Премини към съдържанието

Препоръчан отговор


Здравейте,

тази вечер забелязах забавяне на системата при стартиране на компютъра.

При стартиране на нормална работна среда има забиване на системата.

При стартиране на safe mode или safe mode + интернет не се среща такъв проблем.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by user (administrator) on USER-PC (11-05-2016 22:09:53)
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3849011558-3927431654-3692068202-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3849011558-3927431654-3692068202-1000\...\Run: [Viber] => C:\Users\user\AppData\Local\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.à r.l.)
HKU\S-1-5-21-3849011558-3927431654-3692068202-1000\...\MountPoints2: {e0efaae7-c914-11e5-998e-20689dd0ed57} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84993C68-F20F-4785-8906-9E7F63627D86}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3849011558-3927431654-3692068202-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.ru/?win=218&clid=2256588
SearchScopes: HKU\S-1-5-21-3849011558-3927431654-3692068202-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/search/?win=218&clid=2256589&text={searchTerms}
SearchScopes: HKU\S-1-5-21-3849011558-3927431654-3692068202-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/search/?win=218&clid=2256589&text={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: Яндекс
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\user.js [2015-02-01]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\searchplugins\avg-secure-search.xml [2014-10-21]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\searchplugins\firefox-add-ons.xml [2015-06-04]
FF Extension: Firebug - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: SHOUTcast Radio Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\Extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489} [2016-02-01] [not signed]
FF Extension: Video DownloadHelper - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-09]
FF Extension: NeoBux AdAlert - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2016-04-17]
FF Extension: HackBar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yary11ez.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2016-04-27]

