Премини към съдържанието

Препоръчан отговор


Здравейте .. Днес докато бях на лаптопа . Ми излезе прозорец  acnom.exe - Application error 

The application was unable to start correctly (0xc0000142).Click OK to close the application ...    след като ми излезе го затворих и не обърнах внимание... по късно ми се наложи да отворя Notepad ... и като го отворя се затваря сам след секунда... същото със Paint ... 2те неща имат ли връзка ... също и процесора почна да заглява повече  ? Погледнах в нета и там изтеглих някаква програма iExplore(тази) ... Та оправи това с затварянето на NotePad  и Paint ...  и ме е страх да рестартирам лаптопа или да си включа телефона през USB-то ...  незнам какво ще последва . Това всъщност някаква програма ли е ? Или някакв вирус ... Странна работа :no-no::ohmy:

IMG_20170610_212206.jpg

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-06-2017
Ran by Alex (administrator) on ALEX-PC (10-06-2017 22:08:30)
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo) C:\Users\Alex\AppData\Local\Apps\2.0\4MHXETT2.GXM\3XKNGPCD.ZN9\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\SysData\control.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
() C:\SysData\acnom.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6851288 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\Run: [Registry Driver] => C:\Windows\registration\regdrv.exe [2882560 2017-06-10] ()
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\MountPoints2: {1c906f89-8672-11e6-ac12-001e37d0f238} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\MountPoints2: {5be227d3-cace-11e6-b9d6-001e37d0f238} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-668039837-2378809781-489334385-1001\...\MountPoints2: {9e625f31-8339-11e6-ab64-001e37d0f238} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2017-04-02] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{E56D20B9-0C0F-44E2-A995-E2403EDBBA2C}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F10BE1E1-714E-4F64-8DE0-7188217C427E}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKU\S-1-5-21-668039837-2378809781-489334385-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  No File

FireFox:
========
FF DefaultProfile: 4jwz8oph.default
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\4jwz8oph.default [2017-05-30]
FF Extension: (Firefox All Aboard 1.6) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\4jwz8oph.default\Extensions\@all-aboard-v1-6 [2017-03-26]
FF Extension: (Site Deployment Checker) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\4jwz8oph.default\features\{5e11a0df-ac6f-4493-8184-b3e953c4a1ea}\deployment-checker@mozilla.org.xpi [2017-03-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2017-06-10]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (AliExpress Tools) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2017-04-28]
CHR Extension: (Until AM for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2016-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [694360 2016-10-17] (Lenovo.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2016-05-25] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-07-06] (REALiX(tm))
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2016-07-06] (Intel Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-09-02] (Duplex Secure Ltd.)
U3 agrizx55; C:\Windows\system32\Drivers\agrizx55.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2016-05-25] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Addition.txt

Едвам успях да копирам нещата който пише... все пак като отворя notepad ми се затваря почти веднага :(  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Логът отново не е целият. Моля, направете нови логове и ги прикачете без да ги отваряте!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 10 минути, Stoyannnov написа:

Логът отново не е целият. Моля направете нови логове и ги прикачете без да ги отваряте!

Сега ок ли е ? Не съм отварял нищо :)

FRST.txt 

Addition.txt

Редактирано от crashgold (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не е ок. Друг вариант ще пробваме.

 

Стъпка 1

Изтеглете: gOxqojg.pngRkill.

  • Запазете файла на вашия десктоп.
  • Стартирайте файла като администратор. Десен бутон => Стартирай като администратор(Run as Administrator).
  • След като приключи работа, програмата ще отвори лог.
  • Прикачете лога към следващия Ви коментар. 

 

Стъпка 2

Изтеглете: 8864097u.png ADWCleaner.

  • Затворете всички браузъри и стартирайте AdwCleaner.exe.
  • Натиснете бутона SCAN.
  • След като приключи проверката натиснете бутона CLEAN.
  • Програмата ще затвори излишния софтуер и ще започне почистването.
  • След като приключи почистването ADWCleaner ще поиска рестарт. Съгласете се.
  • След зареждането на системата отидете до: C:\AdwCleaner и потърсете лог файл с името AdwCleaner[C0].txt.
  • Публикувайте съдържанието на "AdwCleaner[C0]" в следващия Ви коментар.

