-05-05 16:13 - 00000000 ____D C:\ProgramData\USOShared
2016-05-05 16:12 - 2016-05-08 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-05 16:11 - 2016-05-08 08:08 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-05-05 16:11 - 2016-05-05 16:12 - 00000000 ____D C:\Windows\ServiceProfiles
2016-05-05 10:06 - 2016-05-06 08:41 - 00000000 ____D C:\AdwCleaner
2016-04-29 13:41 - 2016-05-07 11:47 - 00000000 ____D C:\Users\BIGGIE\Desktop\The.Sopranos.S04.720p.WEB-DL.DD5.1.H.264-TB
2016-04-24 10:08 - 2016-04-24 10:08 - 00000026 _____ C:\Users\BIGGIE\Desktop\ИГРИ 2016.txt
2016-04-20 08:34 - 2016-04-20 08:35 - 00000000 ____D C:\Users\BIGGIE\Desktop\Фитнес
2016-04-16 01:53 - 2016-04-16 01:53 - 00130328 _____ C:\Windows\SysWOW64\vulkan-1-1-0-8-1.dll
2016-04-16 01:53 - 2016-04-16 01:53 - 00040216 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-8-1.exe
2016-04-16 01:52 - 2016-04-16 01:52 - 00130840 _____ C:\Windows\system32\vulkan-1-1-0-8-1.dll
2016-04-16 01:52 - 2016-04-16 01:52 - 00045336 _____ C:\Windows\system32\vulkaninfo-1-1-0-8-1.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-08 08:24 - 2015-12-19 10:14 - 00000000 ____D C:\oem
2016-05-08 07:59 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\AppReadiness
2016-05-08 07:58 - 2016-04-03 19:33 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-07 11:41 - 2016-01-26 10:41 - 00000000 ____D C:\KMPlayer
2016-05-07 10:36 - 2016-04-03 19:04 - 00000000 ____D C:\Windows\CbsTemp
2016-05-07 10:27 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\Help
2016-05-07 10:26 - 2016-04-03 19:29 - 00000000 ____D C:\Windows\INF
2016-05-07 10:21 - 2016-04-03 17:35 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-07 09:09 - 2015-12-19 23:10 - 00000000 ____D C:\Users\BIGGIE\Desktop\Installations
2016-05-07 09:01 - 2016-04-03 19:33 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-05-06 11:46 - 2016-04-03 19:33 - 00000167 _____ C:\Windows\win.ini
2016-05-06 11:46 - 2016-04-03 19:33 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-06 11:43 - 2016-04-03 19:33 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-06 10:06 - 2016-04-03 19:33 - 00000000 ___RD C:\Windows\MiracastView
2016-05-06 08:31 - 2015-12-19 14:16 - 00000000 __SHD C:\$360Section
2016-05-06 07:58 - 2016-04-03 19:33 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 07:48 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\appcompat
2016-05-06 03:10 - 2016-04-03 19:33 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-05-05 23:07 - 2016-04-03 21:59 - 00000000 ____D C:\Windows\ShellNew
2016-05-05 22:04 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\LiveKernelReports
2016-05-05 21:03 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\SystemApps
2016-05-05 21:03 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\security
2016-05-05 21:03 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-05 21:02 - 2016-04-03 19:25 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2016-05-05 21:02 - 2016-04-03 19:25 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2016-05-05 21:02 - 2016-04-03 19:25 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2016-05-05 21:02 - 2016-04-03 19:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-05-05 21:02 - 2016-04-03 19:25 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2016-05-05 21:02 - 2016-04-03 19:23 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2016-05-05 21:02 - 2016-04-03 19:23 - 00107008 _____ C:\Windows\system32\RDVGHelper.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2016-05-05 21:02 - 2016-04-03 19:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2016-05-05 21:02 - 2016-04-03 19:23 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2016-05-05 21:02 - 2016-04-03 19:22 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00147439 _____ C:\Windows\system32\gpedit.msc
2016-05-05 21:02 - 2016-04-03 19:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2016-05-05 21:02 - 2016-04-03 19:22 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2016-05-05 21:02 - 2016-04-03 19:22 - 00043566 _____ C:\Windows\system32\rsop.msc
2016-05-05 21:01 - 2016-04-03 19:25 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-05-05 21:01 - 2016-04-03 19:25 - 00329216 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-05-05 21:01 - 2016-04-03 19:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2016-05-05 21:01 - 2016-04-03 19:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2016-05-05 21:01 - 2016-04-03 19:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2016-05-05 21:01 - 2016-04-03 19:23 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessCsp.dll
2016-05-05 21:01 - 2016-04-03 19:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2016-05-05 21:01 - 2016-04-03 19:23 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-05-05 21:01 - 2016-04-03 19:23 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeSubscription.exe
2016-05-05 21:01 - 2016-04-03 19:23 - 00038672 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.exe
2016-05-05 21:01 - 2016-04-03 19:23 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 01344512 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2016-05-05 21:01 - 2016-04-03 19:22 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00120458 _____ C:\Windows\system32\secpol.msc
2016-05-05 21:01 - 2016-04-03 19:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2016-05-05 21:01 - 2016-04-03 19:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2016-05-05 21:00 - 2016-04-03 19:25 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-05-05 21:00 - 2016-04-03 19:25 - 00349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2016-05-05 21:00 - 2016-04-03 19:25 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2016-05-05 21:00 - 2016-04-03 19:23 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2016-05-05 21:00 - 2016-04-03 19:23 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00454144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00147439 _____ C:\Windows\SysWOW64\gpedit.msc
2016-05-05 21:00 - 2016-04-03 19:22 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-05-05 21:00 - 2016-04-03 19:22 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-05-05 21:00 - 2016-04-03 19:22 - 00043566 _____ C:\Windows\SysWOW64\rsop.msc
2016-05-05 20:59 - 2016-04-03 19:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2016-05-05 20:59 - 2016-04-03 19:25 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-05-05 20:59 - 2016-04-03 19:25 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-05-05 20:59 - 2016-04-03 19:23 - 00678912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2016-05-05 20:59 - 2016-04-03 19:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2016-05-05 20:59 - 2016-04-03 19:23 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2016-05-05 20:59 - 2016-04-03 19:23 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2016-05-05 20:59 - 2016-04-03 19:23 - 00046352 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2016-05-05 20:59 - 2016-04-03 19:23 - 00036624 _____ (Microsoft Corporation) C:\Windows\system32\EmbeddedAppLauncherConfig.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 01952256 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00935936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-05-05 20:59 - 2016-04-03 19:22 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2016-05-05 20:59 - 2016-04-03 19:22 - 00141584 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2016-05-05 20:59 - 2016-04-03 19:22 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2016-05-05 20:35 - 2015-07-09 18:45 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-05-05 20:35 - 2015-07-09 18:45 - 03081808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-05-05 20:35 - 2015-07-09 18:45 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-05-05 20:35 - 2015-07-09 18:45 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-05-05 20:35 - 2015-07-09 18:45 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-05-05 20:35 - 2015-07-09 18:41 - 04803840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-05-05 20:35 - 2015-07-09 18:41 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-05-05 20:31 - 2015-08-03 11:45 - 00602248 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2016-05-05 20:31 - 2015-08-03 11:42 - 00192000 _____ (Qualcomm Atheros Communications Inc.) C:\Windows\system32\btcoinst.dll
2016-05-05 20:30 - 2016-01-19 22:50 - 00185896 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2016-05-05 16:41 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-05-05 16:40 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\rescache
2016-05-05 16:39 - 2016-04-03 19:33 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-05-05 16:21 - 2016-04-03 17:35 - 00000000 ____D C:\Windows\system32\Sysprep
2016-05-05 16:16 - 2016-04-03 19:33 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-05-05 16:16 - 2016-04-03 19:33 - 00000000 ___RD C:\Windows\PrintDialog
2016-05-05 16:15 - 2016-04-03 19:33 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-05-05 16:13 - 2016-04-03 19:33 - 00000000 ____D C:\ProgramData\USOPrivate
2016-05-05 16:13 - 2016-04-03 17:35 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-04-09 09:28 - 2015-12-19 13:58 - 00000000 ____D C:\Users\BIGGIE\Desktop\Stuff