Chrome: 
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Презентации) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-02]
CHR Extension: (Google Документи) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-02]
CHR Extension: (Google Диск) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Google Търсене) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (FB Pixel Helper) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2016-02-02]
CHR Extension: (Електронни таблици от Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-02]
CHR Extension: (Google Документи офлайн) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-02]
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehngeifmelphpllncobkmimphfkckne] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [geidjeefddhgefeplhdlegoldlgiodon] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [necfmkplpminfjagblfabggomdpaakan] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7031056 2016-05-02] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-11 22:09 - 2016-05-11 22:10 - 00011883 _____ C:\Users\user\Downloads\FRST.txt
2016-05-11 22:09 - 2016-05-11 22:09 - 02381312 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2016-05-11 22:09 - 2016-05-11 22:09 - 00000000 ____D C:\FRST
2016-05-11 19:05 - 2016-05-11 19:04 - 06521650 _____ C:\Users\user\Desktop\video.avi
2016-05-10 22:19 - 2016-05-10 22:19 - 00175308 _____ C:\Users\user\Downloads\vo_4kl_math_10.05.2016.pdf
2016-05-10 20:30 - 2016-05-10 20:30 - 00316363 _____ C:\Users\user\Downloads\Pyramid 100x450mm.zip
2016-05-10 20:29 - 2016-05-10 20:29 - 00141051 _____ C:\Users\user\Downloads\businesscard_50x90mm.cdr.zip
2016-05-09 23:10 - 2016-05-09 23:10 - 01229119 _____ C:\Users\user\Desktop\srnew.php.xml
2016-05-09 18:31 - 2016-05-09 18:31 - 06513888 _____ (Tim Kosse) C:\Users\user\Downloads\FileZilla_3.17.0.1_win64-setup.exe
2016-05-08 22:17 - 2016-05-08 22:17 - 04359333 _____ C:\Users\user\Downloads\Microsoft_Security_Intelligence_Report_Volume_20_English.pdf
2016-05-08 16:32 - 2016-05-08 16:32 - 00005994 _____ C:\Users\user\Downloads\ready.php
2016-05-08 16:32 - 2016-05-08 16:32 - 00005994 _____ C:\Users\user\Desktop\ready.php
2016-05-08 15:30 - 2016-05-08 15:37 - 00006511 _____ C:\Users\user\Desktop\phprespect.php
2016-05-08 14:09 - 2016-05-08 14:09 - 00002093 _____ C:\Users\user\sport83.php
2016-05-07 23:55 - 2016-05-08 00:19 - 00002051 _____ C:\Users\user\Desktop\sportrespect-developer.php
2016-05-07 23:45 - 2016-05-07 23:45 - 00066854 _____ C:\Users\user\Desktop\sportrespect-developer.php.xml
2016-05-07 20:30 - 2016-05-07 20:31 - 00000000 ____D C:\Users\user\Desktop\эоаэ
2016-05-07 20:04 - 2016-05-07 20:04 - 01365118 _____ C:\Users\user\Desktop\products (9).csv
2016-05-07 13:02 - 2016-05-07 13:02 - 00000000 ____D C:\Users\user\Desktop\иоиои
2016-05-06 11:07 - 2016-05-08 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 19:06 - 2016-05-05 19:06 - 00016347 _____ C:\Users\user\Downloads\vqmod-2.6.1.ocmod.zip
2016-05-05 19:05 - 2016-05-05 19:05 - 00160185 _____ C:\Users\user\Downloads\1.5.x.zip
2016-05-05 15:05 - 2016-05-05 15:06 - 08078266 _____ C:\Users\user\Downloads\opencart-1.5.5.1.zip
2016-05-03 19:58 - 2016-05-03 19:58 - 00000000 ____D C:\Users\user\Documents\Incomedia
2016-05-03 19:55 - 2016-05-03 19:55 - 00000000 ____D C:\Users\user\AppData\Local\Incomedia
2016-05-03 19:54 - 2016-05-05 18:24 - 00764746 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-05-03 19:48 - 2016-05-03 19:49 - 01945120 _____ (Incomedia s.r.l. ) C:\Users\user\Downloads\wsx5_ev_demo_icmdemo12en.exe
2016-05-02 18:32 - 2016-05-02 18:33 - 08210505 _____ C:\Users\user\Downloads\wordpress-4.4.1-bg_BG.zip
2016-05-01 23:36 - 2016-05-01 23:36 - 00028602 _____ C:\Users\user\Downloads\2016-05-01T07-51 Transaction #981339211981099-1891761.pdf
2016-05-01 18:07 - 2016-05-01 18:07 - 00124409 _____ C:\Users\user\Desktop\bootstrap.min.css
2016-05-01 00:56 - 2016-05-01 00:56 - 00082606 _____ C:\Users\user\Downloads\Analytics All Web Site Data Audience Overview 20131201-20160429.pdf
2016-04-30 22:36 - 2016-04-30 22:36 - 06702785 _____ C:\Users\user\Downloads\codecanyon-12744044-chat-plus-pro(1).zip
2016-04-29 13:23 - 2016-04-29 13:25 - 00000000 ____D C:\Users\user\Desktop\OPEN CART V2
2016-04-29 13:21 - 2016-04-29 13:27 - 00000000 ____D C:\Users\user\Desktop\XML IMPORT PRO
2016-04-29 13:19 - 2016-04-29 13:20 - 00000000 ____D C:\Users\user\Desktop\tiptop.bg
2016-04-28 16:19 - 2016-04-28 16:19 - 59972279 _____ C:\Users\user\Downloads\documents-export-2016-04-28.zip
2016-04-28 16:18 - 2016-04-28 17:16 - 00000000 ____D C:\Users\user\Desktop\alex
2016-04-26 20:20 - 2016-04-26 20:20 - 00007290 _____ C:\Users\user\cart.tpl
2016-04-25 23:27 - 2016-04-25 23:27 - 00015486 _____ C:\Users\user\category.php
2016-04-25 18:45 - 2016-04-25 18:45 - 00110552 _____ C:\Users\user\Downloads\excelport_old.rovibg.com_2016-04-25_18-45-27.zip
2016-04-25 18:36 - 2016-04-25 18:36 - 02224623 _____ C:\Users\user\Downloads\rovizpmn_newrovibg.sql
2016-04-24 13:31 - 2016-04-24 13:31 - 00142778 _____ C:\Users\user\Downloads\certificate(2).pdf
2016-04-24 12:23 - 2016-04-24 12:23 - 00591843 _____ C:\Users\user\Downloads\font-awesome-4.6.1.zip
2016-04-23 23:25 - 2016-04-23 23:25 - 06522120 _____ (Tim Kosse) C:\Users\user\Downloads\FileZilla_3.17.0_win64-setup.exe
2016-04-22 16:38 - 2016-04-22 16:38 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-22 16:38 - 2016-04-22 16:38 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-22 16:36 - 2016-04-22 22:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-22 16:36 - 2016-04-22 16:36 - 05139176 _____ (AVAST Software) C:\Users\user\Downloads\avast_pro_antivirus_setup_online.exe
2016-04-21 18:36 - 2016-04-21 18:36 - 11834306 _____ C:\Users\user\Downloads\tiptbrtb_tiptop_base_2016-04-21_18-36-17_backup.sql
2016-04-19 22:45 - 2016-04-19 22:45 - 00000000 ____D C:\Users\user\AppData\Local\Viber