 

Стъпка 3

Изтеглете: 27GTdjx.png JRT.

  • Запазете файла на вашия десктоп.
  • Затворете всички браузъри.
  • Стартирайте JRT.exe.
  • След като се появи съобщението "Press any key to continue . . .". Натиснете което и да е копче от клавиатурата.
  • Програмата ще започне почистването. Не прекъсвайте работата и, и не използвайте системата докато протича почистването.
  • След като приключи почистването ще се отвори лог файл, който се намира на десктопа с име JRT.txt.
  • Копирайте съдържанието му и го поставете към следващия Ви коментар.

 

Стъпка 4

  • Направете нови логове с FRST и ги прикачете към следващия Ви коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 21 минути, Stoyannnov написа:

Не е ок. Друг вариант ще пробваме.

 

Стъпка 1

Изтеглете: gOxqojg.pngRkill.

  • Запазете файла на вашия десктоп.
  • Стартирайте файла като администратор. Десен бутон => Стартирай като администратор(Run as Administrator).
  • След като приключи работа, програмата ще отвори лог.
  • Прикачете лога към следващия Ви коментар. 

 

Стъпка 2

Изтеглете: 8864097u.png ADWCleaner.

  • Затворете всички браузъри и стартирайте AdwCleaner.exe.
  • Натиснете бутона SCAN.
  • След като приключи проверката натиснете бутона CLEAN.
  • Програмата ще затвори излишния софтуер и ще започне почистването.
  • След като приключи почистването ADWCleaner ще поиска рестарт. Съгласете се.
  • След зареждането на системата отидете до: C:\AdwCleaner и потърсете лог файл с името AdwCleaner[C0].txt.
  • Публикувайте съдържанието на "AdwCleaner[C0]" в следващия Ви коментар.

 

Стъпка 3

Изтеглете: 27GTdjx.png JRT.

  • Запазете файла на вашия десктоп.
  • Затворете всички браузъри.
  • Стартирайте JRT.exe.
  • След като се появи съобщението "Press any key to continue . . .". Натиснете което и да е копче от клавиатурата.
  • Програмата ще започне почистването. Не прекъсвайте работата и, и не използвайте системата докато протича почистването.
  • След като приключи почистването ще се отвори лог файл, който се намира на десктопа с име JRT.txt.
  • Копирайте съдържанието му и го поставете към следващия Ви коментар.

 

Стъпка 4

  • Направете нови логове с FRST и ги прикачете към следващия Ви коментар.

3тата стъпка неуспях да я изпълня ,защото когато го отворя ... ми изписва нали да натисна някое копче ... натискам .. и се затваря това черното прозорче подобно на Notepada-а ... след секуна се затваря само 

Addition.txt

FRST.txt

Rkill.txt

AdwCleaner[C0].txt

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Разбира се .. :) 

Както кажете така ще бъде :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Архивирайте следните файлове/папки:

Цитат

C:\Windows\registration\regdrv.exe

C:\Windows\inst.exe

C:\SysData

Забележка: Някои от тях може да са скрити!

  • Създайте 3 архива, като им сложите ЗАДЪЛЖИТЕЛНО парола: infected.
  • Качете 3-те архива в http://dox.abv.bg/files/sharenof и ми дайте линкове за изтегляне на лично съобщение!

 

Стъпка 2

Изтеглете файла fixlist и го запазете на вашия десктоп.

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt, който се намира на десктопа Ви.

Забележка: Текущия фикс да не се използва на други системи!

 

Стъпка 3

Изтеглете: MKLLMRQ.png Malwarebytes Anti-Malware.

  • Стартирайте инсталационния файл и следвайте съветника за инсталация.
  • Преди края на инсталацията премахнете отметката от: "Enable free trial of Malwarebytes Anti-Malware Premium" и се уверете че има отметка пред "Launch Malwarebytes Anti-Malware".
  • Отидете до табът Settings => Detection and Protection => сложете отметка на "Scan for rootkits".
  • Отидете до табът Dashboard => натиснете бутона "SCAN NOW".
  • Програмата автоматично ще провери за актуализации и ще започне сканирането.