==================== Files in the root of some directories =======

2016-05-05 20:19 - 2016-05-05 20:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-05 16:11

==================== End of FRST.txt ============================

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

преди 9 часа, B-boy/StyLe/ написа:

Вижте с Process Hacker какво пише по диска от System:

https://github.com/processhacker2/processhacker2/releases/download/v2.39/processhacker-2.39-bin.zip

u0ZlqHk.png

Изтеглих програмата, но в момента, в който кликна върху таб Disk, процесите буквално не спират да нарастват, та не мога дори да направя адекватен скрийншот. Вероятно нещо аз не съм разбрал по инструкциите, та затова по-добре да те попитам.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 4 часа, манго написа:

към автора на темата

доколкото си спомням,тази бета версия имаше много бъгове, сред които и многото процеси на заден план
предлагам да си изтеглите работеща версия от:

 

от посочения линк изберете  версията windows 10 без допълнителни знаци отзад, изберете език и сваляйте
имате възможност да изтеглите windows 10 с български итерфейс

сваления файл съдържа про и хоме версиите, като към момента версията (1511) е пусната през март тази година

https://www.microsoft.com/en-us/software-download/techbench

 

Тоест в последствие трябва да я запиша на disc и да дам repair на сегашния Windows? Или трябва да инсталирам наново копието с чист преинстал? Нямам толкова голяма флашка, та затова смятам да работя с диск? Това, което ми е важно е, ще бъде ли активна repair опцията, ако изтегля този Windows файл от сайта или не?

Редактирано от b3s7ch0 (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 11 часа, b3s7ch0 написа:

Изтеглих програмата, но в момента, в който кликна върху таб Disk, процесите буквално не спират да нарастват, та не мога дори да направя адекватен скрийншот. Вероятно нещо аз не съм разбрал по инструкциите, та затова по-добре да те попитам.

Просто подредете процесите по Write rate и направете снимката.

преди 14 минути, b3s7ch0 написа:

Тоест в последствие трябва да я запиша на disc и да дам repair на сегашния Windows? Или трябва да инсталирам наново копието с чист преинстал? Нямам толкова голяма флашка, та затова смятам да работя с диск? Това, което ми е важно е, ще бъде ли активна repair опцията, ако изтегля този Windows файл от сайта или не?

Repair-a вече е излишна опция, защото вече предполагам сте си спасили ценните файлове за които говорихте в предишната ви тема. То като цяло такива не се държат и на дял C:\. Сега вече е добре да си преинсталирате Windows-a с пълен формат на дяла, защото в момента положението предполагам е доста омазано...Преминаване от 8.1 към 10 и след това преинсталация върху старата 10-тка (поне да бяхте използвали Refresh или Reset PC от Advanced Recovery менюто). Та сега repair-a едва ли е опция, защото дори да е по-бърза процедурата тя не гарантира решаването на проблема. Тарикатлъка често излиза по-скъпо решение впоследствие.


  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 2 часа, B-boy/StyLe/ написа:

Просто подредете процесите по Write rate и направете снимката.

Repair-a вече е излишна опция, защото вече предполагам сте си спасили ценните файлове за които говорихте в предишната ви тема. То като цяло такива не се държат и на дял C:\. Сега вече е добре да си преинсталирате Windows-a с пълен формат на дяла, защото в момента положението предполагам е доста омазано...Преминаване от 8.1 към 10 и след това преинсталация върху старата 10-тка (поне да бяхте използвали Refresh или Reset PC от Advanced Recovery менюто). Та сега repair-a едва ли е опция, защото дори да е по-бърза процедурата тя не гарантира решаването на проблема. Тарикатлъка често излиза по-скъпо решение впоследствие.

Тоест мога да изтегля версия от линка, който ми беше даден по-горе, да запиша на буут диск и да направя чиста преинсталация, като е хубаво преди това, ценните файлове да преместя на друга партитура? Правилно ли съм разбрал?

Относно останалото, очевидно съм допуснал грешка, но не съм искал да обидя никой от вас, това мога да гарантирам. Ако по някакъв начин съм го направил или съм пренебрегнал нещо, което сте ме посъветвали, направил съм го заради постоянното притискане от шефове, което получавах през този ден.

Редактирано от b3s7ch0 (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, правилно сте разбрали, но все пак пред това направете желаната от мен снимка на процесите от секцията Disk в Process Hacker подредени по write rate!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 минути, B-boy/StyLe/ написа:

Да, правилно сте разбрали, но все пак пред това направете желаната от мен снимка на процесите от секцията Disk в Process Hacker подредени по write rate!

Добре,веднага щом имам достъп до лаптопа си ще направя снимка на процесите.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не виждам да има голямо натоварване по диска. Вие къде го видяхте или вече не се случва?

Колкото до забавената система просто имате доста излишни процеси.

icon1373991893.jpg

Изтеглете Autoruns и:

  • Стартирайте програмата;
  • Изберете Options => сложете отметки пред Hide Empty Locations, Hide Microsoft Entries и Hide Windows Entries и махнете отметката пред Hide VirusTotal Clean Entries;
  • Сега изберете Options => Filter Options => и сложете отметки пред Verify Code Signature, Check VirusTotal.com и Submit Unknown Images;
  • Изберете бутона Rescan;
  • От менюто File => изберете Save => запазете файла някъде с желано от вас име (във формат arn), архивирайте го с програма по желание в zip формат и го прикачете към темата.
  • Харесва ми 4

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 38 минути, B-boy/StyLe/ написа:

Не виждам да има голямо натоварване по диска. Вие къде го видяхте или вече не се случва?