2016-04-17 18:42 - 2016-04-17 18:42 - 00220220 _____ C:\Users\user\Downloads\brainy-filter-ultimate-5.0.4-oc2.ocmod.zip
2016-04-14 20:00 - 2016-04-14 20:00 - 00160356 _____ C:\Users\user\Downloads\2.x(2).zip
2016-04-14 19:58 - 2016-04-14 19:58 - 11551848 _____ C:\Users\user\Downloads\opencart-2.0.3.1(2).zip
2016-04-13 20:39 - 2016-03-29 20:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 20:39 - 2016-03-18 02:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 20:39 - 2016-03-18 02:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 20:39 - 2016-03-18 02:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 20:39 - 2016-03-18 02:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 20:39 - 2016-03-18 02:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 20:39 - 2016-03-18 02:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 20:39 - 2016-03-18 01:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 20:39 - 2016-03-18 01:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 20:39 - 2016-03-18 01:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 20:39 - 2016-03-18 01:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 20:39 - 2016-03-18 01:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 20:39 - 2016-03-18 01:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 20:39 - 2016-03-18 01:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 20:39 - 2016-03-18 01:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 20:39 - 2016-03-18 01:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 20:39 - 2016-03-18 01:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 20:39 - 2016-03-18 01:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 20:39 - 2016-03-18 01:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 20:39 - 2016-03-18 01:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 20:39 - 2016-03-18 01:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 20:39 - 2016-03-18 01:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 20:39 - 2016-03-18 01:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 20:39 - 2016-03-18 01:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 20:39 - 2016-03-18 01:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 20:39 - 2016-03-18 01:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 20:39 - 2016-03-18 01:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 20:39 - 2016-03-18 01:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 20:39 - 2016-03-18 01:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 20:39 - 2016-03-18 01:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 20:39 - 2016-03-18 01:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 20:39 - 2016-03-18 01:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 20:39 - 2016-03-18 01:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 20:39 - 2016-03-18 01:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 20:39 - 2016-03-18 01:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 20:39 - 2016-03-18 01:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 20:39 - 2016-03-18 01:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 20:39 - 2016-03-18 01:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 20:39 - 2016-03-18 01:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 20:39 - 2016-03-18 01:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 20:39 - 2016-03-18 01:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 20:39 - 2016-03-18 01:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 20:39 - 2016-03-18 01:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 20:39 - 2016-03-18 01:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 01:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 00:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 20:39 - 2016-03-18 00:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 20:39 - 2016-03-18 00:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 20:39 - 2016-03-18 00:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 20:39 - 2016-03-18 00:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 20:39 - 2016-03-18 00:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 20:39 - 2016-03-18 00:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 20:39 - 2016-03-18 00:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 20:39 - 2016-03-18 00:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 20:39 - 2016-03-18 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 20:39 - 2016-03-18 00:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 20:39 - 2016-03-18 00:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 20:39 - 2016-03-18 00:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 20:39 - 2016-03-18 00:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 20:39 - 2016-03-18 00:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 20:39 - 2016-03-18 00:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 20:39 - 2016-03-18 00:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 20:39 - 2016-03-18 00:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 00:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 00:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 20:39 - 2016-03-18 00:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 20:39 - 2016-03-16 03:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 20:39 - 2016-03-16 03:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 20:39 - 2016-03-16 02:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 20:39 - 2016-03-11 21:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 20:39 - 2016-03-11 21:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-13 20:39 - 2016-03-06 21:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 20:39 - 2016-03-06 21:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 20:39 - 2016-03-06 21:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 20:39 - 2016-03-06 21:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 19:17 - 2016-05-11 19:34 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1454353088