Забележка: Ако видите съобщението "Could not load DDA driver" натиснете бутона "YES". След което разрешете на системата да се рестартира.

  • След като проверката приключи натиснете бутона "Remove Selected".
  • Системата ще поиска рестарт, съгласете се.
  • След като системата зареди MBAB ще зареди.
  • Отидете до табът History => Applications Logs.
  • Потърсете лог с име "SCAN LOG" с последната дата и час и натиснете върху него.
  • Натиснете бутона EXPORT => Copy to Clipboard.
  • Поставете съдържанието на лога с клавишната комбинация CTRL+V към следващия Ви коментар.

 

Стъпка 4

Изтеглете: QlYrtp7.jpg HitmanPro.

  • Запазете файла на вашия десктоп.
  • Стартирайте програмата.

Забележка: Програмата ще се актуализира, след актуализацията HitmanPro ще се рестартира.

  • Натиснете бутона "Напред".
  • Сложете отметка на лицензионното споразумение и натиснете отново бутона "Напред".
  • Кликнете върху "Не, искам да извърша еднократно сканиране на компютъра" и натиснете бутона "Напред".
  • Програмата ще започне да сканира. Сканирането ще отнеме ~2 минути.
  • След като сканирането приключи от списъка с намерените обекти(ако има такива) изберете Apply to all => Ignore.
  • Натиснете бутона "Next" и след това бутона "Изнеси резултатите от сканирането в XML файл" и запазете лог файла на десктопа.
  • Отворете лог файла, копирайте съдържанието му и го поставете в следващия Ви коментар.

Забележка: Ако от падащото меню няма Ignore тогава просто затворете програмата след края на проверката без да премахвате нищо!

От My Computer => Tools => Folder Options => View => Сложете отметка пред "Show hidden files, folders and drives".
Натиснете Apply.

Влезте в C:\Programdata\HitmanPro\Logs прикачете лога към следващия Ви коментар.

 

Стъпка 5

Изтеглете: jFsdnZn.png Emsissoft Emergency Kit

  • Стартирайте файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
  • Стартирайте файла Start Emsisoft Emergency Kit от десктопа за да стартирате програмата.
  • Натиснете бутона "Yes", когато бъдете подканени да обновите дефинициите на програмата.
  • След като обновяването на дефинициите приключи натиснете бутона "Scan".
  • Програмата ще Ви попита дали искате да включите засичането на Potentially Unwanted Applications,  натиснете бутона "Yes".
  • Натиснете бутона "Custom Scan". Премахнете от списъка оставете само дял C:\.
  • Натиснете "Next" за да започне проверката.
  • Когато проверката приключи натиснете бутона "View Report".
  • Копирайте съдържанието на лог файла в следващия Ви коментар.

 

 

 

П.С. Утре сутринта ще прегледам логовете, които сте качили, че много ми се спи.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 48 минути, Stoyannnov написа:

Стъпка 1

Архивирайте следните файлове/папки:

Забележка: Някои от тях може да са скрити!

  • Създайте 3 архива, като им сложите ЗАДЪЛЖИТЕЛНО парола: infected.
  • Качете 3-те архива в http://dox.abv.bg/files/sharenof и ми дайте линкове за изтегляне на лично съобщение!

 

Стъпка 2

Изтеглете файла fixlist и го запазете на вашия десктоп.

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt, който се намира на десктопа Ви.

Забележка: Текущия фикс да не се използва на други системи!

 

Стъпка 3

Изтеглете: MKLLMRQ.png Malwarebytes Anti-Malware.

  • Стартирайте инсталационния файл и следвайте съветника за инсталация.
  • Преди края на инсталацията премахнете отметката от: "Enable free trial of Malwarebytes Anti-Malware Premium" и се уверете че има отметка пред "Launch Malwarebytes Anti-Malware".
  • Отидете до табът Settings => Detection and Protection => сложете отметка на "Scan for rootkits".
  • Отидете до табът Dashboard => натиснете бутона "SCAN NOW".
  • Програмата автоматично ще провери за актуализации и ще започне сканирането.

Забележка: Ако видите съобщението "Could not load DDA driver" натиснете бутона "YES". След което разрешете на системата да се рестартира.

