Премини към съдържанието

Препоръчан отговор


Здравейте, чисто профилактично да проверим една машина.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2017 01
Ran by Sky (administrator) on DESKTOP-G4GAL17 (07-06-2017 22:05:35)
Running from C:\Users\Sky\Desktop
Loaded Profiles: Sky (Available Profiles: defaultuser0 & Sky)
Platform: Windows 10 Pro Version 1703 (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Martin Prikryl) C:\Program Files (x86)\WinSCP\WinSCP.exe
(Igor Pavlov) C:\Program Files\7-Zip\7zFM.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Igor Pavlov) C:\Program Files\7-Zip\7zFM.exe
(Igor Pavlov) C:\Program Files\7-Zip\7zFM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3133699863-1747198217-2106128863-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-3133699863-1747198217-2106128863-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)
SSODL: EldosMountNotificator-cbfs6 - {72E8403D-D308-4D4B-A86A-E83722030995} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {72E8403D-D308-4D4B-A86A-E83722030995} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {BA14C6AF-BE8F-478F-9F94-675AA00F6BCD} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {BA14C6AF-BE8F-478F-9F94-675AA00F6BCD} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 79.124.55.249 shop.ecomaat.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5d94b0b9-65c0-4c8c-b5cf-989e87f3acba}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9c2f4272-7355-4e72-a93a-12223f88e478}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3133699863-1747198217-2106128863-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp

FireFox:
========
FF DefaultProfile: 0kkm5a7t.default
FF ProfilePath: C:\Users\Sky\AppData\Roaming\Mozilla\Firefox\Profiles\0kkm5a7t.default [2017-06-03]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default [2017-06-07]
CHR Extension: (Google Презентации) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-31]
CHR Extension: (Google Документи) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-31]
CHR Extension: (Google Диск) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-31]
CHR Extension: (YouTube) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-31]
CHR Extension: (uBlock Origin) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-05-19]
CHR Extension: (Електронни таблици от Google) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-31]
CHR Extension: (Google Документи офлайн) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-31]
CHR Extension: (Wappalyzer) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2017-05-27]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Stylebot) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2016-12-31]
CHR Extension: (Gmail) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-01-16] (Advanced Micro Devices)
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-12-31] (REALiX(tm))
R1 MpKsla9440cb4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4BBF086-3697-4832-B98D-F4EF9A74EA55}\MpKsla9440cb4.sys [44928 2017-06-02] (Microsoft Corporation)
R1 MpKslfd69167c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F47C57D9-604D-4A04-9599-49566C55ED50}\MpKslfd69167c.sys [44928 2017-06-07] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-05-27] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-09] (/n software, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-07 22:05 - 2017-06-07 22:05 - 00011297 _____ C:\Users\Sky\Desktop\FRST.txt
2017-06-07 22:05 - 2017-06-07 22:05 - 00000000 ____D C:\FRST
2017-06-07 22:05 - 2017-06-07 22:04 - 02435072 _____ (Farbar) C:\Users\Sky\Desktop\FRST64.exe
2017-06-07 22:04 - 2017-06-07 22:04 - 02435072 _____ (Farbar) C:\Users\Sky\Downloads\FRST64.exe
2017-06-07 16:35 - 2017-06-07 16:35 - 01046743 _____ C:\Users\Sky\Downloads\wphn_posts.sql
2017-06-07 15:55 - 2017-06-07 15:55 - 04183304 _____ C:\Users\Sky\Downloads\mts_best.zip
2017-06-07 14:45 - 2017-06-07 14:45 - 00000000 ____D C:\Users\Sky\Desktop\js
2017-06-07 08:36 - 2017-06-07 08:36 - 04655002 _____ C:\Users\Sky\Downloads\tokscsol_test (2).sql
2017-06-07 08:16 - 2017-06-07 10:07 - 00000000 ____D C:\Users\Sky\Desktop\Нова папка
2017-06-06 20:25 - 2017-06-06 20:25 - 00000000 ____D C:\Users\Sky\Desktop\boldial
2017-06-06 20:24 - 2017-06-06 20:32 - 00000000 ____D C:\Users\Sky\Desktop\ishyoboy-boldial-assets
2017-06-06 20:12 - 2017-06-06 20:12 - 11069117 _____ C:\Users\Sky\Downloads\theme.zip
2017-06-06 17:48 - 2017-06-06 17:47 - 00947033 _____ C:\Users\Sky\Desktop\product (2).sql
2017-06-06 17:47 - 2017-06-06 17:47 - 00947033 _____ C:\Users\Sky\Downloads\product (2).sql
2017-06-06 17:25 - 2017-06-06 17:25 - 00017594 _____ C:\Users\Sky\Downloads\export-sample (1).xlsx
2017-06-06 17:21 - 2017-06-06 17:21 - 00022450 _____ C:\Users\Sky\Downloads\product-1.sql
2017-06-06 17:20 - 2017-06-06 17:20 - 00022450 _____ C:\Users\Sky\Downloads\product (1).sql
2017-06-06 17:19 - 2017-06-06 17:19 - 00017594 _____ C:\Users\Sky\Downloads\export-sample.xlsx
2017-06-06 17:10 - 2017-06-06 17:10 - 02840464 _____ C:\Users\Sky\Desktop\index.xml
2017-06-06 15:26 - 2017-06-06 15:26 - 00000000 ____D C:\Users\Sky\Desktop\Documentation
2017-06-06 13:24 - 2017-06-06 13:24 - 08662578 _____ C:\Users\Sky\Downloads\tokscsol_test (1).sql
2017-06-06 13:23 - 2017-06-06 13:23 - 31475006 _____ C:\Users\Sky\Downloads\img.zip
2017-06-06 13:13 - 2017-06-06 13:13 - 08190524 _____ C:\Users\Sky\Downloads\imapsbg1_ocar222 (2).sql
2017-06-06 07:59 - 2017-06-05 21:32 - 00000279 _____ C:\Users\Sky\Desktop\index.php
2017-06-06 07:59 - 2017-06-05 21:27 - 00003793 _____ C:\Users\Sky\Desktop\feed.php
2017-06-05 21:24 - 2017-06-05 21:24 - 00001458 _____ C:\Users\Sky\Downloads\oc_product_to_category.sql
2017-06-05 21:16 - 2017-06-05 21:16 - 00001294 _____ C:\Users\Sky\Downloads\oc_product_to_store.sql
2017-06-05 20:44 - 2017-06-05 20:44 - 08566906 _____ C:\Users\Sky\Downloads\tokscsol_test.sql
2017-06-05 19:54 - 2017-06-05 19:54 - 00760740 _____ C:\Users\Sky\Desktop\XML Import 1.1.rar
2017-06-05 19:41 - 2017-06-05 19:41 - 00001553 _____ C:\Users\Sky\Downloads\template_data.xml
2017-06-05 19:41 - 2017-06-05 19:41 - 00001553 _____ C:\Users\Sky\Downloads\template_data (1).xml
2017-06-05 16:32 - 2017-06-05 16:32 - 08163075 _____ C:\Users\Sky\Downloads\imapsbg1_ocar222 (1).sql
2017-06-05 16:31 - 2017-06-05 16:31 - 08163075 _____ C:\Users\Sky\Downloads\imapsbg1_ocar222.sql
2017-06-05 16:24 - 2017-06-05 16:24 - 00001954 _____ C:\Users\Sky\Downloads\oc_product_option_value.sql
2017-06-05 16:22 - 2017-06-05 16:22 - 00001444 _____ C:\Users\Sky\Downloads\oc_product_option.sql
2017-06-05 16:19 - 2017-06-05 16:19 - 00001402 _____ C:\Users\Sky\Downloads\oc_option_value.sql
2017-06-05 16:15 - 2017-06-05 16:15 - 00001448 _____ C:\Users\Sky\Downloads\oc_option_value_description.sql
2017-06-05 14:43 - 2017-06-05 14:43 - 00003067 _____ C:\Users\Sky\Downloads\oc_product.sql
2017-06-05 14:40 - 2017-06-05 14:40 - 00001783 _____ C:\Users\Sky\Downloads\oc_product_description.sql
2017-06-05 14:37 - 2017-06-05 14:37 - 00001554 _____ C:\Users\Sky\Downloads\oc_product_image.sql
2017-06-05 14:19 - 2017-06-05 14:19 - 00000000 ____D C:\Users\Sky\Desktop\img
2017-06-05 12:43 - 2017-06-05 12:43 - 00018736 _____ C:\Users\Sky\Downloads\products-2017-06-05 (1).xlsx
2017-06-05 12:31 - 2017-06-05 12:31 - 00001257 _____ C:\Users\Sky\Downloads\products-2017-06-05.csv
2017-06-05 12:26 - 2017-06-05 12:26 - 00018736 _____ C:\Users\Sky\Downloads\products-2017-06-05.xlsx
2017-06-05 12:09 - 2017-06-06 06:43 - 00013527 _____ C:\Users\Sky\Desktop\kidz.bg-cats.csv
2017-06-05 11:58 - 2017-06-05 12:08 - 00006240 _____ C:\Users\Sky\Downloads\categories-2017-05-10.csv
2017-06-05 11:55 - 2017-06-05 11:55 - 00002056 _____ C:\Users\Sky\Downloads\oc_category.sql
2017-06-05 11:53 - 2017-06-05 11:54 - 00014321 _____ C:\Users\Sky\Downloads\categories-2017-05-10 (2).xlsx
2017-06-05 09:06 - 2017-06-05 09:06 - 00009366 _____ C:\Users\Sky\Downloads\options-2017-05-18.xlsx
2017-06-05 07:58 - 2017-06-05 07:58 - 00014321 _____ C:\Users\Sky\Downloads\categories-2017-05-10 (1).xlsx
2017-06-05 06:38 - 2017-06-05 06:38 - 05067685 _____ C:\Users\Sky\Downloads\product.sql
2017-06-05 06:22 - 2017-06-05 06:22 - 00004222 _____ C:\Users\Sky\Downloads\custom-thankyou.zip
2017-06-05 05:27 - 2017-06-05 05:27 - 00183464 _____ C:\Users\Sky\Downloads\links.sql
2017-06-05 04:41 - 2017-06-05 04:42 - 01643810 _____ C:\Users\Sky\Downloads\asc.zip
2017-06-05 04:30 - 2017-06-05 04:30 - 00054882 _____ C:\Users\Sky\Downloads\simple_html_dom.php
2017-06-04 08:59 - 2017-06-04 08:59 - 03111769 _____ C:\Users\Sky\Downloads\codecanyon-15487703-project-security-website-security-antivirus-firewall-file-and-license.zip
2017-06-03 07:25 - 2017-06-03 07:26 - 00000000 ____D C:\Users\Sky\Desktop\function
2017-06-01 23:40 - 2017-06-01 23:40 - 00000000 ____D C:\WINDOWS\Panther
2017-06-01 18:48 - 2017-06-01 19:00 - 482664876 _____ C:\Users\Sky\Downloads\l4d2_dead-before-dawn-extended_15922_v0_1.zip
2017-06-01 18:09 - 2017-06-01 18:12 - 147706284 _____ C:\Users\Sky\Downloads\l4d2_deadbeat_escape_2.1.zip
2017-06-01 18:08 - 2017-06-01 18:16 - 338628633 _____ C:\Users\Sky\Downloads\l4d2_dead_end_2.1.zip
2017-06-01 11:46 - 2017-06-01 11:46 - 00002589 _____ C:\Users\Sky\Downloads\mb_bans (3).sql
2017-06-01 11:42 - 2017-06-01 11:42 - 00002588 _____ C:\Users\Sky\Downloads\mb_bans (2).sql
2017-06-01 11:28 - 2017-06-01 11:28 - 00000006 _____ C:\Users\Sky\Downloads\mb_bans-player_name (3).bin
2017-06-01 11:28 - 2017-06-01 11:28 - 00000006 _____ C:\Users\Sky\Downloads\mb_bans-player_name (2).bin
2017-06-01 11:28 - 2017-06-01 11:28 - 00000005 _____ C:\Users\Sky\Desktop\mb_bans-player_name (3).bin
2017-06-01 10:27 - 2017-06-01 10:27 - 00003391 _____ C:\Users\Sky\Downloads\kuhnq.txt
2017-05-31 13:40 - 2017-05-31 13:40 - 00030348 _____ C:\Users\Sky\Downloads\product (1).php
2017-05-30 11:14 - 2017-05-30 11:14 - 00000220 _____ C:\Users\Sky\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
2017-05-30 09:40 - 2017-05-30 09:40 - 00039910 _____ C:\Users\Sky\Downloads\vq2-catalog_controller_product_product (1).php
2017-05-29 21:16 - 2017-05-29 21:16 - 00000000 ____D C:\Users\Sky\AppData\Roaming\NuGet
2017-05-29 21:16 - 2017-05-29 21:16 - 00000000 ____D C:\Users\Sky\AppData\Local\SymbolSourceSymbols
2017-05-29 21:16 - 2017-05-29 21:16 - 00000000 ____D C:\Users\Sky\AppData\Local\RefSrcSymbols
2017-05-29 21:14 - 2017-05-29 21:14 - 00000000 ____D C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
2017-05-29 21:13 - 2017-05-29 21:16 - 00000000 ____D C:\Users\Sky\AppData\Local\JetBrains
2017-05-29 21:13 - 2017-05-29 21:13 - 00754384 _____ (JetBrains) C:\Users\Sky\Downloads\JetBrains.dotPeek.2017.1.2.web.exe
2017-05-29 19:44 - 2017-05-29 19:44 - 00000000 ____D C:\Users\Sky\Desktop\jQuery-jSlots-master
2017-05-29 19:43 - 2017-05-29 19:43 - 00023766 _____ C:\Users\Sky\Downloads\jQuery-jSlots-master.zip
2017-05-29 16:32 - 2017-05-29 16:35 - 148193176 _____ C:\Users\Sky\Downloads\l4d2_drop_dead_gorges_2.1 (1).zip
2017-05-29 14:52 - 2017-05-29 14:54 - 92157291 _____ C:\Users\Sky\Downloads\l4d2_pitch_dark_mesa_4.zip
2017-05-29 11:50 - 2017-05-29 11:50 - 00000000 ____D C:\documents and settings
2017-05-29 11:19 - 2017-05-29 11:19 - 00000000 ____D C:\Users\Sky\AppData\Roaming\com.bigfatsimulations.airportmadnessworldedition
2017-05-29 10:16 - 2017-05-29 10:16 - 00039910 _____ C:\Users\Sky\Downloads\vq2-catalog_controller_product_product.php
2017-05-29 09:38 - 2017-05-29 09:38 - 00030348 _____ C:\Users\Sky\Downloads\product.php
2017-05-28 23:02 - 2017-05-28 23:02 - 00001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-28 22:59 - 2017-05-28 22:59 - 00019384 _____ C:\Users\Sky\Downloads\Winnetou.Der.Mythos.lebt.Part.1.2016.BDRip.x264.BGaudio-REFLUX.torrent
2017-05-28 22:59 - 2017-05-28 22:59 - 00000000 ____D C:\Users\Sky\Downloads\Winnetou.Der.Mythos.lebt.Part.1.2016.BDRip.x264.BGaudio-REFLUX
2017-05-28 22:58 - 2017-05-28 22:58 - 00015511 _____ C:\Users\Sky\Downloads\Winnetou.Der.Mythos.lebt.Part.2.2016.BDRip.x264.BGaudio-REFLUX.torrent
2017-05-28 22:58 - 2017-05-28 22:58 - 00000000 ____D C:\Users\Sky\Downloads\Winnetou.Der.Mythos.lebt.Part.2.2016.BDRip.x264.BGaudio-REFLUX
2017-05-28 22:56 - 2017-05-28 22:57 - 00000000 ____D C:\Users\Sky\Downloads\Journey.2.The.Mysterious.Island.2012.BDRip.XviD.BGAUDiO-SiSO
2017-05-28 22:56 - 2017-05-28 22:56 - 00014479 _____ C:\Users\Sky\Downloads\Journey.2.The.Mysterious.Island.2012.BDRip.XviD.BGAUDiO-SiSO.torrent
2017-05-28 22:56 - 2017-05-28 22:56 - 00014479 _____ C:\Users\Sky\Downloads\Journey.2.The.Mysterious.Island.2012.BDRip.XviD.BGAUDiO-SiSO (1).torrent
2017-05-28 13:16 - 2017-05-28 13:16 - 00001493 _____ C:\Users\Sky\Desktop\admins_simple.ini
2017-05-27 21:35 - 2017-05-27 21:49 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-05-27 21:35 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Sky\AppData\Roaming\Notepad++
2017-05-27 21:35 - 2017-05-27 21:35 - 02990616 _____ C:\Users\Sky\Downloads\npp.7.4.1.Installer.exe
2017-05-27 21:35 - 2017-05-27 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-05-27 18:29 - 2017-05-27 18:29 - 00223532 _____ C:\Users\Sky\Downloads\ColorPicker_bin_1_2.zip
2017-05-27 18:29 - 2017-05-27 18:29 - 00047695 _____ C:\Users\Sky\Downloads\ColorPicker_Delphi_source_1_2.7z
2017-05-27 18:21 - 2017-05-27 18:21 - 00114735 _____ C:\Users\Sky\Downloads\nppqcp-2.0 (1).zip
2017-05-27 18:20 - 2017-05-27 18:20 - 00114735 _____ C:\Users\Sky\Downloads\nppqcp-2.0.zip
2017-05-27 18:19 - 2017-05-27 18:19 - 00793245 _____ C:\Users\Sky\Downloads\ColorPicker_230_dll (1).zip
2017-05-27 18:13 - 2017-06-05 08:06 - 00000000 ____D C:\Users\Sky\Desktop\updater
2017-05-27 18:13 - 2017-06-02 16:22 - 00000000 ____D C:\Users\Sky\Desktop\plugins
2017-05-27 18:13 - 2017-05-27 18:13 - 00387656 _____ C:\Users\Sky\Downloads\PluginManager_v1.4.9_x64.zip
2017-05-27 18:11 - 2017-05-27 18:11 - 00290983 _____ C:\Users\Sky\Downloads\nppPluginManager-master.zip
2017-05-27 18:10 - 2017-05-27 18:10 - 00502687 _____ C:\Users\Sky\Downloads\PluginManager_1.0.8_UNI.zip
2017-05-27 18:07 - 2017-05-27 18:07 - 00793245 _____ C:\Users\Sky\Downloads\ColorPicker_230_dll.zip
2017-05-27 18:06 - 2017-05-27 18:06 - 00102223 _____ C:\Users\Sky\Downloads\AutoSave_dll_1v40.zip
2017-05-27 15:37 - 2017-05-27 15:37 - 01128386 _____ C:\Users\Sky\Downloads\native-ads-adnow.1.0.2.zip
2017-05-27 09:22 - 2017-05-27 09:22 - 00122880 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2017-05-26 19:22 - 2017-05-26 19:22 - 00000000 ____D C:\Users\Sky\Desktop\learnpress-woo-payment
2017-05-25 23:05 - 2017-05-25 23:05 - 13205631 _____ C:\Users\Sky\Downloads\primer.mp4
2017-05-25 16:47 - 2017-05-25 16:47 - 17345101 _____ C:\Users\Sky\Downloads\l4d2_kasumi---black-and-gold-(nick)_18505_v1_0.zip
2017-05-25 13:50 - 2017-05-25 13:50 - 01171246 _____ C:\Users\Sky\Downloads\solar.zip
2017-05-25 09:41 - 2017-05-25 09:41 - 00033476 _____ C:\Users\Sky\Downloads\AnimatedCheckboxes.zip
2017-05-24 20:34 - 2017-06-05 20:22 - 00005096 _____ C:\Users\Sky\Desktop\wp-config.php
2017-05-24 20:34 - 2017-05-24 20:34 - 00008418 _____ C:\Users\Sky\Downloads\wp-config (3).php
2017-05-24 19:55 - 2017-05-24 19:55 - 00011358 _____ C:\Users\Sky\Downloads\heartbeat-control.zip
2017-05-24 16:47 - 2017-05-24 16:47 - 14504609 _____ C:\Users\Sky\Downloads\timeline.json
2017-05-24 12:49 - 2017-06-05 20:46 - 00000000 ____D C:\Users\Sky\Desktop\SLAM
2017-05-24 12:49 - 2017-05-24 12:49 - 00428153 _____ C:\Users\Sky\Downloads\SLAM_v1.5.0.zip
2017-05-24 11:26 - 2017-05-24 11:26 - 00000041 _____ C:\Users\Sky\Downloads\GoldRadio.ogg.m3u
2017-05-24 11:21 - 2017-05-24 11:22 - 00000000 ____D C:\Users\Sky\Desktop\wp
2017-05-24 08:45 - 2017-05-24 08:45 - 132623109 _____ C:\Users\Sky\Desktop\wp.zip
2017-05-24 08:43 - 2017-05-24 08:43 - 132175076 _____ C:\Users\Sky\Downloads\wp.zip
2017-05-24 08:42 - 2017-05-24 08:42 - 02829348 _____ C:\Users\Sky\Downloads\wtngiizl_wp214.sql
2017-05-24 08:42 - 2017-05-24 08:42 - 02829348 _____ C:\Users\Sky\Desktop\wtngiizl_wp214.sql
2017-05-23 17:46 - 2017-05-23 17:50 - 121706433 _____ C:\Users\Sky\Downloads\l4d2_day_break_2.0.zip
2017-05-23 16:31 - 2017-05-23 16:31 - 00000000 ____D C:\Users\Sky\.QtWebEngineProcess
2017-05-23 16:31 - 2017-05-23 16:31 - 00000000 ____D C:\Users\Sky\.Origin
2017-05-23 16:30 - 2017-05-23 16:30 - 54857992 _____ (Electronic Arts) C:\Users\Sky\Downloads\OriginThinSetup.exe
2017-05-23 14:42 - 2017-05-23 14:49 - 148193176 _____ C:\Users\Sky\Downloads\l4d2_drop_dead_gorges_2.1.zip
2017-05-23 14:41 - 2017-05-23 14:52 - 302980360 _____ C:\Users\Sky\Downloads\l4d2_dark-wood_14120_v1_4.zip
2017-05-22 21:01 - 2017-05-22 21:01 - 00006151 _____ C:\Users\Sky\Downloads\link-localizer.zip