Колкото до забавената система просто имате доста излишни процеси.

icon1373991893.jpg

Изтеглете Autoruns и:

  • Стартирайте програмата;
  • Изберете Options => сложете отметки пред Hide Empty Locations, Hide Microsoft Entries и Hide Windows Entries и махнете отметката пред Hide VirusTotal Clean Entries;
  • Сега изберете Options => Filter Options => и сложете отметки пред Verify Code Signature, Check VirusTotal.com и Submit Unknown Images;
  • Изберете бутона Rescan;
  • От менюто File => изберете Save => запазете файла някъде с желано от вас име (във формат arn), архивирайте го с програма по желание в zip формат и го прикачете към темата.

 

Успях в крайна сметка да стигна до финалния файл, след първоначалния неуспех. Прикачвам го.

Иначе за мен най-добрият вариант е да не се стига до нов преинстал, защото пак ще ми се мрънкна по главата. Ако има как да се оптимизира текущия Windows ще бъде чудесно и ще съм страшно благодарен :)

 

 

DESKTOP-F8J1J0J.rar

Редактирано от b3s7ch0 (преглед на промените)
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Като начало от опциите на CCleaner => Options => Monitoring => премахнете двете отметки и се съгласете с промените.

 

 

Стартирайте отното Autoruns като администратор => от секцията за Scheduled Tasks премахнете отметката пред:

\Driver Booster SkipUAC (BIGGIE)

(можете да махнете и други отметки тук, които мислите, че не са ви необходими).

От менюто Drivers премахнете отметката пред:

ALSysIO

От менюто Codecs премахнете отметките пред:

VIDC.VP80

vidc.XVID

 

 

В търсачката на Windows въведете services.msc => намерете в списъка с услугите:

Adobe Acrobat Update Service

Adobe Flash Player Update service

Disc Soft Lite Bus Service

LiveUpdate

Nvidia Geforce Experience Service

Nvidia Network Service

Nvidia Streamer Network Service

Nvidia Streamer Service

Кликнете върху всяка една от тях и от Startup Type ги сложете на Manual вместо на Automatic.

 

 

От Control Panel-a деинсталирайте:

Mozilla Maintenance Service

 

 

Рестартирайте системата и вижте дали има подобрение.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 12 часа, B-boy/StyLe/ написа:

Като начало от опциите на CCleaner => Options => Monitoring => премахнете двете отметки и се съгласете с промените.

 

 

Стартирайте отното Autoruns като администратор => от секцията за Scheduled Tasks премахнете отметката пред:

\Driver Booster SkipUAC (BIGGIE)

(можете да махнете и други отметки тук, които мислите, че не са ви необходими).

От менюто Drivers премахнете отметката пред:

ALSysIO

От менюто Codecs премахнете отметките пред:

VIDC.VP80

vidc.XVID

 

 

В търсачката на Windows въведете services.msc => намерете в списъка с услугите:

Adobe Acrobat Update Service

Adobe Flash Player Update service

Disc Soft Lite Bus Service

LiveUpdate

Nvidia Geforce Experience Service

Nvidia Network Service

Nvidia Streamer Network Service

Nvidia Streamer Service

Кликнете върху всяка една от тях и от Startup Type ги сложете на Manual вместо на Automatic.

 

 

От Control Panel-a деинсталирайте:

Mozilla Maintenance Service

 

 

Рестартирайте системата и вижте дали има подобрение.