  • След като проверката приключи натиснете бутона "Remove Selected".
  • Системата ще поиска рестарт, съгласете се.
  • След като системата зареди MBAB ще зареди.
  • Отидете до табът History => Applications Logs.
  • Потърсете лог с име "SCAN LOG" с последната дата и час и натиснете върху него.
  • Натиснете бутона EXPORT => Copy to Clipboard.
  • Поставете съдържанието на лога с клавишната комбинация CTRL+V към следващия Ви коментар.

 

Стъпка 4

Изтеглете: QlYrtp7.jpg HitmanPro.

  • Запазете файла на вашия десктоп.
  • Стартирайте програмата.

Забележка: Програмата ще се актуализира, след актуализацията HitmanPro ще се рестартира.

  • Натиснете бутона "Напред".
  • Сложете отметка на лицензионното споразумение и натиснете отново бутона "Напред".
  • Кликнете върху "Не, искам да извърша еднократно сканиране на компютъра" и натиснете бутона "Напред".
  • Програмата ще започне да сканира. Сканирането ще отнеме ~2 минути.
  • След като сканирането приключи от списъка с намерените обекти(ако има такива) изберете Apply to all => Ignore.
  • Натиснете бутона "Next" и след това бутона "Изнеси резултатите от сканирането в XML файл" и запазете лог файла на десктопа.
  • Отворете лог файла, копирайте съдържанието му и го поставете в следващия Ви коментар.

Забележка: Ако от падащото меню няма Ignore тогава просто затворете програмата след края на проверката без да премахвате нищо!

От My Computer => Tools => Folder Options => View => Сложете отметка пред "Show hidden files, folders and drives".
Натиснете Apply.

Влезте в C:\Programdata\HitmanPro\Logs прикачете лога към следващия Ви коментар.

 

Стъпка 5

Изтеглете: jFsdnZn.png Emsissoft Emergency Kit

  • Стартирайте файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
  • Стартирайте файла Start Emsisoft Emergency Kit от десктопа за да стартирате програмата.
  • Натиснете бутона "Yes", когато бъдете подканени да обновите дефинициите на програмата.
  • След като обновяването на дефинициите приключи натиснете бутона "Scan".
  • Програмата ще Ви попита дали искате да включите засичането на Potentially Unwanted Applications,  натиснете бутона "Yes".
  • Натиснете бутона "Custom Scan". Премахнете от списъка оставете само дял C:\.
  • Натиснете "Next" за да започне проверката.
  • Когато проверката приключи натиснете бутона "View Report".
  • Копирайте съдържанието на лог файла в следващия Ви коментар.

 

 

 

П.С. Утре сутринта ще прегледам логовете, които сте качили, че много ми се спи.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.6.2017 г.
Scan Time: 23:34 ч.
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.06.10.06
Rootkit Database: v2017.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Alex

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 224181
Time Elapsed: 12 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.FusionCore, C:\$Recycle.Bin\S-1-5-21-668039837-2378809781-489334385-1001\$R3YUPKF.exe, Quarantined, [404ebe7f3574bd794d66d51f629e6c94], 

Physical Sectors: 0
(No malicious items detected)


(end)