2017-05-22 16:40 - 2017-05-22 16:43 - 151001156 _____ C:\Users\Sky\Downloads\l4d2_dam_it_2__the_director_s_cut_1.6.zip
2017-05-22 16:39 - 2017-05-22 16:41 - 33227533 _____ C:\Users\Sky\Downloads\l4d2_crescendo_collision_0.1.zip
2017-05-22 16:30 - 2017-05-22 16:30 - 09740022 _____ C:\Users\Sky\Downloads\argos4.3.rar
2017-05-22 14:04 - 2017-05-22 14:04 - 00061884 _____ C:\Users\Sky\Downloads\bestazon.4.1.zip
2017-05-22 13:46 - 2017-05-22 13:46 - 00088772 _____ C:\Users\Sky\Downloads\tystats.sp
2017-05-22 13:43 - 2017-05-22 13:43 - 00040808 _____ C:\Users\Sky\Downloads\keyman.sp
2017-05-22 13:43 - 2017-05-22 13:43 - 00004998 _____ C:\Users\Sky\Downloads\antirejoin (1).sp
2017-05-22 13:40 - 2017-05-22 13:40 - 00009943 _____ C:\Users\Sky\Downloads\basechat.sp
2017-05-22 09:13 - 2017-05-22 09:13 - 00220801 _____ C:\Users\Sky\Downloads\supercoop.sp
2017-05-22 08:31 - 2017-05-22 08:31 - 00016332 _____ C:\Users\Sky\Downloads\basebans_sql.sp
2017-05-22 08:27 - 2017-05-31 16:29 - 00000102 ____H C:\Users\Sky\Desktop\compile.dat
2017-05-22 08:27 - 2017-05-22 08:27 - 00345600 _____ ((C)1998-2006 ITB CompuPhase, AlliedModders LLC) C:\Users\Sky\Downloads\spcomp.exe
2017-05-22 08:27 - 2017-05-22 08:27 - 00345600 _____ ((C)1998-2006 ITB CompuPhase, AlliedModders LLC) C:\Users\Sky\Desktop\spcomp.exe
2017-05-22 08:27 - 2017-05-22 08:27 - 00000000 ____D C:\Users\Sky\Desktop\compiled
2017-05-22 08:26 - 2017-05-22 08:26 - 00113664 _____ C:\Users\Sky\Downloads\compile.exe
2017-05-22 08:26 - 2017-05-22 08:26 - 00113664 _____ C:\Users\Sky\Desktop\compile.exe
2017-05-22 08:01 - 2017-05-22 08:01 - 00012112 _____ C:\Users\Sky\Downloads\mb_bans (1).sql
2017-05-22 07:42 - 2017-05-22 07:42 - 00001452 _____ C:\Users\Sky\Downloads\sm_unban.sql
2017-05-22 07:35 - 2017-05-22 07:35 - 00011808 _____ C:\Users\Sky\Downloads\mb_bans.sql
2017-05-22 07:26 - 2017-06-07 21:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-22 07:26 - 2017-05-22 08:47 - 00016146 _____ C:\Users\Sky\Desktop\basebans_sql.sp
2017-05-22 07:26 - 2017-05-22 07:26 - 01446792 _____ C:\Users\Sky\Downloads\SteamSetup.exe
2017-05-22 07:26 - 2017-05-22 07:26 - 00001036 _____ C:\Users\Public\Desktop\Steam.lnk
2017-05-22 07:26 - 2017-05-22 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-22 07:25 - 2017-05-22 07:25 - 00004998 _____ C:\Users\Sky\Downloads\antirejoin.sp
2017-05-22 07:16 - 2017-05-22 07:17 - 07754760 _____ (Sublime HQ Pty Ltd ) C:\Users\Sky\Downloads\Sublime Text Build 3126 Setup.exe
2017-05-22 07:13 - 2017-05-22 07:13 - 00028936 _____ C:\Users\Sky\Downloads\vip.sp
2017-05-22 07:13 - 2017-05-22 07:13 - 00028936 _____ C:\Users\Sky\Downloads\vip (1).sp
2017-05-21 22:38 - 2017-05-21 22:38 - 00000013 _____ C:\Users\Sky\Downloads\players-name (31).bin
2017-05-21 22:38 - 2017-05-21 22:38 - 00000004 _____ C:\Users\Sky\Downloads\players-name (32).bin
2017-05-21 17:24 - 2017-05-21 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-05-21 17:23 - 2017-05-21 17:23 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-05-21 13:03 - 2017-05-21 22:15 - 00000000 ____D C:\Fraps
2017-05-21 13:03 - 2017-05-21 13:03 - 02496800 _____ (Beepa Pty Ltd) C:\Users\Sky\Downloads\setup.exe
2017-05-20 17:40 - 2017-05-20 17:40 - 00116384 _____ (Microsoft Corporation) C:\Users\Sky\Downloads\WordPress.exe
2017-05-20 06:44 - 2017-05-20 06:44 - 00000008 _____ C:\Users\Sky\Downloads\players-name (30).bin
2017-05-19 19:19 - 2017-05-19 19:19 - 00000011 _____ C:\Users\Sky\Downloads\players-name (28).bin
2017-05-19 19:19 - 2017-05-19 19:19 - 00000010 _____ C:\Users\Sky\Downloads\players-name (29).bin
2017-05-19 19:19 - 2017-05-19 19:19 - 00000008 _____ C:\Users\Sky\Downloads\players-name (27).bin
2017-05-19 19:19 - 2017-05-19 19:19 - 00000008 _____ C:\Users\Sky\Downloads\players-name (26).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000029 _____ C:\Users\Sky\Downloads\players-name (19).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000017 _____ C:\Users\Sky\Downloads\players-name (24).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000017 _____ C:\Users\Sky\Downloads\players-name (22).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000015 _____ C:\Users\Sky\Downloads\players-name (23).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000012 _____ C:\Users\Sky\Downloads\players-name (21).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000010 _____ C:\Users\Sky\Downloads\players-name (25).bin
2017-05-19 18:49 - 2017-05-19 18:49 - 00000009 _____ C:\Users\Sky\Downloads\players-name (20).bin
2017-05-19 18:07 - 2017-05-19 18:07 - 00000006 _____ C:\Users\Sky\Downloads\players-name (18).bin
2017-05-19 16:35 - 2017-05-19 16:36 - 00000000 ____D C:\Users\Sky\Desktop\zodiac
2017-05-18 13:14 - 2017-05-18 13:14 - 00000006 _____ C:\Users\Sky\Downloads\players-name (17).bin
2017-05-18 13:03 - 2017-05-18 13:03 - 00000006 _____ C:\Users\Sky\Downloads\players-name (15).bin
2017-05-18 13:03 - 2017-05-18 13:03 - 00000003 _____ C:\Users\Sky\Downloads\players-name (16).bin
2017-05-18 09:23 - 2017-05-18 09:23 - 00002163 _____ C:\Users\Sky\Downloads\sm_admins.sql
2017-05-17 15:55 - 2017-05-17 15:55 - 00060372 _____ C:\Users\Sky\Downloads\Deklaracia_1_2017.xlsx
2017-05-17 09:02 - 2017-05-17 09:02 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 09:02 - 2017-05-17 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 09:02 - 2017-05-17 09:02 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-16 21:32 - 2017-05-16 21:32 - 00000000 ____D C:\Users\Sky\AppData\Roaming\www.shadowexplorer.com
2017-05-16 21:31 - 2017-05-21 22:15 - 00000000 ____D C:\Program Files (x86)\ShadowExplorer
2017-05-16 21:31 - 2017-05-16 21:31 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Sky\Downloads\ShadowExplorer-0.9-setup.exe
2017-05-16 21:23 - 2017-05-16 21:23 - 05562976 _____ (Piriform Ltd) C:\Users\Sky\Downloads\rcsetup153 (1).exe
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 10:11 - 2017-05-16 10:11 - 00000017 _____ C:\Users\Sky\Downloads\mb_bans-player_name (1).bin
2017-05-12 17:59 - 2017-05-12 18:00 - 09088410 _____ C:\Users\Sky\Downloads\themeforest-10181387-priority-multipurpose-html5-template.zip
2017-05-12 15:39 - 2017-05-12 15:39 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-12 15:38 - 2017-05-12 15:38 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-12 15:38 - 2017-05-12 15:38 - 00000000 ____D C:\WINDOWS\system32\DAX3
2017-05-12 15:38 - 2017-05-12 15:38 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-12 15:38 - 2017-05-12 15:38 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 18:34 - 2017-05-11 18:34 - 00000442 _____ C:\Users\Sky\Downloads\index.php
2017-05-11 18:33 - 2017-05-11 18:33 - 00016649 _____ C:\Users\Sky\Downloads\error_log
2017-05-11 18:11 - 2017-05-11 18:11 - 00005102 _____ C:\Users\Sky\Downloads\MuteAllButAdmins.sp
2017-05-11 18:10 - 2017-05-11 18:10 - 00012184 _____ C:\Users\Sky\Downloads\extendedcomm.phrases.txt
2017-05-11 17:42 - 2017-05-11 17:42 - 00003234 _____ C:\Users\Sky\Downloads\wp-config (2).php
2017-05-11 08:47 - 2017-05-11 08:48 - 11069117 _____ C:\Users\Sky\Downloads\themeforest-7771632-boldial-wp-flat-creative-theme-with-3d-portfolio-wordpress-theme (1).zip
2017-05-11 06:23 - 2017-05-11 06:23 - 03299784 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 02190952 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 01435104 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 01382200 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 01337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00873432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00604768 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00532344 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00221936 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00209504 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00166168 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00158664 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-05-11 06:23 - 2017-05-11 06:23 - 00075504 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 72520680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-05-11 06:22 - 2017-05-11 06:22 - 05739488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-05-11 06:22 - 2017-05-11 06:22 - 03677120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-05-11 06:22 - 2017-05-11 06:22 - 03508712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 03506600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 03410800 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 03205088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 03122624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 01356904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 01016384 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00984880 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00964992 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00876880 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00867120 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00866096 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00736912 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00691640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00525736 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00467120 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00387280 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00381376 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00343672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00341112 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00341112 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00321680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00321680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00258824 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00231880 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00214800 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00192944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00110952 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00090880 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00088312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00088288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00083592 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-05-11 06:22 - 2017-05-11 06:22 - 00023656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 07172872 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 07096152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 06264600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 05346960 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 03092296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 02444648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 02209760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01965776 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01959560 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01780584 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01591024 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01517888 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01508896 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01326384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01170832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 01133032 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00743928 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00727400 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00708272 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00680512 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00504272 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00447680 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00445360 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00441232 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00416472 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00406416 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00378344 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00366080 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00362016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00360304 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00327416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00310384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00272680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00253824 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00252840 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00203800 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00190896 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00190896 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00179560 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00154328 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00151752 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00134160 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00122280 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-05-11 06:21 - 2017-05-11 06:21 - 00084576 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-05-11 06:20 - 2017-05-11 06:20 - 00118552 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-05-11 06:20 - 2017-05-11 06:20 - 00105272 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-05-11 02:44 - 2017-05-11 02:44 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-05-11 02:43 - 2017-05-11 02:43 - 12738571 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-05-10 22:08 - 2017-04-28 04:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 22:08 - 2017-04-28 04:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 22:08 - 2017-04-28 04:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 22:08 - 2017-04-28 04:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 22:08 - 2017-04-28 04:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 22:08 - 2017-04-28 04:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 22:08 - 2017-04-28 04:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-10 22:08 - 2017-04-28 04:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 22:08 - 2017-04-28 03:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-10 22:08 - 2017-04-28 03:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 22:08 - 2017-04-28 03:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-10 22:08 - 2017-04-28 03:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 22:08 - 2017-04-28 03:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-10 22:08 - 2017-04-28 03:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 22:08 - 2017-04-28 03:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 22:08 - 2017-04-28 03:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 22:08 - 2017-04-28 03:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 22:08 - 2017-04-28 03:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 22:08 - 2017-04-28 03:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-10 