Определено се усеща значително подобрение след като спрях всички тези неща. От тук нататък мисля да изтегля един Defragmenter и да пусна цялостен defragment на системата.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от kalinm
      Здравейте,
      Имам проблем с JRT и AdwCleaner. Имам ги и двете, но не могат да се стартират. Като щракна в папката на AdwCleaner, се затваря файловия мениджър (експлорер) и не мога да достигна до .ехе файла. Същото се случва и когато отида на страницата за изтегляне на AdwCleaner. Явно имам някаква зараза. Това се случи, след сваляне на една програма  и се накачиха вируси, които засече Windows Defender и уж ги изчисти, но това остана като проблем.
      Промени се и началната страница за зареждане на мозилата, но го оправих. Дори текстов файл, в заглавието на който има име AdwCleaner не се отворя. По някакъв начин един път успях да отворя програмата AdwCleaner и сканирам компа, която откри доста неща, които  видях в лог файла след сканирането, че са премахнати и докато се наканих да го запаша в друга директория, той се затвори и се е записал в папката на AdwCleaner, която не мога да отворя. Добре че първия текстов лог файл при първоначалното сканиране записах какво е открил, но го преименувах с име промяна.txt , защото с име AdwCleaner(...).тхт не се отваря. Прикачвам го.
      JRT уж се стартира, но приключва без видимо стартиране.
      Въпросът ми е, може ли да ми помогнете с решаването на този проблем.
      За всеки случай, моят Е-майл: kalinm@gbg.bg. Използвам лицензиран Windows 10 Home, който актуализирах да последната версия 1803 на 7 май.
      Интересното е, че и точките за възстановяване на системата ги няма. Все едно че тази опция не е избирана, т.е. казва ми да включа опцията за възстановяване. А беше включена...
      Дефендера казва, че няма вируси, но явно има нещо много нередно.
      А не ми се иска да преинсталирам
      В момента не разполагам с компакт диск за операционната система WINDOWS 10 Home 64 bit for OEM версия 1511, тъй като съм в друго населено място. Имам диск дори и втори, който създадох миналата година с по-новата версия  1607, но не са при мен, но разполагам с  Регистрационния 25-знаков продуктов ключ. Сега съм с Windows 10 Home последната версия 1803, който обнових, но след заразата.
    • от Rustislav Petrov
      Здравейте, от някакво време забелязвам, че компютърът ми започва да се натоварва и вентилаторите бучат по-силно като го оставя да стои без да го пипам да кажем след около 30 мин, също някой път много ми забива, отварям си Task Manager-а и най-натоварващата програма откъм диск и рам е мозилата, която със отворен 1 таб на ютюб и 1 таб facebook ми точи около 3гб рам(което мисля че е твърде много)
      Addition.txt
      FRST.txt
    • от v3cko
      Здравейте , напоследък много често през хром ми дава че е засечен необичаен трафик и да потвърдя че не съм робот
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.04.2018
      Ran by USER (administrator) on NB4-031017 (04-05-2018 10:28:50)
      Running from C:\Users\USER\Downloads
      Loaded Profiles: USER (Available Profiles: USER)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Английски (Съединени щати)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Hewlett-Packard) C:\Windows\System32\hpservice.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
      (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
      (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
      (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
      (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
      (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
      () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
      HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
      HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-04-05] (Intel Corporation)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-14] (Synaptics Incorporated)
      HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
      HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
      HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-06-29] (Adobe Systems Incorporated)
      HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-05] (AVAST Software)
      HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
      Winlogon\Notify\ScCertProp: wlnotify.dll [X]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      HKU\S-1-5-21-3304134733-819666466-2278347041-1000\...\MountPoints2: G - G:\Lenovo_Suite.exe
      HKU\S-1-5-21-3304134733-819666466-2278347041-1000\...\MountPoints2: {2266d480-0128-11e8-9d2e-002713343a56} - G:\Lenovo_Suite.exe
      HKU\S-1-5-21-3304134733-819666466-2278347041-1000\...\MountPoints2: {b041fd1c-4532-11e8-ad0d-f4ce46ad0471} - G:\HiSuiteDownLoader.exe
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-10-03]
      ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{536A229A-CF6B-40F3-A422-B91758B05919}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{B985E446-CCC9-4317-97EE-CC040A2A18B2}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3304134733-819666466-2278347041-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.bg/
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  No File
      FireFox:
      ========
      FF ProfilePath: C:\Users\USER\AppData\Roaming\K-Meleon\y7sqykvz.default [2018-05-04]
      FF user.js: detected! => C:\Users\USER\AppData\Roaming\K-Meleon\y7sqykvz.default\user.js [2006-04-06]
      FF Homepage: K-Meleon\y7sqykvz.default -> google.bg
      FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-10] ()
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
      FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [No File]
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-24] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-24] (Google Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
      Chrome: 
      =======
      CHR HomePage: Default -> hxxp://google.bg/
      CHR StartupUrls: Default -> "hxxps://www.google.bg/"
      CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2018-05-04]
      CHR Extension: (Презентации) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-24]
      CHR Extension: (Документи) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-24]
      CHR Extension: (Google Диск) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-03]
      CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-03]
      CHR Extension: (Chrome Cleaner Pro) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp [2018-04-20]
      CHR Extension: (Adblock Plus) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
      CHR Extension: (Таблици) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-24]
      CHR Extension: (Google Документи офлайн) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-03]
      CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-04-07]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-03]
      CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
      CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-05] (AVAST Software)
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4707104 2018-03-27] (Malwarebytes)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
      S4 ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 AIDA64Driver; D:\_Install\AIDA64 Extreme Edition 5.80.4000\kerneld.x32 [44176 2016-10-24] ()
      R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-04-05] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-04-05] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-04-12] (AVAST Software)
      R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100544 2018-04-05] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-04-05] (AVAST Software)
      R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783600 2018-04-05] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391856 2018-04-05] (AVAST Software)
      R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-04-05] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-04-05] (AVAST Software)
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2017-10-03] (Disc Soft Ltd)
      S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
      R2 LMIInfo; C:\Windows\system32\drivers\LMIInfo.sys [27872 2017-01-11] (LogMeIn, Inc.)
      R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
      R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1805872 2009-07-01] ()
      S4 LMIRfsClientNP; no ImagePath
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-05-04 10:28 - 2018-05-04 10:29 - 000012608 _____ C:\Users\USER\Downloads\FRST.txt
      2018-05-04 10:28 - 2018-05-04 10:28 - 002066432 _____ (Farbar) C:\Users\USER\Downloads\FRST.exe
      2018-05-04 10:28 - 2018-05-04 10:28 - 000000000 ____D C:\FRST
      2018-05-04 00:41 - 2018-05-04 10:00 - 000000000 ____D C:\Users\USER\AppData\Local\Puffin
      2018-05-04 00:41 - 2018-05-04 00:41 - 000000937 _____ C:\Users\Public\Desktop\Puffin.lnk