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

HitmanPro 3.7.20.286
www.hitmanpro.com
	   Computer name . . . . : ALEX-PC
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : Alex-PC\Alex
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free
	   Scan date . . . . . . : 2017-06-10 23:52:04
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 11s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
	   Threats . . . . . . . : 6
   Traces  . . . . . . . : 8
	   Objects scanned . . . : 571 114
   Files scanned . . . . : 11 820
   Remnants scanned  . . : 110 069 files / 449 225 keys
	Miniport ____________________________________________________________________
	   Primary
      DriverObject . . . : 85969030
      DriverName . . . . : \Driver\atapi
      DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys
      StartIo  . . . . . : 00000000 +0
      IRP_MJ_SCSI  . . . : 84C201F8 +0
   Solution
      DriverObject . . . : 85969030
      DriverName . . . . : \Driver\atapi
      DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys
      StartIo  . . . . . : 00000000 +0
      IRP_MJ_SCSI  . . . : 894CD44E \SystemRoot\system32\drivers\ataport.SYS+25678
	Malware _____________________________________________________________________
	   C:\FRST\Quarantine\C\SysData\acnom.exe
      Size . . . . . . . : 1 490 432 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:08:12)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 7374051E75AE97BA687CD153927FACCD21FCDCC0B41A42867D38AC62064F6ABA
    > Bitdefender  . . . : Trojan.Generic.19781622
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.BitCoinMiner.hzkc
    > HitmanPro  . . . . : Mal/Miner-C
      Fuzzy  . . . . . . : 116.0
      Forensic Cluster
         -39.4s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -22.5s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -21.2s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -21.2s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -20.8s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
         -20.8s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         -10.6s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         -9.2s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         -8.1s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         -6.7s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         -6.4s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         -3.5s C:\FRST\Quarantine\C\SysData\
         -3.5s C:\FRST\Quarantine\C\SysData\kill.exe
         -3.5s C:\FRST\Quarantine\C\SysData\install.exe
         -3.3s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
         -0.1s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
         -0.1s C:\FRST\Quarantine\C\SysData\control.exe
         -0.1s C:\FRST\Quarantine\C\SysData\acnon.exe
          0.0s C:\FRST\Quarantine\C\SysData\acnom.exe
          0.1s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
          3.0s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         10.1s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         12.7s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         20.7s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	   C:\FRST\Quarantine\C\SysData\acnon.exe
      Size . . . . . . . : 2 574 336 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:08:12)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : F687CDA3D24EEE4D4A4F495BE268439EE8A9C76A5D5532D024814DBC8D8A3E1A
    > Bitdefender  . . . : Trojan.GenericKD.4948405
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
    > HitmanPro  . . . . : Mal/Generic-S
      Fuzzy  . . . . . . : 116.0
      Forensic Cluster
         -39.4s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -22.4s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -21.2s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -21.2s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -20.7s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
         -20.7s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         -10.5s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         -9.2s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         -8.0s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         -6.7s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         -6.4s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         -3.5s C:\FRST\Quarantine\C\SysData\
         -3.4s C:\FRST\Quarantine\C\SysData\kill.exe
         -3.4s C:\FRST\Quarantine\C\SysData\install.exe
         -3.2s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
         -0.1s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
         -0.0s C:\FRST\Quarantine\C\SysData\control.exe
          0.0s C:\FRST\Quarantine\C\SysData\acnon.exe
          0.1s C:\FRST\Quarantine\C\SysData\acnom.exe
          0.2s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
          3.1s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         10.2s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         12.7s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         20.8s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	   C:\FRST\Quarantine\C\SysData\control.exe
      Size . . . . . . . : 97 280 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:08:12)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 0011B2FAF04AEDD7105DFD595FA719ECD4A465E32BB9F4D05F5228EE1F1B572E
    > Bitdefender  . . . : Trojan.Generic.21297371
    > Kaspersky  . . . . : HEUR:Trojan.Win32.AntiAV
    > HitmanPro  . . . . : Mal/Generic-S
      Fuzzy  . . . . . . : 115.0
      Forensic Cluster
         -39.4s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -22.4s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -21.2s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -21.2s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -20.7s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
         -20.7s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         -10.5s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         -9.2s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         -8.0s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         -6.7s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         -6.4s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         -3.5s C:\FRST\Quarantine\C\SysData\
         -3.4s C:\FRST\Quarantine\C\SysData\kill.exe