22:08 - 2017-04-28 03:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 22:08 - 2017-04-28 03:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 22:08 - 2017-04-28 03:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 22:08 - 2017-04-28 03:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 22:08 - 2017-04-28 03:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 22:08 - 2017-04-28 03:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 22:08 - 2017-04-28 03:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 22:08 - 2017-04-28 03:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 22:08 - 2017-04-28 03:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 22:08 - 2017-04-28 03:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 22:08 - 2017-04-28 03:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 22:08 - 2017-04-28 03:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-10 22:08 - 2017-04-28 03:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 22:08 - 2017-04-28 03:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 22:08 - 2017-04-28 03:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 22:08 - 2017-04-28 03:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-10 22:08 - 2017-04-28 03:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 22:08 - 2017-04-28 03:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 22:08 - 2017-04-28 03:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 22:08 - 2017-04-28 03:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-10 22:08 - 2017-04-28 03:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 22:08 - 2017-04-28 03:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-10 22:08 - 2017-04-28 03:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-10 22:08 - 2017-04-28 03:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 22:08 - 2017-04-28 03:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 22:08 - 2017-04-28 03:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 22:08 - 2017-04-28 03:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 22:08 - 2017-04-28 03:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 22:08 - 2017-04-28 03:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 22:08 - 2017-04-28 03:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 22:08 - 2017-04-28 03:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 22:08 - 2017-04-28 03:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 22:08 - 2017-04-28 03:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 22:08 - 2017-04-28 03:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 22:08 - 2017-04-28 03:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 22:08 - 2017-04-28 03:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 22:08 - 2017-04-28 03:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 22:08 - 2017-04-28 02:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 22:08 - 2017-04-28 02:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 22:08 - 2017-04-28 02:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 22:08 - 2017-04-28 02:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 22:08 - 2017-04-28 02:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 22:08 - 2017-04-28 02:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 22:08 - 2017-04-28 02:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-10 22:08 - 2017-04-28 02:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-10 22:08 - 2017-04-28 02:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 22:07 - 2017-04-28 04:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 22:07 - 2017-04-28 04:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 22:07 - 2017-04-28 04:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 22:07 - 2017-04-28 04:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 22:07 - 2017-04-28 04:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 22:07 - 2017-04-28 04:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 22:07 - 2017-04-28 04:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 22:07 - 2017-04-28 04:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 22:07 - 2017-04-28 04:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 22:07 - 2017-04-28 04:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 22:07 - 2017-04-28 04:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 22:07 - 2017-04-28 04:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 22:07 - 2017-04-28 04:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 22:07 - 2017-04-28 03:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 22:07 - 2017-04-28 03:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 22:07 - 2017-04-28 03:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 22:07 - 2017-04-28 03:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 22:07 - 2017-04-28 03:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 22:07 - 2017-04-28 03:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 22:07 - 2017-04-28 03:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 22:07 - 2017-04-28 03:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 22:07 - 2017-04-28 03:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 22:07 - 2017-04-28 03:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 22:07 - 2017-04-28 03:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 22:07 - 2017-04-28 03:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 22:07 - 2017-04-28 03:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-10 22:07 - 2017-04-28 03:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 22:07 - 2017-04-28 03:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-10 22:07 - 2017-04-28 03:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 22:07 - 2017-04-28 03:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 22:07 - 2017-04-28 03:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 22:07 - 2017-04-28 03:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 22:07 - 2017-04-28 03:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 22:07 - 2017-04-28 03:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 22:07 - 2017-04-28 03:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 22:07 - 2017-04-28 03:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-10 22:07 - 2017-04-28 03:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 22:07 - 2017-04-28 03:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 22:07 - 2017-04-28 03:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-10 22:07 - 2017-04-28 03:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-10 22:07 - 2017-04-28 03:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 22:07 - 2017-04-28 02:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 22:07 - 2017-04-28 02:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 22:07 - 2017-04-28 02:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 22:07 - 2017-04-28 02:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-10 22:07 - 2017-04-28 02:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 22:07 - 2017-04-28 02:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 22:07 - 2017-04-28 02:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-10 20:13 - 2017-05-10 20:13 - 00000012 _____ C:\Users\Sky\Downloads\players-name (14).bin
2017-05-10 20:13 - 2017-05-10 20:13 - 00000008 _____ C:\Users\Sky\Downloads\players-name (13).bin
2017-05-10 20:13 - 2017-05-10 20:13 - 00000008 _____ C:\Users\Sky\Downloads\players-name (12).bin
2017-05-10 20:13 - 2017-05-10 20:13 - 00000007 _____ C:\Users\Sky\Downloads\players-name (11).bin
2017-05-10 20:11 - 2017-05-10 20:11 - 00000030 _____ C:\Users\Sky\Downloads\players-name (10).bin
2017-05-10 20:11 - 2017-05-10 20:11 - 00000018 _____ C:\Users\Sky\Downloads\players-name (9).bin
2017-05-10 20:11 - 2017-05-10 20:11 - 00000008 _____ C:\Users\Sky\Downloads\players-name (8).bin
2017-05-10 13:49 - 2017-05-10 13:49 - 00046845 _____ C:\Users\Sky\Downloads\products-2017-05-10.xlsx
2017-05-10 13:42 - 2017-05-10 13:42 - 00014321 _____ C:\Users\Sky\Downloads\categories-2017-05-10.xlsx
2017-05-10 09:56 - 2017-05-10 09:56 - 00003802 _____ C:\Users\Sky\Downloads\plugin234234.zip
2017-05-09 06:29 - 2017-05-09 06:29 - 00001242 _____ C:\Users\Sky\Downloads\depois (1).sql
2017-05-09 06:28 - 2017-05-09 06:28 - 00001211 _____ C:\Users\Sky\Downloads\depois.sql
2017-05-08 17:48 - 2017-05-08 17:48 - 00000499 _____ C:\Users\Sky\Downloads\txt
2017-05-08 14:26 - 2017-05-08 14:26 - 00081948 _____ C:\Users\Sky\Downloads\37395174-boldial-wp-flat-creative-theme-with-3d-portfolio-license.pdf
2017-05-08 13:18 - 2017-05-08 13:18 - 40099179 _____ C:\Users\Sky\Downloads\themeforest-7771632-boldial-wp-flat-creative-theme-with-3d-portfolio.zip
2017-05-08 10:27 - 2017-05-08 10:27 - 00000017 _____ C:\Users\Sky\Downloads\mb_bans-player_name.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-07 21:06 - 2017-05-03 13:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-07 19:28 - 2017-02-27 14:48 - 00000000 ____D C:\Program Files\Opera
2017-06-07 09:28 - 2017-02-09 23:17 - 00000600 _____ C:\Users\Sky\AppData\Local\PUTTY.RND
2017-06-07 07:29 - 2017-03-19 00:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-07 07:29 - 2017-03-19 00:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-06 20:31 - 2016-12-31 15:25 - 00000600 _____ C:\Users\Sky\AppData\Roaming\winscp.rnd
2017-06-06 19:53 - 2017-01-03 00:04 - 00000000 ____D C:\Users\Sky\AppData\Roaming\vlc
2017-06-06 02:50 - 2017-03-18 23:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-04 09:59 - 2016-12-31 14:49 - 00000000 ____D C:\Users\Sky\AppData\Roaming\Skype
2017-06-04 09:39 - 2017-05-03 13:44 - 00003030 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Sky)
2017-06-04 09:36 - 2017-05-03 13:41 - 00000000 ____D C:\Users\Sky
2017-06-03 21:39 - 2017-01-09 00:29 - 00000000 ____D C:\Users\Sky\AppData\LocalLow\Mozilla
2017-06-03 21:38 - 2017-01-09 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-03 21:38 - 2017-01-09 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-03 19:28 - 2017-05-03 13:44 - 00003974 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1488196125
2017-06-03 19:28 - 2017-02-27 14:48 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-06-03 19:26 - 2017-05-03 13:48 - 04513692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-03 19:26 - 2016-12-31 22:05 - 02355952 _____ C:\WINDOWS\system32\perfh002.dat
2017-06-03 19:26 - 2016-12-31 22:05 - 00726306 _____ C:\WINDOWS\system32\perfc002.dat
2017-06-02 15:31 - 2017-05-03 13:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-01 18:17 - 2016-12-31 15:16 - 00000000 ____D C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-31 09:23 - 2016-12-31 17:24 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 16:53 - 2017-02-22 22:55 - 00000000 ____D C:\Users\Sky\AppData\Roaming\BitTorrent
2017-05-30 11:19 - 2017-03-06 13:20 - 00731176 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-05-29 21:16 - 2017-03-19 11:16 - 00000000 ____D C:\Users\Sky\AppData\Roaming\JetBrains
2017-05-29 11:14 - 2016-12-31 14:47 - 00000000 ____D C:\Users\Sky\AppData\Local\Packages
2017-05-28 19:55 - 2017-03-19 00:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-28 19:55 - 2017-03-19 00:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-27 21:35 - 2016-12-31 15:17 - 00000000 ____D C:\Program Files\Notepad++
2017-05-27 09:49 - 2017-05-03 13:41 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-27 09:49 - 2017-03-18 14:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-05-27 09:22 - 2017-03-14 18:46 - 00954368 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-05-27 09:21 - 2017-01-16 12:38 - 00204920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2017-05-27 09:21 - 2016-12-31 15:08 - 00891392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2017-05-26 22:26 - 2017-01-26 18:50 - 00001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poedit.lnk
2017-05-26 22:26 - 2017-01-26 18:50 - 00000000 ____D C:\Program Files (x86)\Poedit
2017-05-23 18:06 - 2016-12-31 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 18:05 - 2016-12-31 19:30 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-21 22:09 - 2017-05-03 13:40 - 00297280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-21 17:24 - 2017-01-08 13:15 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2017-05-21 17:23 - 2017-01-08 13:17 - 00000000 ____D C:\ProgramData\Wondershare
2017-05-20 16:55 - 2016-12-31 14:51 - 00000000 ____D C:\ProgramData\IObit
2017-05-20 16:32 - 2017-02-16 12:12 - 00000000 ____D C:\Users\Sky\AppData\Local\SLAM
2017-05-17 09:02 - 2017-05-03 13:41 - 00000000 ____D C:\Program Files\AMD
2017-05-17 09:01 - 2016-12-31 14:51 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-11 21:11 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-11 21:11 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-11 21:11 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-11 21:10 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-11 21:11 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-11 21:11 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-11 21:10 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-13 14:45 - 2017-03-19 00:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-13 09:57 - 2017-03-30 10:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-13 09:57 - 2016-12-31 15:26 - 00000000 ____D C:\ProgramData\Skype
2017-05-11 21:10 - 2017-05-03 13:44 - 00003390 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-05-11 21:10 - 2016-12-31 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-05-11 21:06 - 2016-12-31 14:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 21:05 - 2017-03-19 00:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-11 21:05 - 2017-03-19 00:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 21:05 - 2017-03-19 00:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 21:05 - 2017-03-19 00:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 07:33 - 2016-12-31 14:50 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-12-31 15:25 - 2017-06-06 20:31 - 0000600 _____ () C:\Users\Sky\AppData\Roaming\winscp.rnd
2017-02-09 23:17 - 2017-06-07 09:28 - 0000600 _____ () C:\Users\Sky\AppData\Local\PUTTY.RND
2017-01-19 00:20 - 2017-01-19 00:20 - 0001960 _____ () C:\Users\Sky\AppData\Local\recently-used.xbel
2017-01-20 08:36 - 2017-02-04 16:23 - 0007605 _____ () C:\Users\Sky\AppData\Local\Resmon.ResmonCfg
2017-05-12 15:39 - 2017-05-12 15:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 18:14 - 2017-01-07 18:14 - 0004181 _____ () C:\ProgramData\kjiixkes.ghp
2017-01-07 18:14 - 2017-01-07 18:14 - 0000016 _____ () C:\ProgramData\mntemp
2017-01-16 12:39 - 2017-04-16 08:30 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-05-27 18:03 - 2017-05-27 18:03 - 2983112 _____ () C:\Users\Sky\AppData\Local\Temp\npp.7.4.1.Installer.x64.exe
2017-05-28 23:01 - 2017-05-28 23:01 - 30950664 _____ () C:\Users\Sky\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-06 19:45