2016-04-12 19:00 - 2016-05-11 20:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-12 19:00 - 2016-04-12 19:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-11 16:48 - 2016-04-11 16:48 - 00091892 _____ C:\Users\user\Downloads\570bab3e021f5.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-11 22:00 - 2016-02-04 12:38 - 00741328 _____ C:\Windows\ntbtlog.txt
2016-05-11 21:58 - 2016-02-04 17:07 - 00000000 ____D C:\Users\user\AppData\Roaming\ViberPC
2016-05-11 21:56 - 2016-02-01 21:58 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-11 21:55 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 20:57 - 2016-02-01 22:12 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2016-05-11 20:45 - 2009-07-14 07:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-11 20:45 - 2009-07-14 07:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-11 19:34 - 2016-02-01 21:58 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-11 19:31 - 2016-02-04 17:08 - 00000000 ____D C:\Users\user\Documents\ViberDownloads
2016-05-11 19:16 - 2016-02-01 21:58 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-11 19:10 - 2016-02-01 22:37 - 00000000 ____D C:\Users\user\AppData\Roaming\FileZilla
2016-05-11 19:08 - 2016-02-01 23:23 - 00000386 _____ C:\Windows\Tasks\update-sys.job
2016-05-11 19:04 - 2016-04-02 22:15 - 00003584 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-11 18:12 - 2016-02-01 23:23 - 00000386 _____ C:\Windows\Tasks\update-S-1-5-21-3849011558-3927431654-3692068202-1000.job
2016-05-11 18:11 - 2016-02-01 21:58 - 00003994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 18:11 - 2016-02-01 21:58 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 17:59 - 2016-02-03 13:50 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2016-05-09 23:22 - 2016-03-03 16:09 - 00000000 ____D C:\Users\user\Desktop\училище
2016-05-09 23:07 - 2016-03-08 23:52 - 00001643 _____ C:\Users\user\Desktop\Нов текстов документ.txt
2016-05-09 22:51 - 2016-02-01 21:59 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-09 22:51 - 2016-02-01 21:59 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-05-09 22:51 - 2016-02-01 21:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-08 22:18 - 2016-02-22 23:39 - 00000000 ____D C:\Users\user\Desktop\VIP KLUKI
2016-05-08 19:52 - 2009-07-14 08:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-08 19:52 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-05-08 12:17 - 2016-02-01 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 21:08 - 2016-02-03 15:55 - 00000132 _____ C:\Users\user\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-05-07 20:38 - 2016-02-20 14:07 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2016-05-06 09:52 - 2009-07-14 08:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-03 19:26 - 2016-02-01 21:59 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 19:26 - 2016-02-01 21:59 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-01 00:05 - 2016-02-03 17:06 - 00000000 ____D C:\Users\user\Documents\LiveZilla
2016-04-29 13:20 - 2016-02-02 10:50 - 00000000 ____D C:\Users\user\Desktop\SOFT PROJETCS
2016-04-29 13:19 - 2016-02-26 19:03 - 00000000 ____D C:\Users\user\Desktop\TOPSPORTBG
2016-04-28 14:04 - 2016-02-01 22:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-28 14:04 - 2016-02-01 22:00 - 00000000 ____D C:\ProgramData\Skype
2016-04-25 22:48 - 2016-03-28 17:29 - 00000000 ____D C:\Users\user\Desktop\S4 СНИМКИ
2016-04-24 11:45 - 2016-02-01 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-04-24 11:45 - 2016-02-01 21:59 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-04-21 15:05 - 2010-11-21 06:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-15 15:18 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2016-04-15 14:19 - 2009-07-14 07:45 - 06721504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 00:14 - 2016-03-08 00:36 - 00002155 _____ C:\Users\user\backup.php
2016-04-13 21:08 - 2016-02-06 03:41 - 00000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2016-04-12 20:46 - 2016-02-05 20:17 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2016-04-12 19:03 - 2016-02-03 14:19 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-12 19:03 - 2016-02-03 14:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-04-04 16:37 - 2016-04-04 16:37 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe GIF Format CS6 Prefs
2016-02-03 15:55 - 2016-05-07 21:08 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-02-04 17:45 - 2016-03-14 22:20 - 0000034 _____ () C:\Users\user\AppData\Roaming\AdobeWLCMCache.dat
2016-02-21 19:04 - 2016-02-21 19:04 - 0001456 _____ () C:\Users\user\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-04-02 22:15 - 2016-05-11 19:04 - 0003584 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-01 23:23 - 2016-02-01 23:23 - 0000003 _____ () C:\Users\user\AppData\Local\updater.log
2016-02-01 23:23 - 2016-02-01 23:23 - 0000424 _____ () C:\Users\user\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\ChangeIcon.exe
C:\Users\user\AppData\Local\Temp\npp.6.9.Installer.exe
C:\Users\user\AppData\Local\Temp\ose00000.exe
C:\Users\user\AppData\Local\Temp\ose00002.exe
C:\Users\user\AppData\Local\Temp\SkypeSetup.exe
C:\Users\user\AppData\Local\Temp\xmlUpdater.exe
C:\Users\user\AppData\Local\Temp\YandexWorking.exe
C:\Users\user\AppData\Local\Temp\_is692E.exe
C:\Users\user\AppData\Local\Temp\_isA302.exe
C:\Users\user\AppData\Local\Temp\{689ED75C-79E6-49C0-8586-3585D8FD683E}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-28 15:02

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Темата се разглежда при закрити врати и затова тази се затваря!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Гост
Тази тема е заключена за нови отговори.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.