         -3.4s C:\FRST\Quarantine\C\SysData\install.exe
         -3.2s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
         -0.1s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
          0.0s C:\FRST\Quarantine\C\SysData\control.exe
          0.0s C:\FRST\Quarantine\C\SysData\acnon.exe
          0.1s C:\FRST\Quarantine\C\SysData\acnom.exe
          0.2s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
          3.1s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         10.2s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         12.7s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         20.8s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	   C:\FRST\Quarantine\C\SysData\install.exe
      Size . . . . . . . : 4 249 883 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:08:08)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : DA0253F680D5FDDC7C927671F830DE84D0B04C4528D2BBE72DEEAEAD26292B3C
    > Bitdefender  . . . : Trojan.Generic.19781622
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.BitCoinMiner.hzkc
      Fuzzy  . . . . . . : 111.0
      Forensic Cluster
         -35.9s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -19.0s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -17.7s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -17.7s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -17.3s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
         -17.3s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         -7.1s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         -5.7s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         -4.6s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         -3.2s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         -2.9s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         -0.0s C:\FRST\Quarantine\C\SysData\
         -0.0s C:\FRST\Quarantine\C\SysData\kill.exe
          0.0s C:\FRST\Quarantine\C\SysData\install.exe
          0.2s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
          3.4s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
          3.4s C:\FRST\Quarantine\C\SysData\control.exe
          3.4s C:\FRST\Quarantine\C\SysData\acnon.exe
          3.5s C:\FRST\Quarantine\C\SysData\acnom.exe
          3.6s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
          6.5s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         13.6s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         16.2s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         24.2s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	   C:\FRST\Quarantine\C\SysData\kill.exe
      Size . . . . . . . : 400 896 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:08:08)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 992D091EDF1591D4F629BAD3FEAB0213AF3EB04A356C29758A8C3B4612565307
    > Bitdefender  . . . : Trojan.GenericKD.4944206
    > Kaspersky  . . . . : not-a-virus:HEUR:AdWare.Win32.Generic
    > HitmanPro  . . . . : App/Generic-KE
      Fuzzy  . . . . . . : 108.0
      Forensic Cluster
         -35.9s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -19.0s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -17.7s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -17.7s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -17.3s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
         -17.2s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         -7.1s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         -5.7s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         -4.6s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         -3.2s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         -2.9s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         -0.0s C:\FRST\Quarantine\C\SysData\
          0.0s C:\FRST\Quarantine\C\SysData\kill.exe
          0.0s C:\FRST\Quarantine\C\SysData\install.exe
          0.2s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
          3.4s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
          3.4s C:\FRST\Quarantine\C\SysData\control.exe
          3.4s C:\FRST\Quarantine\C\SysData\acnon.exe
          3.5s C:\FRST\Quarantine\C\SysData\acnom.exe
          3.6s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
          6.5s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         13.6s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         16.2s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         24.2s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	   C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
      Size . . . . . . . : 2 882 560 bytes
      Age  . . . . . . . : 0.4 days (2017-06-10 15:07:51)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 3BBB752EAB10F117C21B2DE3D2C954188E9069A532EF8721DB21613BA0A576B0
    > Bitdefender  . . . : Trojan.GenericKD.4965748
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
    > HitmanPro  . . . . : Mal/Generic-S
      Fuzzy  . . . . . . : 121.0
      Forensic Cluster
         -18.7s C:\Windows\Prefetch\NEW.EXE-F4502095.pf
         -1.7s C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
         -0.5s C:\Windows\Prefetch\NET1.EXE-849DA590.pf
         -0.5s C:\Windows\Prefetch\NET.EXE-DF44F913.pf
         -0.0s C:\Windows\Prefetch\SC.EXE-945D79AE.pf
          0.0s C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe
         10.2s C:\Windows\Prefetch\REGDRV.EXE-BA3E6977.pf
         11.5s C:\FRST\Quarantine\C\Windows\System32\Tasks\RegUpdate.xBAD
         12.7s C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
         14.0s C:\FRST\Quarantine\C\Windows\Registration\reg.cnf
         14.3s C:\FRST\Quarantine\C\Windows\inst.exe.xBAD
         17.2s C:\FRST\Quarantine\C\SysData\
         17.2s C:\FRST\Quarantine\C\SysData\kill.exe
         17.3s C:\FRST\Quarantine\C\SysData\install.exe
         17.4s C:\Windows\Prefetch\INST.EXE-67B10D50.pf
         20.6s C:\Windows\Prefetch\KILL.EXE-910AD0DC.pf
         20.7s C:\FRST\Quarantine\C\SysData\control.exe
         20.7s C:\FRST\Quarantine\C\SysData\acnon.exe
         20.8s C:\FRST\Quarantine\C\SysData\acnom.exe
         20.9s C:\Windows\Prefetch\INSTALL.EXE-49F7FADB.pf
         23.8s C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf
         30.9s C:\Windows\Prefetch\CONTROL.EXE-2196A7BD.pf
         33.4s C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
         41.5s C:\Windows\Prefetch\ACNOM.EXE-0D59A89E.pf
	