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 19 часа, Ивайло Костов написа:

Здравейте, чисто профилактично да проверим една машина.

Здравейте ..! Чисто профилактично....:

GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

Моля, изтеглете Malwarebytes Anti-Malware 2.2.0.1024 Final и я запазете на вашия десктоп.

  • Стартирайте файла mbam-setup-bc.хххх-х.х.х.хххх.exe и следвайте указанията за да инсталирате програмата.
  • След като инсталацията приключи се уверете че сте сложили отметка пред:
  • Launch Malwarebytes Anti-Malware
  • Отметката активираща пробния 14 дневен период също е маркиран по-подразбиране. Ако не желаете да тествате защитата в реално време на програмата през следващите 14 дни тогава премахнете отметката. Т.е. премахнете първата отметка:

DkgJ7Zr.png

  • Натиснете бутона Finish.
  • Отидете до табът Settings > Detection and Protection > и под категориятаDetection Options включете опцията "Scan for rootkits".
  • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и след това натиснете бутона Scan Now >> . Ако е намерена актуализация тогава натиснете бутона Update Now.
  • Ще започне проверка за зловреден софтуер.
  • При някои инфекции можете да видите съобщението:
  • "Could not load DDA driver"
  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Разрешете на компютъра да се рестартира и след това продължете с останалите инструкции.
  • След като проверката приключи натиснете бутона Apply Actions.
  • Изчакайте да се появи прозореца подканващ ви да рестартирате и след това натиснете бутона Yes.
  • След рестарта, когато се появи десктопа MBAM ще се зареди още веднъж.
  • Отидете то табът History > Application Logs.

65ZBqkR.jpg

  • Отворете рапорта с последната дата и час и натиснете бутона "Copy to Clipboard"
  • Сега вече поставете съдържанието на лог файла с клавишната комбинацияCtrl + V и го публикувайте в следващия си коментар.

 

BY4dvz9.png Сканиране с AdwCleaner

 
Моля, изтеглете и стартирайте програмата Malwarebytes AdwCleaner (by Xplode):

  • Затворете всички стартирани програми и браузъри
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
  • Маркирайте A49sxPr.pngScan (провери).
  • След завършване, кликнете на 6cyn5v5.pngLogfile (дневник).Ще се отвори прозорец в който се намира дневника (AdwCleaner [S0] .txt).Кликнете два пъти върх реда и ще се отвори съдържанието на дневника.Публикувайте го в следващия си пост
  • Върнете се към основния прозорец на AdwCleaner .маркирайте MqHawIb.pngClean (Почисти)
  • Следвайте указанията и разрешете на компютъра да се рестартира.
  • След рестарта ще се отвори дневник AdwCleaner[C0].txt . Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

E3feWj5.png  Сканиране с Junkware Removal Tool
 
Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

 

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с имеSecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

 

 Дневници
 
В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • Дневник от Malwarebytes Anti -Malware
  • AdwCleaner.txt
  • JRT.txt
  • SecurityCheck.txt (копирате съдържанието)
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8.6.2017 г.
Scan Time: 18:11
Logfile: 
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2017.06.08.04
Rootkit Database: v2017.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Sky

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 308937
Time Elapsed: 5 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Trovi, C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.otrovi.com_0.localstorage, Quarantined, [992be4583d6ce155d2ac36adbe44bf41], 
PUP.Optional.Trovi, C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.otrovi.com_0.localstorage-journal, Quarantined, [0cb88eae7237be78d4aa895a56ac45bb], 

Physical Sectors: 0
(No malicious items detected)


(end)

 

###########################################################################################################################################################

преди рестарт

# AdwCleaner v6.047 - Дневникът е създаден 08/06/2017 в 18:22:09
# Обновен на 19/05/2017 от Malwarebytes
# База данни : 2017-06-07.1 [Сървърна]
# Операционна Система : Windows 10 Pro  (X64)
# Потребителско име : Sky - DESKTOP-G4GAL17
# Изпълнява се от : C:\Users\Sky\Downloads\adwcleaner_6.047.exe
# Режим: Сканиране
# Поддръжка : https://www.malwarebytes.com/support

***** [ Услуги ] *****

Зловредни услуги не бяха намерени.


***** [ Папки ] *****

Открита е папка: C:\Users\Sky\AppData\Roaming\IObit\Advanced SystemCare
Открита е папка: C:\ProgramData\IObit\ASCDownloader


***** [ Файлове ] *****

Зловредни файлове не бяха открити.


***** [ DLL ] *****

Зловредни DLL библиотеки не бяха намерени.


***** [ WMI ] *****

Зловредни ключове в регистъра не бяха намерени.


***** [ Преки пътища ] *****

Не бяха намерени инфектирани преки пътища.


***** [ Планирани Задачи ] *****

Открита е планирана задача: Driver Booster Scheduler


***** [ Регистър ] *****

Не бяха намерени злонамерени елементи в регистъра.


***** [ Интернет браузъри ] *****

Зловредни настройки във всички Firefox базирани интернет браузъри не бяха намерени.
Открита е настройка на Chrome: [C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]


*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2097 Байта] - [08/06/2017 18:22:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2175 Байта] ##########
 

##################################################################################################################################################

след рестарт

 

# AdwCleaner v6.047 - Дневникът е създаден 08/06/2017 в 18:22:44
# Обновен на 19/05/2017 от Malwarebytes
# База данни : 2017-06-07.1 [Сървърна]
# Операционна Система : Windows 10 Pro  (X64)
# Потребителско име : Sky - DESKTOP-G4GAL17
# Изпълнява се от : C:\Users\Sky\Downloads\adwcleaner_6.047.exe
# Режим: Почистване
# Поддръжка : https://www.malwarebytes.com/support

***** [ Услуги ] *****

***** [ Папки ] *****

[-] Папката е изтрита: C:\Users\Sky\AppData\Roaming\IObit\Advanced SystemCare
[-] Папката е изтрита: C:\ProgramData\IObit\ASCDownloader


***** [ Файлове ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Преки пътища ] *****

***** [ Планирани Задачи ] *****

[-] Планираната задача беше изтрита: Driver Booster Scheduler


***** [ Регистър ] *****

***** [ Интернет Браузъри ] *****

[-] [C:\Users\Sky\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Изтрит: ask.com


*************************

:: "Tracing" ключовете бяха изтрити
:: Winsock настройките бяха изчистени

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1416 Байта] - [08/06/2017 18:22:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2259 Байта] - [08/06/2017 18:22:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1572 Байта] ##########
 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x64 
Ran by Sky (Administrator) on зҐвў 08.06.2017 Ј. at 18:28:29,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 4 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Sky\AppData\Roaming\new version available (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Sky) (Task)

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on зҐвў 08.06.2017 Ј. at 18:29:34,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

SecurityCheck by glax24 & Severnyj v.1.4.0.50 [06.06.17]
WebSite: www.safezone.cc
DateLog: 08.06.2017 18:30:40
Path starting: C:\Users\Sky\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Sky
VersionXML: 4.34is-07.06.2017
___________________________________________________________________________

Windows 10(6.3.15063) (x64) Professional Release: 1703 Lang: 0402
Installation date OS: 03.05.2017 10:46:59
LicenseStatus: Windows(R), Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Notepad++\notepad++.exe
SystemDrive: C: FS: [NTFS] Capacity: [111.3 Gb] Used: [99.6 Gb] Free: [11.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.296.15063.0 [+]
User Account Control enabled
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Защитна стена на Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware, версия 2.2.0.1024 v.2.2.0.1024
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 (x64) v.16.04
TeamViewer 12 v.12.0.77242 Warning! Download Update
VLC media player v.2.2.6
LibreOffice 5.2.5.1 v.5.2.5.1 Warning! Download Update
TeamViewer 12 (TeamViewer) - The service is running
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.35 v.7.35.103 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
BitTorrent v.7.9.9.43389 Warning! P2P-client.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.58.0.3029.110 Warning! Download Update
Mozilla Firefox 53.0.3 (x86 bg) v.53.0.3
Opera Stable 45.0.2552.888 v.45.0.2552.888
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.58.0.3029.110
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMService (MBAMService) - The service has stopped
C:\Program Files\Windows Defender\MsMpEng.exe v.4.11.15063.0
C:\Program Files\Windows Defender\NisSrv.exe v.4.11.15063.0
Услуга Windows Defender Antivirus (WinDefend) - The service is running
Услуга за мрежова проверка на Windows Defender Antivirus (WdNisSvc) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
Driver Booster 4.4 v.4.4.0 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Нищо притеснително от зловреден характер..! :)

Този софтуер ви е за обновяване:

Цитат

LibreOffice 5.2.5.1 v.5.2.5.1 Warning! Download Update

TeamViewer 12 v.12.0.77242 Warning! Download Update

Google Chrome v.58.0.3029.110 Warning! Download Update

 

Този софтуер е препоръчително да се обнови:

Цитат

Skype™ 7.35 v.7.35.103 Warning! Download Update
^Optional update.^

 

Препоръчително е деинсталирането на програмата:

Цитат

Driver Booster

 

Фикс с Farbar Recovery Scan Tool

icon13.gif Изтеглете прикачения файл fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

А толкова да е удобен Driver Booster... 