      2018-05-04 00:41 - 2018-05-04 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puffin Browser
      2018-05-04 00:40 - 2018-05-04 00:41 - 000000000 ____D C:\Program Files\Puffin
      2018-05-03 22:47 - 2018-05-03 22:51 - 068539808 _____ (CloudMosa, Inc. ) C:\Users\USER\Downloads\PuffinBetaSetup.exe
      2018-05-02 21:46 - 2018-05-02 21:46 - 000218295 _____ C:\Users\USER\Downloads\14415951001_20180501_1245790475.pdf
      2018-05-02 16:25 - 2018-05-02 16:25 - 000408064 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-05-02 01:17 - 2018-05-02 01:17 - 000109280 _____ C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
      2018-05-02 01:11 - 2018-05-02 01:11 - 000001264 _____ C:\Users\Public\Desktop\Skype.lnk
      2018-05-02 01:11 - 2018-05-02 01:11 - 000000000 ____D C:\Users\USER\AppData\Roaming\Skype
      2018-05-02 01:11 - 2018-05-02 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      2018-05-02 01:09 - 2018-05-02 01:11 - 018529206 _____ (Skype Technologies S.A.) C:\Users\USER\Downloads\Непотвърдено 702826.crdownload
      2018-05-02 01:09 - 2018-05-02 01:10 - 062741696 _____ (Skype Technologies S.A.) C:\Users\USER\Downloads\Skype-8.20.0.9.exe
      2018-04-28 12:22 - 2018-04-28 12:22 - 000001194 _____ C:\Users\Public\Desktop\Easy2Convert JPG to DDS.lnk
      2018-04-28 12:22 - 2018-04-28 12:22 - 000000000 ____D C:\Users\USER\AppData\Roaming\Easy2Convert
      2018-04-28 12:22 - 2018-04-28 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy2Convert Software
      2018-04-28 12:22 - 2018-04-28 12:22 - 000000000 ____D C:\Program Files\Easy2Convert Software
      2018-04-28 12:20 - 2018-04-28 12:20 - 003340649 _____ (Easy2Convert Software ) C:\Users\USER\Downloads\jpg2dds.exe
      2018-04-28 12:18 - 2018-04-28 12:18 - 000162944 _____ C:\Users\USER\Downloads\XRG_Nikaz_Sport_R34.dds
      2018-04-28 06:02 - 2018-04-28 06:02 - 000029105 _____ C:\Users\USER\Downloads\XRGT_Alloy2.7z
      2018-04-28 05:35 - 2018-04-28 05:35 - 000000132 _____ C:\Users\USER\Downloads\XRG_BL1_HL_133550.set
      2018-04-28 05:24 - 2018-04-28 05:24 - 000000132 _____ C:\Users\USER\Downloads\XRG_BL1_HL_132690.set
      2018-04-27 20:03 - 2018-04-27 20:03 - 000417869 _____ C:\Users\USER\Downloads\mustang-sport.rar
      2018-04-27 20:02 - 2018-04-27 20:02 - 000474539 _____ C:\Users\USER\Downloads\Непотвърдено 315132.crdownload
      2018-04-27 20:02 - 2018-04-27 20:02 - 000474539 _____ C:\Users\USER\Downloads\Непотвърдено 122074.crdownload
      2018-04-21 23:38 - 2018-04-23 18:54 - 006268764 _____ C:\Users\USER\Documents\NB4-031017.arn
      2018-04-21 23:32 - 2018-04-21 23:32 - 000735888 _____ (Sysinternals - www.sysinternals.com) C:\Users\USER\Downloads\autoruns.exe
      2018-04-21 15:16 - 2017-06-30 11:30 - 000002111 _____ C:\Users\USER\Documents\XFG.cfg_v2
      2018-04-21 15:16 - 2016-01-20 10:53 - 000001528 _____ C:\Users\USER\Documents\XFG.cfg
      2018-04-21 14:38 - 2018-04-21 14:39 - 012258354 _____ C:\Users\USER\Downloads\BMW_M4_14 LB BY MARK.rar
      2018-04-21 11:28 - 2018-04-21 11:28 - 000012006 _____ C:\Users\USER\Downloads\DiscATEST.zip
      2018-04-20 19:08 - 2018-04-20 19:09 - 000000782 _____ C:\DelFix.txt
      2018-04-20 18:10 - 2018-04-20 18:10 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-04-20 18:10 - 2018-04-20 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-04-20 18:10 - 2018-04-20 18:10 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-04-20 18:10 - 2018-04-20 18:10 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-04-20 18:10 - 2018-03-19 12:57 - 000058656 _____ C:\Windows\system32\Drivers\mbae.sys
      2018-04-20 18:08 - 2018-04-20 18:09 - 073430920 _____ (Malwarebytes ) C:\Users\USER\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4792.exe
      2018-04-14 19:26 - 2018-04-14 19:26 - 001254569 _____ (Igor Pavlov) C:\Users\USER\Downloads\LFS_PATCH_6R_TO_6R12.exe
      2018-04-13 21:28 - 2018-04-13 21:28 - 000001704 _____ C:\Users\USER\Documents\1.txt
      2018-04-09 23:16 - 2018-04-09 23:16 - 001018015 _____ (Igor Pavlov) C:\Users\USER\Downloads\LFS_PATCH_6R_TO_6R11.exe
      2018-04-09 10:31 - 2018-04-09 10:31 - 000000000 ____D C:\Users\USER\AppData\Roaming\Nero
      2018-04-09 07:37 - 2018-04-09 07:37 - 000972765 _____ (Igor Pavlov) C:\Users\USER\Downloads\LFS_PATCH_6R_TO_6R10.exe
      2018-04-07 15:06 - 2018-04-08 07:53 - 000000000 ____D C:\Users\USER\Documents\My Games
      2018-04-07 15:05 - 2018-04-07 15:05 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft Games
      2018-04-07 15:03 - 2018-04-07 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
      2018-04-07 06:57 - 2018-04-07 06:57 - 000974910 _____ (Igor Pavlov) C:\Users\USER\Downloads\LFS_PATCH_6R_TO_6R9.exe
      2018-04-07 06:56 - 2018-04-07 06:56 - 000000413 _____ C:\Users\USER\AppData\Local\UserProducts.xml
      2018-04-07 06:56 - 2018-04-07 06:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
      2018-04-07 06:56 - 2018-04-07 06:56 - 000000000 ____D C:\Program Files\Skillbrains
      2018-04-07 06:54 - 2018-04-07 06:54 - 002731128 _____ (Skillbrains ) C:\Users\USER\Downloads\setup-lightshot.exe
      2018-04-06 10:36 - 2018-04-06 10:36 - 000974764 _____ (Igor Pavlov) C:\Users\USER\Downloads\LFS_PATCH_6R_TO_6R8.exe
      2018-04-06 09:51 - 2018-04-06 09:51 - 003148854 _____ C:\Users\USER\Downloads\cheats.bmp
      2018-04-05 10:06 - 2018-04-05 10:06 - 000320728 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-05-04 07:45 - 2018-01-24 22:57 - 000000000 ____D C:\LFS
      2018-05-04 00:41 - 2018-02-26 19:19 - 000000000 ____D C:\Users\USER\AppData\Local\CrashDumps
      2018-05-03 16:48 - 2017-10-03 14:33 - 000000277 _____ C:\ProgramData\HPWALog.txt
      2018-05-03 16:30 - 2009-07-14 07:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-05-03 16:30 - 2009-07-14 07:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-05-03 16:22 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-05-02 17:32 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\NDF
      2018-05-02 16:31 - 2010-11-21 00:01 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-05-02 16:31 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
      2018-05-02 03:27 - 2017-10-03 14:10 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-05-02 03:27 - 2017-10-03 14:10 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-05-01 16:43 - 2018-03-10 17:08 - 000000000 ____D C:\Users\USER\AppData\Local\PrivaZer
      2018-04-20 11:34 - 2009-07-14 07:53 - 000032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2018-04-15 14:58 - 2017-10-03 15:09 - 000000000 ____D C:\Users\USER\AppData\Roaming\MPC-HC
      2018-04-12 22:07 - 2017-10-03 16:08 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2018-04-10 22:02 - 2017-10-03 14:07 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2018-04-10 22:02 - 2017-10-03 14:07 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2018-04-10 22:02 - 2017-10-03 14:07 - 000000000 ____D C:\Windows\system32\Macromed
      2018-04-07 14:08 - 2018-03-23 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
      2018-04-05 10:06 - 2018-01-24 20:07 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000783600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000152344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000100544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2018-04-05 10:06 - 2017-10-03 16:08 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      ==================== Files in the root of some directories =======
      2017-10-03 14:33 - 2017-10-03 14:33 - 000000000 _____ () C:\Users\USER\AppData\Local\AtStart.txt
      2017-10-03 14:33 - 2017-10-03 14:33 - 000000000 _____ () C:\Users\USER\AppData\Local\DSwitch.txt
      2017-10-03 14:33 - 2017-10-03 14:33 - 000000000 _____ () C:\Users\USER\AppData\Local\QSwitch.txt
      2018-04-07 06:56 - 2018-04-07 06:56 - 000000003 _____ () C:\Users\USER\AppData\Local\updater.log
      2018-04-07 06:56 - 2018-04-07 06:56 - 000000413 _____ () C:\Users\USER\AppData\Local\UserProducts.xml
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-04-28 21:03
      ==================== End of FRST.txt ============================
      Addition.txt
    • от mamasve
      Здравейте , 
      имам вирус на компютъра , който постоянно ми инсталира икона на десктопа Panda viewer и когато отворя който и да е браузър започва да ме пренасочва към всевъзможни сайтове и практически не мога да си ползвам компа вече . Помощ , моля ! 
    • от AHybuC
      Здравейте!
      От тази сутрин не съм способен нормално да стартирам компютъра си. Веднага щом зареди Windows-a, появява се прозорче, в което пише "Windows has encountered a critical problem and will restart automatically in one minute" и както съобщението гласи, след една минута се рестартирва компютъра. Понякога дори се появява директно синия екран, още преди да е успял да зареди Windows-a, с код на грешката 0x000000F4. Направих пълно сканиране с Malwarebytes и Kaspersky Rescue CD 10, отстраниха проблемите, които откриха, но проблемът с рестартирването е все още присъстващ. Редно е да спомена, че в Safe Mode не изпитвам автоматични рестартирвания. Също така, премахнах отметката от Startup and Recovery -> System Failure -> Automatically Restart, но продължават да са налични рестартирванията, само че отметката я бях премахнал, докато бях в Safe Mode. Не знам дали това е от значение, но все пак исках да спомена това.