 

Fixlog.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Цитат

Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering

Препоръчително е ....! 

7k2Zu73R.png.0a6a6ba63fa68fb3917cffc81bf0ccab.png Изтеглете DelFix и го стартирайте. Сложете отметка пред:

  • Remove disinfection tools <----- това ще премахне инструментите които сме използвали
  • Create registry backup <----- тази опция ще създадете резервно копие от регистъра на Windows
  • Purge system restore <---  това ще премахне всички предишни точки за възстановяване, ще бъде създадена нова точка  на състоянието на системата в момента.
  • Reset system settings <--- това ще нулира всички настройки на системата и по подразбиране, които са били променени или от нас по време на почистването или от зловреден софтуер / инфекция

DelFix.png.6f92057f93286acd2741e87aeb5876d9.png

..и след това натиснете бутона Run

  • След като операцията е завърши,ще се създаде дневник
  • Копирате го и го поставите в следващия си отговор

Инструмента ще се самоизтрие след като приключи своята задача!

 

Няма основание за притеснение..! Системата е чиста..! Това е ..! :) Ако нямате други проблеми и въпроси да приключваме...Маркирам случая за "Решен"...! Пожелавам лек ден и безопасен интернет..! :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 9 минути, icotonev написа:

 

Няма основание за притеснение..! Системата е чиста..! Това е ..! :) Ако нямате други проблеми и въпроси да приключваме...Маркирам случая за "Решен"...! Пожелавам лек ден и безопасен интернет..! :)

Супер!

Ето и от последното. Като гледам и с него всичко е ОК. Благодаря ти!

# DelFix v1.013 - Logfile created 09/06/2017 at 10:37:04
# Updated 17/04/2016 by Xplode
# Username : Sky - DESKTOP-G4GAL17
# Operating System : Windows 10 Pro  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\SecurityCheck
Deleted : C:\Users\Sky\Desktop\Addition.txt
Deleted : C:\Users\Sky\Desktop\Fixlog.txt
Deleted : C:\Users\Sky\Desktop\FRST.txt
Deleted : C:\Users\Sky\Desktop\JRT.txt
Deleted : C:\Users\Sky\Downloads\Addition.txt
Deleted : C:\Users\Sky\Downloads\adwcleaner_6.047.exe
Deleted : C:\Users\Sky\Downloads\FRST64.exe
Deleted : C:\Users\Sky\Downloads\JRT.exe
Deleted : C:\Users\Sky\Downloads\SecurityCheck.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #3 [Scheduled Checkpoint | 06/02/2017 09:03:30]
Deleted : RP #4 [JRT Pre-Junkware Removal | 06/08/2017 15:28:30]
Deleted : RP #7 [Removed LibreOffice 5.2.5.1 | 06/09/2017 04:55:39]

New restore point created !

########## - EOF - ##########
 

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Plamen_ruse
      От известно време ми се появи този проблем. Докато браузвам (независимо от браузера) ми се отварят допълнителни прозорци с реклами. Нямам усещане, че компютъра работи по-бавно от преди. 
       