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.04.2018
      Ran by IvailoCOMP (administrator) on IVAILOCOMP-PC (18-04-2018 19:02:33)
      Running from C:\Users\IvailoCOMP\Desktop
      Loaded Profiles: IvailoCOMP (Available Profiles: IvailoCOMP)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Safe Mode (with Networking)
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
      (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [] => [X]
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoSMBalloonTip] 0
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
      HKU\S-1-5-21-1339006810-3010099187-1440784813-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\..\Interfaces\{1290CD49-798E-4B6B-9CB6-A0F176F07BD0}: [DhcpNameServer] 192.168.1.1 192.168.1.1
      Internet Explorer:
      ==================
      BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
      BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
      BHO: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll => No File
      BHO: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
      BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
      BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
      FireFox:
      ========
      FF ProfilePath: C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default [2018-04-18]
      FF Homepage: Mozilla\Firefox\Profiles\qhtq97on.default -> google.bg
      FF NewTab: Mozilla\Firefox\Profiles\qhtq97on.default -> about:home
      FF Session Restore: Mozilla\Firefox\Profiles\qhtq97on.default -> is enabled.
      FF NewTabOverride: Mozilla\Firefox\Profiles\qhtq97on.default -> Enabled: newtaboverride@agenedia.com
      FF Extension: (Adblocker X) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\@adblock57.xpi [2018-04-11]
      FF Extension: (MEGA) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\firefox@mega.co.nz.xpi [2018-04-13]
      FF Extension: (UniverseView Extension) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\firefox@universeview.ext.xpi [2017-03-01]
      FF Extension: (h264ify) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\jid1-TSgSxBhncsPBWQ@jetpack.xpi [2017-08-03]
      FF Extension: (New Tab Override) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\newtaboverride@agenedia.com.xpi [2018-02-04]
      FF Extension: (Greasemonkey) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17]
      FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\features\{15eba6de-45fd-4321-9dcb-85b0a795c148}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-04-08] [Legacy]
      FF SearchPlugin: C:\Users\IvailoCOMP\AppData\Roaming\Mozilla\Firefox\Profiles\qhtq97on.default\searchplugins\yahoo-lavasoft.xml [2016-07-21]
      FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-28] [Legacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-11] ()
      FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2017-03-22] (Nexon)
      FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
      FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
      FF Plugin: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [No File]
      FF Plugin: @Webzen.com/NPBrowserExt -> C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll [2012-03-27] (WEBZEN)
      FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: @fancyguo.com/FancyGame,version=1.0.0.1 -> C:\Users\IvailoCOMP\AppData\Local\Fancy\npfancygame.dll [2015-05-10] (Hongfeng Hengyu (Beijing) Tech Ltd.)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\IvailoCOMP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)
      FF Plugin HKU\S-1-5-21-1339006810-3010099187-1440784813-1001: xyzgl-plugin@xyz-soft.com -> C:\Program Files\Alfheim\npxyzgl.dll [2012-06-13] (XYZ-SOFT Inc.)
      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S2 CachemanService; C:\Program Files\Cacheman\CachemanServ.exe [210944 2009-05-16] (Outertech) [File not signed]
      S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [382504 2017-05-17] (EasyAntiCheat Ltd)
      S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1353720 2015-07-08] (ESET)
      S2 EslWireHelper; D:\Games\EslWire\service\WireHelperSvc.exe [614416 2014-01-28] ()
      S3 fussvc; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [133632 2012-07-25] (Microsoft Corporation) [File not signed]
      S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [930240 2016-06-14] (NVIDIA Corporation)
      R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2283432 2017-06-29] (LogMeIn Inc.)
      S2 HiPatchService; D:\Program Files\Hi-Rez Studios\HiPatchService.exe [9728 2017-05-11] (Hi-Rez Studios) [File not signed]
      S2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-05-27] (LogMeIn, Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4707104 2018-03-27] (Malwarebytes)
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
      S3 npggsvc; C:\Windows\system32\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
      S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
      S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2904000 2016-06-14] (NVIDIA Corporation)
      S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016704 2016-06-14] (NVIDIA Corporation)
      S2 OracleOraDb11g_home1TNSListener; D:\app\IvailoCOMP\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe [512000 2010-03-31] (Oracle Corporation) [File not signed]
      S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1453384 2018-04-08] (Overwolf LTD)
      S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-10-13] ()
      S3 Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [94208 2012-07-25] (Microsoft Corporation) [File not signed]
      S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
      S3 apf004; C:\Windows\system32\apf004.sys [15112 2015-02-14] ()
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-11-22] (DT Soft Ltd)
      S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202704 2015-07-14] (ESET)
      S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [144536 2015-07-14] (ESET)
      S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [132152 2015-07-14] (ESET)
      R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [31008 2015-02-12] (<Turtle Entertainment>)
      S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [42496 2007-05-15] (Eugene V. Muzychenko) [File not signed]
      R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [167656 2018-04-18] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-04-18] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-04-18] (Malwarebytes)
      S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2016-06-14] (NVIDIA Corporation)
      S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-04-14] (NVIDIA Corporation)
      S3 SDGame; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
      S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
      S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [59776 2006-08-11] (Protection Technology (StarForce))
      S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [33664 2016-03-11] (The OpenVPN Project)
      S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
      U4 CiSvc; no ImagePath
      U4 Messenger; no ImagePath
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-18 19:02 - 2018-04-18 19:04 - 000014732 _____ C:\Users\IvailoCOMP\Desktop\FRST.txt
      2018-04-18 19:02 - 2018-04-18 19:02 - 000000000 ____D C:\FRST
      2018-04-18 19:01 - 2018-04-18 19:02 - 001763840 _____ (Farbar) C:\Users\IvailoCOMP\Desktop\FRST.exe
      2018-04-18 18:29 - 2018-04-18 18:55 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2018-04-18 18:29 - 2018-04-18 18:29 - 000167656 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2018-04-18 18:28 - 2018-04-18 18:28 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-04-18 18:28 - 2018-04-18 18:28 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-04-18 18:28 - 2018-04-18 18:28 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-04-18 18:28 - 2018-03-19 12:57 - 000058656 _____ C:\Windows\system32\Drivers\mbae.sys
      2018-04-18 18:27 - 2018-04-18 18:27 - 073254968 _____ (Malwarebytes ) C:\Users\IvailoCOMP\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4766.exe
      2018-04-18 18:22 - 2018-04-18 18:22 - 000001270 _____ C:\Users\IvailoCOMP\Desktop\asda.lnk
      2018-04-18 18:04 - 2018-04-18 18:07 - 000005192 _____ C:\Users\IvailoCOMP\Desktop\Rkill.txt
      2018-04-18 17:54 - 2018-04-18 17:54 - 000003408 ____N C:\bootsqm.dat
      2018-04-18 17:52 - 2018-04-18 17:52 - 000000000 __SHD C:\found.000