       
      can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
      Ran by User (administrator) on DESKTOP-9A6KV1O (10-01-2019 21:03:43)
      Running from D:\Downloads
      Loaded Profiles: User (Available Profiles: User)
      Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
      (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (ESET) C:\Program Files\ESET\ESET Security\egui.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
      () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18112.17430.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
      HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-12] (ESET)
      HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-619769886-4034110463-2982145271-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe [25972968 2018-12-22] (Spotify Ltd)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{d4f7e68d-b074-4387-bb66-200a4cfcbb5d}: [DhcpNameServer] 89.207.131.8 8.8.8.8
      Tcpip\..\Interfaces\{dd5152f7-fb4e-44ba-b531-9721fa95320d}: [DhcpNameServer] 10.0.0.1
      Internet Explorer:
      ==================
      BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-16] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
      BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-01] (Microsoft Corporation)
      FireFox:
      ========
      FF DefaultProfile: 5zp7ongo.default
      FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default [2019-01-06]
      FF Homepage: Mozilla\Firefox\Profiles\5zp7ongo.default -> www.google.bg
      FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\5zp7ongo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-17]
      FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
      FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-07-28] [Legacy] [not signed]
      FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
      FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
      FF Plugin-x32: @huawei.com/NPPlugin -> C:\Program Files (x86)\Web_TV\WebTVPlugin\NPPlugin.dll [2015-07-02] ()
      FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
      FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> hxxp://www.google.com/
      CHR StartupUrls: Default -> "hxxp://www.google.com/"
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Theme Creator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2017-07-21]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-21]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-21]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-10-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Floating for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2018-12-23]
      CHR Extension: (Video DownloadHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-08-01]
      CHR Extension: (IP домейн флаг) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2017-12-29]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-21]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-13]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-06]
      CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-09-13]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
      CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-08]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-11-01]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-01]
      CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-16]
      CHR Extension: (Google Hangouts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-16]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-01-10]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-13]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-01-09]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-11]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-11]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-16]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-16]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-11]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-26]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-13]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-16]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-06-20]
      CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
      CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
      CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-10]
      CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-10]
      CHR Extension: (Таблици) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
      CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-10]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
      CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-10]
      CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20]
      CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-12]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\71.0.3578.15\remoting_host.exe [73048 2018-10-18] (Google Inc.)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
      R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-12] (ESET)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-09-16] (Microsoft Corporation)
      R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
      S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
      S3 Disc Soft Lite Bus Service; "C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe" [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-21] (Disc Soft Ltd)
      R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-09] (ESET)
      R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-09] (ESET)
      S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-08-27] (ESET)
      R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-08-27] (ESET)
      R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-08-27] (ESET)
      R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-08-27] (ESET)
      R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-08-27] (ESET)
      R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
      R3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
      R3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
      R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2018-04-12] (Realtek Semiconductor Corporation )
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 21:03 - 2019-01-10 21:03 - 000000000 ____D C:\FRST
      2019-01-08 20:52 - 2019-01-01 15:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
      2019-01-08 20:52 - 2019-01-01 15:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 15:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2019-01-08 20:52 - 2019-01-01 15:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
      2019-01-08 20:52 - 2019-01-01 15:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
      2019-01-08 20:52 - 2019-01-01 15:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
      2019-01-08 20:52 - 2019-01-01 09:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
      2019-01-08 20:52 - 2019-01-01 09:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
      2019-01-08 20:52 - 2019-01-01 09:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2019-01-08 20:52 - 2019-01-01 09:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 09:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2019-01-08 20:52 - 2019-01-01 09:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2019-01-08 20:52 - 2019-01-01 09:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
      2019-01-08 20:52 - 2019-01-01 09:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
      2019-01-08 20:52 - 2019-01-01 08:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
      2019-01-08 20:52 - 2019-01-01 08:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
      2019-01-08 20:52 - 2019-01-01 08:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
      2019-01-08 20:52 - 2019-01-01 08:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2019-01-08 20:52 - 2019-01-01 08:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2019-01-08 20:52 - 2019-01-01 08:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 08:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
      2019-01-08 20:52 - 2019-01-01 08:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2019-01-08 20:52 - 2019-01-01 08:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2019-01-08 20:52 - 2019-01-01 08:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2019-01-08 20:52 - 2019-01-01 08:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
      2019-01-08 20:52 - 2019-01-01 08:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
      2019-01-08 20:52 - 2019-01-01 08:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
      2019-01-08 20:52 - 2019-01-01 08:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
      2019-01-08 20:52 - 2019-01-01 08:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
      2019-01-08 20:52 - 2019-01-01 08:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
      2019-01-08 20:52 - 2019-01-01 07:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
      2019-01-08 20:52 - 2018-12-19 06:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
      2019-01-06 00:59 - 2019-01-06 00:59 - 000141434 _____ C:\TDSSKiller.3.1.0.25_06.01.2019_00.59.11_log.txt
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
      2019-01-06 00:47 - 2019-01-06 00:47 - 000000000 ____D C:\Users\User\AppData\Local\mbam
      2018-12-19 20:41 - 2018-12-14 09:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2018-12-19 20:41 - 2018-12-14 09:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2018-12-19 20:41 - 2018-12-14 09:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2018-12-19 20:41 - 2018-12-14 09:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2018-12-19 20:41 - 2018-12-14 09:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 09:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2018-12-19 20:41 - 2018-12-14 08:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
      2018-12-19 20:41 - 2018-12-14 08:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2018-12-19 20:41 - 2018-12-14 08:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
      2018-12-19 20:41 - 2018-12-14 08:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2018-12-19 20:41 - 2018-12-14 08:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
      2018-12-16 16:30 - 2018-12-16 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Инструменти на Microsoft Office
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-12-13 23:56 - 2018-12-13 23:56 - 000002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-12-13 18:52 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
      2018-12-12 21:25 - 2018-12-08 14:47 - 001786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
      2018-12-12 21:25 - 2018-12-08 14:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
      2018-12-12 21:25 - 2018-12-08 14:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
      2018-12-12 21:25 - 2018-12-08 14:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
      2018-12-12 21:25 - 2018-12-08 14:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
      2018-12-12 21:25 - 2018-12-08 14:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
      2018-12-12 21:25 - 2018-12-08 14:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2018-12-12 21:25 - 2018-12-08 14:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2018-12-12 21:25 - 2018-12-08 14:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 14:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2018-12-12 21:25 - 2018-12-08 10:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
      2018-12-12 21:25 - 2018-12-08 10:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 10:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2018-12-12 21:25 - 2018-12-08 10:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
      2018-12-12 21:25 - 2018-12-08 10:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
      2018-12-12 21:25 - 2018-12-08 09:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
      2018-12-12 21:25 - 2018-12-08 09:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2018-12-12 21:25 - 2018-12-08 09:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
      2018-12-12 21:25 - 2018-12-08 09:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2018-12-12 21:25 - 2018-12-08 09:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
      2018-12-12 21:25 - 2018-12-08 09:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
      2018-12-12 21:25 - 2018-12-08 09:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2018-12-12 21:25 - 2018-12-08 09:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2018-12-12 21:25 - 2018-12-08 09:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
      2018-12-12 21:25 - 2018-12-08 09:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
      2018-12-12 21:25 - 2018-12-08 09:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
      2018-12-12 21:25 - 2018-12-08 09:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2018-12-12 21:25 - 2018-12-08 09:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
      2018-12-12 21:25 - 2018-11-09 08:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2018-12-12 21:25 - 2018-11-09 07:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
      2018-12-12 21:25 - 2018-11-09 07:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
      2018-12-12 21:25 - 2018-11-09 07:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 07:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2018-12-12 21:25 - 2018-11-09 07:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
      2018-12-12 21:25 - 2018-11-09 04:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
      2018-12-12 21:25 - 2018-11-09 04:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 04:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
      2018-12-12 21:25 - 2018-11-09 04:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 04:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2018-12-12 21:25 - 2018-11-09 04:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
      2018-12-12 21:25 - 2018-11-09 04:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2018-12-12 21:25 - 2018-11-09 04:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
      2018-12-12 21:25 - 2018-11-09 04:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
      2018-12-12 21:25 - 2018-11-09 04:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
      2018-12-12 21:25 - 2018-11-09 03:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2018-12-12 21:25 - 2018-11-09 03:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2018-12-12 21:25 - 2018-11-09 03:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2018-12-12 21:24 - 2018-12-08 14:48 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 001627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
      2018-12-12 21:24 - 2018-12-08 14:47 - 000180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
      2018-12-12 21:24 - 2018-12-08 14:47 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
      2018-12-12 21:24 - 2018-12-08 14:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:43 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
      2018-12-12 21:24 - 2018-12-08 14:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
      2018-12-12 21:24 - 2018-12-08 14:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
      2018-12-12 21:24 - 2018-12-08 14:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
      2018-12-12 21:24 - 2018-12-08 14:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
      2018-12-12 21:24 - 2018-12-08 14:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
      2018-12-12 21:24 - 2018-12-08 14:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
      2018-12-12 21:24 - 2018-12-08 10:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
      2018-12-12 21:24 - 2018-12-08 10:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
      2018-12-12 21:24 - 2018-12-08 10:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
      2018-12-12 21:24 - 2018-12-08 10:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
      2018-12-12 21:24 - 2018-12-08 10:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
      2018-12-12 21:24 - 2018-12-08 10:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
      2018-12-12 21:24 - 2018-12-08 10:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 10:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
      2018-12-12 21:24 - 2018-12-08 10:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
      2018-12-12 21:24 - 2018-12-08 10:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
      2018-12-12 21:24 - 2018-12-08 10:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
      2018-12-12 21:24 - 2018-12-08 10:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
      2018-12-12 21:24 - 2018-12-08 09:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2018-12-12 21:24 - 2018-12-08 09:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2018-12-12 21:24 - 2018-12-08 09:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
      2018-12-12 21:24 - 2018-12-08 09:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
      2018-12-12 21:24 - 2018-12-08 09:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
      2018-12-12 21:24 - 2018-12-08 09:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
      2018-12-12 21:24 - 2018-12-08 09:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
      2018-12-12 21:24 - 2018-12-08 09:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
      2018-12-12 21:24 - 2018-12-08 09:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
      2018-12-12 21:24 - 2018-12-08 09:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
      2018-12-12 21:24 - 2018-12-08 09:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2018-12-12 21:24 - 2018-12-08 09:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-12-08 09:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2018-12-12 21:24 - 2018-12-08 09:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
      2018-12-12 21:24 - 2018-12-08 09:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
      2018-12-12 21:24 - 2018-12-08 09:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
      2018-12-12 21:24 - 2018-12-08 09:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
      2018-12-12 21:24 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
      2018-12-12 21:24 - 2018-12-08 09:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
      2018-12-12 21:24 - 2018-12-08 09:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
      2018-12-12 21:24 - 2018-12-08 09:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2018-12-12 21:24 - 2018-12-08 09:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
      2018-12-12 21:24 - 2018-11-09 08:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
      2018-12-12 21:24 - 2018-11-09 07:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
      2018-12-12 21:24 - 2018-11-09 07:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
      2018-12-12 21:24 - 2018-11-09 07:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2018-12-12 21:24 - 2018-11-09 07:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
      2018-12-12 21:24 - 2018-11-09 07:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
      2018-12-12 21:24 - 2018-11-09 07:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2018-12-12 21:24 - 2018-11-09 04:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2018-12-12 21:24 - 2018-11-09 04:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 04:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2018-12-12 21:24 - 2018-11-09 04:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 04:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2018-12-12 21:24 - 2018-11-09 04:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 04:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
      2018-12-12 21:24 - 2018-11-09 04:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 04:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 04:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
      2018-12-12 21:24 - 2018-11-09 04:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
      2018-12-12 21:24 - 2018-11-09 04:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 04:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
      2018-12-12 21:24 - 2018-11-09 04:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
      2018-12-12 21:24 - 2018-11-09 04:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
      2018-12-12 21:24 - 2018-11-09 04:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
      2018-12-12 21:24 - 2018-11-09 04:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
      2018-12-12 21:24 - 2018-11-09 04:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
      2018-12-12 21:24 - 2018-11-09 03:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
      2018-12-12 21:24 - 2018-11-09 03:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
      2018-12-12 21:24 - 2018-11-09 03:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2018-12-12 21:24 - 2018-11-09 03:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
      2018-12-12 21:24 - 2018-11-09 03:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
      2018-12-12 21:24 - 2018-11-09 03:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
      2018-12-12 21:24 - 2018-11-09 03:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
      2018-12-12 21:24 - 2018-11-09 03:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
      2018-12-12 21:24 - 2018-11-09 03:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
      2018-12-12 21:24 - 2018-11-09 03:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-10 20:59 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2019-01-10 19:30 - 2018-09-16 16:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2019-01-09 18:35 - 2018-09-16 16:27 - 001532434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2019-01-09 18:35 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
      2019-01-09 18:35 - 2017-07-30 15:50 - 000536072 _____ C:\WINDOWS\system32\perfh002.dat
      2019-01-09 18:35 - 2017-07-30 15:50 - 000162902 _____ C:\WINDOWS\system32\perfc002.dat
      2019-01-09 18:29 - 2018-09-16 16:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2019-01-08 23:43 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
      2019-01-08 23:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
      2019-01-08 21:01 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
      2019-01-08 20:25 - 2018-09-16 16:31 - 000004550 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2019-01-08 20:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2019-01-08 20:21 - 2018-09-16 16:31 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2019-01-07 22:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
      2019-01-06 23:41 - 2017-12-25 22:05 - 000000000 ____D C:\Users\User\Desktop\1
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2019-01-06 00:54 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2019-01-06 00:39 - 2017-07-19 16:04 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
      2019-01-06 00:39 - 2017-07-19 15:57 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
      2019-01-05 19:20 - 2017-07-19 16:01 - 000000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
      2019-01-05 18:45 - 2017-07-20 10:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-01-04 19:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
      2019-01-03 22:12 - 2017-08-09 19:30 - 000001456 _____ C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      2019-01-02 21:41 - 2018-04-12 01:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2019-01-02 21:41 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2019-01-01 20:39 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2018-12-25 00:42 - 2017-07-21 09:01 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
      2018-12-23 23:24 - 2018-02-23 22:15 - 000000000 ____D C:\Users\User\AppData\Local\Packages
      2018-12-23 10:06 - 2017-07-21 21:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения в Chrome
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003518 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-12-20 20:04 - 2018-09-16 16:31 - 000003394 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-12-20 19:17 - 2018-09-16 16:31 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-619769886-4034110463-2982145271-1001
      2018-12-20 19:17 - 2018-09-16 16:16 - 000002388 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-12-20 19:17 - 2017-07-19 09:25 - 000000000 ___RD C:\Users\User\OneDrive
      2018-12-16 17:01 - 2017-07-21 09:02 - 000000000 ____D C:\ProgramData\TEMP
      2018-12-16 16:29 - 2017-07-20 10:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2018-12-14 00:22 - 2017-09-16 08:33 - 000000000 ____D C:\Program Files (x86)\Audacity
      2018-12-13 23:56 - 2017-07-19 15:57 - 000000000 ____D C:\Program Files (x86)\Google
      2018-12-13 23:54 - 2018-09-09 15:45 - 000000000 ___DC C:\WINDOWS\Panther
      2018-12-13 18:42 - 2018-02-23 22:31 - 000000000 ___RD C:\Users\User\3D Objects
      2018-12-13 18:42 - 2016-11-21 09:30 - 000000000 __RHD C:\Users\Public\AccountPictures
      2018-12-13 18:40 - 2018-09-16 16:13 - 000401856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
      2018-12-12 22:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
      ==================== Files in the root of some directories =======
      2017-12-25 22:02 - 2017-12-25 22:02 - 000000128 ____H () C:\Users\User\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
      2017-08-09 19:30 - 2019-01-03 22:12 - 000001456 _____ () C:\Users\User\AppData\Local\Adobe Save for Web 13.0 Prefs
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-09-16 16:12
      ==================== End of FRST.txt ============================
      Addition.txt
    • от B0rn T0 P0rN (Forest*)
      Нещо не схванах каква е цялата схема на раздела, но моето не е чак толкова голям проблем. Изтеглих си Bandicam от "някакъв" сайт, но когато тръгнах да го инсталирам ми изкара прозорче, в което искаше да му дам достъп като админ, за да продължи инсталацията. Направи ми впечатление, че искаше да инсталира някакъв друг software и направо му цъкнах Cancel, след това компютъра заби за около 1-2 секунди, отворих Task manager-a, поне над 6-7 процеса (непознати) работеха, както и да е, инсталира ми някакви програмки, премахнах ги, всичко ток ама без жицата. Остана един друг проблееем.. Сега от цялата история остана един AD който не намирам начин да го премахна.. Гледах, суках, струвах, изтеглих Junkware Removal Tool-a дето уж щял да помогне но уви, не помогна. Ето ей таз глупост не успявам да я премахна > ЦЪК < На антивирустни изобщо не се доверявам, хем компютъра цикли повече от тях, хем двойно повече вируси се бъкат.. Абе като дъвка са за вирусите. Ето и log-a след края на JRT; 
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Ultimate x64 Ran by idk (Administrator) on ўв 15.01.2019 Ј. at 3:38:08,89 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 17 Failed to delete: C:\Program Files (x86)\proxygate (Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\idk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F68ZGOQX (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIQK8NQU (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HML355FN (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R1LRYOEA (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ўв 15.01.2019 Ј. at 3:40:09,86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Само ми направи впечатление ей това > "Failed to delete: C:\Program Files (x86)\proxygate (Folder)", нещо ми е много мерак да го изтрия ръчно?
    • от legolas69
      Здравейте, въпросният лаптоп се използва от майка ми за ежедневни дейности и то рядко. При стартирането на системата ESET засича PUP.Optional.Reimage, позволих си да сканирам с Malwarebytes, БЕЗ да предприемам действия. Каква е тази папка и има ли нещо притеснително ? Благодаря предварително. 
      Addition.txt
      FRST.txt
      malwarebytes.txt
    • от v3cko
      Здравейте и за много години,моят проблем хром бавно отваря забива и се срива- отварят се по няколко страници . В момента съм safe mode иначе забива
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2019
      Ran by ВЕС (administrator) on WIN-SKFJ6HLGST2 (03-01-2019 20:43:32)
      Running from C:\Users\ВЕС\Downloads
      Loaded Profiles: ВЕС (Available Profiles: ВЕС)
      Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Safe Mode (with Networking)
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [DHY0GM3ATCSFE7M] => "C:\Program Files\x0h1djdcnoe\3OQCH.exe"
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\...\MountPoints2: {41be252d-0f82-11e9-a624-002713343a56} - F:\Lenovo_Suite.exe
      HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-03] (Google Inc.)
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{840DEA2A-8553-4D25-A5FB-7DB86C5BFBE5}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EE11610E-0BCC-42A7-A0AC-89B4A3B92BF1}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3512987231-521144983-709920193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3512987231-521144983-709920193-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_754_190103&q={searchTerms}
      BHO: YoutubeAdBlock -> {984AFA40-4BEC-457F-AEDE-FE3404A646FA} -> C:\Program Files\VKkhWVSisIE\kwTiXoR.dll => No File
      FireFox:
      ========
      FF ProfilePath: C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default [2019-01-03]
      FF user.js: detected! => C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
      FF Extension: (NewsFox) - C:\Users\ВЕС\Downloads\k-meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-01-04] [Legacy] [not signed]
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File]
      Chrome: 
      =======
      CHR HomePage: Default -> hxxp://google.bg/
      CHR Profile: C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default [2019-01-03]
      CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-01-03]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-03]
      CHR Extension: (Chrome Media Router) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      "qamplvkj" => service was unlocked. <==== ATTENTION
      S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [375776 2018-12-12] (Google Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes)
      S2 qamplvkj; C:\Windows\system32\qamplvkj\dfaricjc.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
      S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
      S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-03] (Malwarebytes)
      S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2019-01-03] (Malwarebytes)
      S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2019-01-03] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-03] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2019-01-03] (Malwarebytes)
      U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      2019-01-04 03:15 - 2019-01-04 03:15 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      2019-01-04 03:14 - 2019-01-04 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
      2019-01-04 03:10 - 2019-01-03 18:31 - 000000000 ____D C:\Windows\Panther
      2019-01-04 03:03 - 2019-01-04 03:03 - 000000000 ____D C:\Windows.old
      2019-01-03 20:43 - 2019-01-03 20:43 - 001783808 _____ (Farbar) C:\Users\ВЕС\Downloads\FRST.exe
      2019-01-03 20:43 - 2019-01-03 20:43 - 000007564 _____ C:\Users\ВЕС\Downloads\FRST.txt
      2019-01-03 20:43 - 2019-01-03 20:43 - 000000000 ____D C:\FRST
      2019-01-03 20:18 - 2019-01-03 20:18 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2019-01-03 20:18 - 2019-01-03 20:18 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2019-01-03 20:03 - 2019-01-03 20:03 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbam
      2019-01-03 20:02 - 2019-01-03 20:42 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2019-01-03 20:02 - 2019-01-03 20:02 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbamtray
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\ProgramData\Malwarebytes
      2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Program Files\Malwarebytes
      2019-01-03 20:02 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
      2019-01-03 20:00 - 2019-01-03 20:01 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
      2019-01-03 19:40 - 2019-01-03 20:03 - 000000000 ____D C:\ProgramData\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 029162424 _____ (Adlice Software ) C:\Users\ВЕС\Downloads\RogueKiller_setup.exe
      2019-01-03 19:40 - 2019-01-03 19:40 - 000001001 _____ C:\Users\Public\Desktop\RogueKiller.lnk
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
      2019-01-03 19:40 - 2019-01-03 19:40 - 000000000 ____D C:\Program Files\RogueKiller
      2019-01-03 19:34 - 2019-01-03 20:42 - 000265284 _____ C:\Windows\ntbtlog.txt
      2019-01-03 19:30 - 2019-01-03 19:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\teiqv2gvtfm
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\imgn0qmwmwh
      2019-01-03 19:10 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\acysy1vaoki
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:09 - 2019-01-03 19:09 - 000000009 _____ C:\Users\ВЕС\rstr1.ini
      2019-01-03 19:08 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\3zxuksmazmq
      2019-01-03 19:07 - 2019-01-03 19:07 - 000000258 __RSH C:\Users\ВЕС\ntuser.pol
      2019-01-03 19:04 - 2019-01-03 19:04 - 000000000 ____D C:\Windows\system32\qamplvkj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\vi5lm2mflim
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\sq0zlve2tqj
      2019-01-03 19:02 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\qc1oa2vrskn
      2019-01-03 19:02 - 2019-01-03 19:02 - 000000000 ____D C:\Users\ВЕС\AppData\LocalLow\yHNPHHIzKpsCK
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\423viiu5lfu
      2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Michael
      2019-01-03 19:01 - 2019-01-03 19:19 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ShopMore
      2019-01-03 19:01 - 2019-01-03 19:07 - 000002964 __RSH C:\ProgramData\ntuser.pol
      2019-01-03 19:01 - 2019-01-03 19:01 - 000493800 _____ (VideoDriver) C:\Windows\D04DE5140B2D.sys
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Python
      2019-01-03 19:00 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ezc3lfxnx4j
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ C:\Users\ВЕС\AppData\Local\wbem.ini
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{AC10FE2E-1A46-0496-3E07-15883EE04CD9}
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{59403C6F-D807-F1C6-7FC5-457D7F221C2C}
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\Users\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\NYBMYXMIG-DECRYPT.txt
      2019-01-03 18:57 - 2019-01-03 18:57 - 000000000 ____H C:\d85105b2d85102533b.lock
      2019-01-03 18:56 - 2019-01-03 18:56 - 000000000 ____D C:\ProgramData\HCRGWPOIZH4OHCKX91M2
      2019-01-03 18:56 - 2015-08-03 08:53 - 000384000 _____ (SafeIP) C:\Windows\system32\SafeIPs.dll
      2019-01-03 18:55 - 2019-01-03 20:05 - 000000000 ____D C:\Program Files\KMSPico 10.2.1 Final
      2019-01-03 18:53 - 2018-12-10 23:04 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2019-01-03 18:48 - 2019-01-03 18:48 - 001259736 _____ (Plarium) C:\Users\ВЕС\Downloads\PlariumPlaySetup (1).exe
      2019-01-03 18:46 - 2019-01-03 18:46 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Package Cache
      2019-01-03 18:45 - 2019-01-03 19:03 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Mozilla
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\K-Meleon
      2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Local\K-Meleon
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Plarium
      2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\CEF
      2019-01-03 18:39 - 2019-01-03 18:39 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Google
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2019-01-03 18:38 - 2019-01-03 19:53 - 000002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2019-01-03 18:37 - 2019-01-03 19:02 - 000000000 ____D C:\Program Files\Google
      2019-01-03 18:37 - 2019-01-03 19:00 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Google
      2019-01-03 18:37 - 2019-01-03 18:37 - 000057560 _____ C:\Users\ВЕС\AppData\Local\GDIPFONTCACHEV1.DAT
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Deployment
      2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Apps\2.0
      2019-01-03 18:36 - 2014-05-14 17:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2019-01-03 18:36 - 2014-05-14 17:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2019-01-03 18:36 - 2014-05-14 17:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2019-01-03 18:36 - 2014-05-14 17:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2019-01-03 18:36 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2019-01-03 18:36 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2019-01-03 18:33 - 2019-01-03 19:53 - 000001335 _____ C:\Users\ВЕС\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2019-01-03 18:33 - 2019-01-03 19:09 - 000000000 ____D C:\Users\ВЕС
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000020 ___SH C:\Users\ВЕС\ntuser.ini
      2019-01-03 18:33 - 2019-01-03 18:33 - 000000000 ____D C:\Users\ВЕС\AppData\Local\VirtualStore
      2019-01-03 18:33 - 2010-11-21 01:46 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Media Center Programs
      2019-01-03 16:27 - 2019-01-03 16:27 - 000000000 ____D C:\My Drivers
      2018-12-30 08:50 - 2018-12-30 08:50 - 005183296 _____ (Marcin Szeniak ) C:\Users\ВЕС\Downloads\BCUninstaller_4.12.1_setup.exe
      2018-12-29 13:35 - 2018-12-29 13:35 - 000000000 ____D C:\SWSetup
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-01-04 03:15 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2019-01-04 03:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep
      2019-01-04 03:12 - 2010-11-21 01:46 - 000000000 ____D C:\Windows\CSC
      2019-01-04 03:10 - 2009-07-14 05:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
      2019-01-03 20:30 - 2010-11-20 22:01 - 000713888 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-01-03 20:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
      2019-01-03 20:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 20:17 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-01-03 19:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\GroupPolicy
      2019-01-03 18:57 - 2018-08-11 19:54 - 000000000 ____D C:\Intel
      2019-01-03 18:57 - 2017-10-21 13:53 - 000000000 ____D C:\LFS
      2019-01-03 18:57 - 2017-09-25 20:50 - 000000000 ___RD C:\BECKO-PC
      2019-01-03 18:57 - 2017-04-14 15:10 - 000036892 ____H C:\iCS Source.suo.nybmyxmig
      2019-01-03 18:33 - 2009-07-14 05:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-01-03 18:31 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries
      2019-01-03 17:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
      2019-01-03 15:34 - 2018-08-11 14:17 - 000000000 ____D C:\Users\ВЕС\Downloads\k-meleon
      2019-01-01 13:09 - 2018-09-02 13:32 - 000000000 ____D C:\Users\ВЕС\Documents\TalkHelper
      ==================== Files in the root of some directories =======
      1601-01-03 21:26 - 1601-01-03 21:26 - 000186368 ____N (Microsoft Corporation) C:\Users\ВЕС\AppData\Local\aIQEonJ.exe
      2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ () C:\Users\ВЕС\AppData\Local\dump007.dat
      2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ () C:\Users\ВЕС\AppData\Local\installer.dat
      2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ () C:\Users\ВЕС\AppData\Local\wbem.ini
      Some files in TEMP:
      ====================
      2019-01-03 18:56 - 2019-01-03 18:56 - 000710464 _____ () C:\Users\ВЕС\AppData\Local\Temp\3.exe
      2019-01-03 19:00 - 2019-01-03 19:00 - 001312696 _____ (                                                            ) C:\Users\ВЕС\AppData\Local\Temp\fastdatax.exe
      2019-01-03 19:09 - 2019-01-03 20:19 - 000000000 ____D () C:\Users\ВЕС\AppData\Local\Temp\IEShims.dll
      2019-01-03 19:00 - 2019-01-03 19:00 - 003520512 _____ () C:\Users\ВЕС\AppData\Local\Temp\installer_mi.exe
      2019-01-03 18:56 - 2019-01-03 18:56 - 002715792 _____ (SafeIP, LLC.                                                ) C:\Users\ВЕС\AppData\Local\Temp\update.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-01-04 03:11
      ==================== End of FRST.txt ===========================
      Addition.txt

    • от Шабан Талипов
      Някой може ли дами помогне, тази грешка забранява достъпа на обновление на windows-a и не позволява включването на защитната стена. Пробвах с антивирусна програма bitdefender без успех
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.