      2018-04-18 17:37 - 2018-04-18 17:37 - 000151072 _____ C:\Windows\Minidump\041818-20997-01.dmp
      2018-04-18 17:11 - 2018-04-18 17:11 - 000151312 _____ C:\Windows\Minidump\041818-23821-01.dmp
      2018-04-18 13:42 - 2018-04-18 20:07 - 000000000 ____D C:\Kaspersky Rescue Disk 10.0
      2018-04-18 10:33 - 2018-04-18 10:33 - 000001261 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
      2018-04-18 10:33 - 2018-04-18 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
      2018-04-18 10:26 - 2018-04-18 10:33 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url
      2018-04-18 10:26 - 2018-04-18 10:33 - 000000000 ____D C:\ProgramData\Ashampoo
      2018-04-18 10:14 - 2018-04-18 10:18 - 338960384 _____ C:\Users\IvailoCOMP\Desktop\kav_rescue_10.iso
      2018-04-18 10:12 - 2018-04-18 10:12 - 000001270 _____ C:\Users\IvailoCOMP\Desktop\shutdown.exe.lnk
      2018-04-18 10:11 - 2018-04-18 18:54 - 000424982 _____ C:\Windows\ntbtlog.txt
      2018-04-18 10:10 - 2018-04-18 10:10 - 000000000 _____ C:\Users\IvailoCOMP\Desktop\New shortcut.lnk
      2018-04-18 09:57 - 2018-04-18 09:57 - 000151696 _____ C:\Windows\Minidump\041818-19999-01.dmp
      2018-04-18 09:54 - 2018-04-18 09:54 - 000151696 _____ C:\Windows\Minidump\041818-18954-01.dmp
      2018-04-18 09:40 - 2018-04-18 17:37 - 286301067 _____ C:\Windows\MEMORY.DMP
      2018-04-18 09:40 - 2018-04-18 17:37 - 000000000 ____D C:\Windows\Minidump
      2018-04-18 09:40 - 2018-04-18 09:40 - 000152656 _____ C:\Windows\Minidump\041818-29546-01.dmp
      2018-04-16 10:43 - 2018-03-31 04:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
      2018-04-16 10:43 - 2018-03-31 04:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-04-16 10:43 - 2018-03-31 04:39 - 000190144 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000190144 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000137920 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
      2018-04-16 10:43 - 2018-03-31 04:39 - 000137920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2018-04-16 10:43 - 2018-03-31 04:39 - 000067264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2018-04-16 10:43 - 2018-03-31 04:12 - 001310480 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2018-04-16 10:43 - 2018-03-31 04:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2018-04-16 10:43 - 2018-03-31 03:51 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2018-04-16 10:43 - 2018-03-31 03:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2018-04-16 10:43 - 2018-03-31 03:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2018-04-16 10:43 - 2018-03-31 03:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2018-04-16 10:43 - 2018-03-31 03:51 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2018-04-16 10:43 - 2018-03-31 03:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2018-04-16 10:43 - 2018-03-31 03:49 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2018-04-16 10:43 - 2018-03-31 03:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2018-04-16 10:43 - 2018-03-31 03:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2018-04-16 10:43 - 2018-03-31 03:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2018-04-16 10:43 - 2018-03-31 03:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2018-04-16 10:43 - 2018-03-28 10:18 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-04-16 10:43 - 2018-03-23 20:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-04-16 10:43 - 2018-03-23 00:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-04-16 10:43 - 2018-03-23 00:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2018-04-16 10:43 - 2018-03-23 00:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2018-04-16 10:43 - 2018-03-22 23:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-04-16 10:43 - 2018-03-22 23:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2018-04-16 10:43 - 2018-03-22 23:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-04-16 10:43 - 2018-03-22 23:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-04-16 10:43 - 2018-03-22 23:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2018-04-16 10:43 - 2018-03-22 23:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-04-16 10:43 - 2018-03-22 23:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2018-04-16 10:43 - 2018-03-22 23:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2018-04-16 10:43 - 2018-03-22 23:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-04-16 10:43 - 2018-03-22 23:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-04-16 10:43 - 2018-03-22 23:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2018-04-16 10:43 - 2018-03-22 23:42 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-04-16 10:43 - 2018-03-22 23:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-04-16 10:43 - 2018-03-22 23:36 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2018-04-16 10:43 - 2018-03-22 23:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-04-16 10:43 - 2018-03-22 23:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2018-04-16 10:43 - 2018-03-22 23:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-04-16 10:43 - 2018-03-22 23:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2018-04-16 10:43 - 2018-03-22 23:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-04-16 10:43 - 2018-03-22 23:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2018-04-16 10:43 - 2018-03-22 23:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-04-16 10:43 - 2018-03-22 23:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2018-04-16 10:43 - 2018-03-22 23:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-04-16 10:43 - 2018-03-22 23:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-04-16 10:43 - 2018-03-22 23:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-04-16 10:43 - 2018-03-22 23:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-04-16 10:43 - 2018-03-22 23:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-04-16 10:43 - 2018-03-22 23:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-04-16 10:43 - 2018-03-22 23:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2018-04-16 10:43 - 2018-03-22 22:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-04-16 10:43 - 2018-03-22 22:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-04-16 10:43 - 2018-03-22 22:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-04-16 10:43 - 2018-03-10 20:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
      2018-04-16 10:43 - 2018-03-09 21:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-04-16 10:43 - 2018-03-09 21:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2018-04-16 10:43 - 2018-03-09 21:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2018-04-16 10:43 - 2018-03-09 20:31 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-04-16 10:43 - 2018-03-06 21:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2018-04-16 10:43 - 2018-03-06 21:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2018-04-16 10:43 - 2018-03-06 21:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
      2018-04-16 10:43 - 2018-02-22 06:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
      2018-04-16 10:43 - 2018-02-19 00:34 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-04-16 10:43 - 2018-02-10 21:49 - 000162496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000154304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000104640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000057024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000053440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000051904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:49 - 000046272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000032448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000027840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000021696 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
      2018-04-16 10:43 - 2018-02-10 21:49 - 000013504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
      2018-04-16 10:43 - 2018-02-10 21:49 - 000011840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
      2018-04-16 10:43 - 2018-02-10 21:48 - 000274624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
      2018-04-16 10:43 - 2018-02-10 21:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
      2018-04-16 10:43 - 2018-02-10 21:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
      2018-04-16 10:43 - 2018-02-10 21:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
      2018-04-16 10:43 - 2018-02-10 21:23 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
      2018-04-16 10:43 - 2018-02-10 20:36 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
      2018-04-16 10:43 - 2018-02-10 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
      2018-04-16 10:43 - 2018-02-10 20:36 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
      2018-04-16 10:43 - 2018-02-10 20:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
      2018-04-16 10:43 - 2018-02-10 20:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
      2018-04-16 10:43 - 2018-02-02 21:54 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2018-04-16 10:43 - 2018-02-02 21:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2018-04-16 10:43 - 2018-02-02 21:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
      2018-04-16 10:43 - 2018-02-02 21:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2018-04-16 10:43 - 2018-02-02 21:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2018-04-16 10:43 - 2018-02-02 21:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-04-16 10:43 - 2018-02-02 20:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
      2018-04-16 10:43 - 2018-01-25 17:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2018-04-16 10:43 - 2018-01-25 17:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2018-04-16 10:43 - 2018-01-15 22:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2018-04-16 10:43 - 2018-01-12 19:29 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2018-04-16 10:43 - 2018-01-12 19:29 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2018-04-16 10:43 - 2018-01-12 19:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
      2018-04-16 10:43 - 2018-01-12 19:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
      2018-04-16 10:43 - 2018-01-12 19:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
      2018-04-16 10:43 - 2018-01-12 19:05 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2018-04-16 10:43 - 2018-01-12 19:05 - 000025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2018-04-16 10:43 - 2018-01-12 19:05 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2018-04-16 10:43 - 2018-01-11 19:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-04-16 10:43 - 2018-01-01 05:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:54 - 001214184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000712936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-04-16 10:43 - 2018-01-01 04:54 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-04-16 10:43 - 2018-01-01 04:50 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-04-16 10:43 - 2018-01-01 04:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
      2018-04-16 10:43 - 2018-01-01 04:43 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-04-16 10:43 - 2018-01-01 04:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
      2018-04-16 10:43 - 2018-01-01 04:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-04-16 10:43 - 2018-01-01 04:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2018-04-16 10:43 - 2018-01-01 04:38 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2018-04-16 10:43 - 2018-01-01 04:38 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
      2018-04-16 10:43 - 2018-01-01 04:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
      2018-04-16 10:43 - 2018-01-01 04:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
      2018-04-16 10:43 - 2018-01-01 04:36 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-04-16 10:43 - 2018-01-01 04:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-04-16 10:43 - 2018-01-01 04:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2018-04-16 10:43 - 2018-01-01 04:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2018-04-16 10:43 - 2017-12-05 20:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2018-04-16 10:43 - 2017-12-05 18:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
      2018-04-16 10:43 - 2017-12-05 18:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2018-04-14 17:05 - 2018-04-15 21:31 - 000003238 _____ C:\Users\IvailoCOMP\Desktop\Стражева Кула 14.04.2018.txt
      2018-04-14 14:36 - 2016-06-18 07:13 - 039293587 ____N C:\Users\IvailoCOMP\Desktop\MPS-temi.pdf
      2018-04-11 21:09 - 2018-04-15 22:57 - 000000340 _____ C:\Users\IvailoCOMP\Desktop\Програма за четене на Библията.txt
      2018-04-11 20:05 - 2018-04-11 20:05 - 000724759 _____ C:\Users\IvailoCOMP\Desktop\sbr_BL.pdf
      2018-04-11 02:08 - 2018-03-14 20:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-04-11 02:08 - 2018-03-14 20:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-04-11 02:08 - 2018-03-14 16:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-04-11 02:08 - 2018-03-14 16:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2018-04-09 21:55 - 2018-04-09 21:55 - 000003743 _____ C:\Users\IvailoCOMP\Desktop\Ще бъде ли тя добра съпруга.txt
      2018-04-01 23:39 - 2018-04-01 23:39 - 010353227 _____ C:\Users\IvailoCOMP\Desktop\yp2_BL.pdf
      2018-03-23 22:10 - 2018-03-23 22:10 - 002276028 _____ C:\Users\IvailoCOMP\Desktop\Илиянка.rar
      2018-03-23 22:02 - 2018-03-23 22:14 - 000000000 ____D C:\Users\IvailoCOMP\Desktop\Илиянка
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-04-18 19:00 - 2010-11-21 00:01 - 000785704 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-04-18 19:00 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
      2018-04-18 18:57 - 2016-11-18 12:35 - 000000000 ____D C:\Users\IvailoCOMP\AppData\LocalLow\Mozilla
      2018-04-18 18:51 - 2013-11-21 16:12 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-04-18 18:51 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-04-18 18:06 - 2014-10-30 10:05 - 000000000 ____D C:\Windows\pss
      2018-04-18 17:58 - 2017-11-23 09:54 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\LogMeIn Hamachi
      2018-04-18 10:38 - 2013-11-21 16:17 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\BitComet
      2018-04-18 10:34 - 2013-11-21 16:05 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\Ashampoo
      2018-04-18 10:34 - 2013-11-21 16:05 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\Ashampoo
      2018-04-18 10:32 - 2013-11-21 16:00 - 000000000 ____D C:\Program Files\Ashampoo
      2018-04-18 10:19 - 2013-11-22 16:19 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\DAEMON Tools Lite
      2018-04-18 01:15 - 2009-07-14 07:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-04-18 01:15 - 2009-07-14 07:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-04-18 01:09 - 2013-12-23 20:48 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\Skype
      2018-04-17 23:11 - 2016-02-29 01:23 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Local\CrashDumps
      2018-04-17 10:17 - 2009-07-14 07:33 - 000452024 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-04-17 10:13 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\PolicyDefinitions
      2018-04-16 22:13 - 2013-11-21 17:15 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\vlc
      2018-04-15 10:51 - 2013-11-21 16:04 - 000000000 ____D C:\Windows\system32\Macromed
      2018-04-12 19:52 - 2016-07-07 19:51 - 000000000 ____D C:\Program Files\Common Files\Overwolf
      2018-04-12 19:52 - 2013-12-14 11:50 - 000000000 ____D C:\Program Files\Overwolf
      2018-04-12 01:04 - 2014-12-11 09:05 - 000000000 ____D C:\Windows\system32\appraiser
      2018-04-11 11:04 - 2017-07-31 12:21 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2018-04-11 11:04 - 2017-07-31 12:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2018-04-11 03:13 - 2014-07-15 11:08 - 000000000 ____D C:\Windows\system32\MRT
      2018-04-11 03:06 - 2017-10-11 01:18 - 133987696 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2018-04-11 03:06 - 2014-07-15 11:08 - 133987696 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2018-04-08 17:50 - 2018-03-01 23:22 - 000000000 ____D C:\Users\IvailoCOMP\AppData\Roaming\.minecraft
      2018-03-29 09:46 - 2013-12-21 10:14 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2018-03-28 11:20 - 2016-11-16 21:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-03-26 12:53 - 2018-02-26 10:26 - 000000000 ____D C:\Users\IvailoCOMP\Desktop\Songs
      ==================== Files in the root of some directories =======
      2016-03-26 15:29 - 2016-03-28 23:17 - 000000646 _____ () C:\Users\IvailoCOMP\AppData\Roaming\MPQEditor.ini
      2013-11-21 17:59 - 2017-11-03 12:59 - 000007599 _____ () C:\Users\IvailoCOMP\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2017-09-29 10:49 - 2017-10-30 16:41 - 000000000 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\88653d972532a3bfb1eacaae78f1f650.dll
      2017-09-29 10:49 - 2017-10-30 14:33 - 000000088 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\a4c3de51ada6927383f066bdc8c54e16.dll
      2018-04-08 08:12 - 2018-04-08 08:12 - 058834376 _____ (Skype Technologies S.A.) C:\Users\IvailoCOMP\AppData\Local\Temp\SkypeSetup.exe
      2018-03-01 23:34 - 2018-03-01 23:23 - 000069259 _____ () C:\Users\IvailoCOMP\AppData\Local\Temp\Uninstall.exe
      2017-08-13 10:55 - 2017-08-13 10:55 - 000750560 _____ (adaware) C:\Users\IvailoCOMP\AppData\Local\Temp\WCU002.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2016-05-09 08:13
      ==================== End of FRST.txt ============================
      Addition.txt
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.