Suspicious files ____________________________________________________________
	   C:\Users\Alex\Downloads\FRST.exe
      Size . . . . . . . : 1 776 640 bytes
      Age  . . . . . . . : 0.1 days (2017-06-10 22:04:45)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3490836F2F9267DBB31730D80904185ED995CE1C241661272795E3A09545E756
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
	
Cookies _____________________________________________________________________
	   C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com


 

Emsisoft Emergency Kit - Version 2017.4
Last update: 11.6.2017 г. 00:11:15
User account: Alex-PC\Alex
Computer name: ALEX-PC
OS version: Windows 7x86 Service Pack 1

Scan settings:

Scan type: Custom Scan
Objects: Rootkits, Memory, Traces, C:\

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start:    11.6.2017 г. 00:12:36
C:\Program Files\GameSpy Arcade\     detected: Adware.Win32.Gaspacade (A) [221680]
Key: HKEY_USERS\S-1-5-21-668039837-2378809781-489334385-1001\SOFTWARE\GAMESPY\GAMESPY ARCADE     detected: Adware.Win32.Gaspacade (A) [250601]
Key: HKEY_LOCAL_MACHINE\SOFTWARE\GAMESPY\GAMESPY ARCADE     detected: Adware.Win32.Gaspacade (A) [250602]
C:\FRST\Quarantine\C\SysData\install.exe -> (RAR Sfx o) -> [Comment] -> (unicode)     detected: Trojan.ScriptKD.4307 (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\install.exe -> (RAR Sfx o) -> control.exe     detected: Trojan.Agent.CGTQ (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\install.exe -> (RAR Sfx o) -> acnon.exe     detected: Trojan.Generic.21260223 (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\install.exe -> (RAR Sfx o) -> acnom.exe     detected: Trojan.Generic.19781622 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> [Comment] -> (unicode)     detected: Trojan.ScriptKD.4274 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> kill.exe     detected: Trojan.GenericKD.4944206 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> install.exe -> (RAR Sfx o) -> [Comment] -> (unicode)     detected: Trojan.ScriptKD.4307 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> install.exe -> (RAR Sfx o) -> control.exe     detected: Trojan.Agent.CGTQ (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> install.exe -> (RAR Sfx o) -> acnon.exe     detected: Trojan.Generic.21260223 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\inst.exe.xBAD -> (RAR Sfx o) -> install.exe -> (RAR Sfx o) -> acnom.exe     detected: Trojan.Generic.19781622 (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\control.exe     detected: Trojan.Agent.CGTQ (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\acnom.exe     detected: Trojan.Generic.19781622 (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\kill.exe     detected: Trojan.GenericKD.4944206 (B) [krnl.xmd]
C:\FRST\Quarantine\C\SysData\acnon.exe     detected: Trojan.Generic.21260223 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Users\Alex\AppData\Roaming\new.exe.xBAD     detected: Trojan.GenericKD.4965748 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Users\Alex\AppData\Roaming\regdrv.exe.xBAD     detected: Worm.Generic.901198 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Users\Alex\AppData\Local\Temp\regdrv.exe.xBAD     detected: Trojan.GenericKD.4965748 (B) [krnl.xmd]
C:\FRST\Quarantine\C\Windows\Registration\regdrv.exe     detected: Trojan.GenericKD.4965748 (B) [krnl.xmd]
C:\Users\Alex\Desktop\Music\krafteers.apk -> com/adwhirl/assets/ad_frame.gif     detected: Android.Adware.Yekrand.GM (B) [krnl.xmd]

Scanned    140366
Found    22

Scan end:    11.6.2017 г. 00:31:08
Scan time:    0:18:32
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете: P6YS34D.png Delfix.

  • Стартирайте Delfix.exе.
  • По подразбиране трябва да има 2 отметки на "Remove disinfection tools" и "Purge system restore ". Ако липсват, ги сложете.
  • Натиснете бутона "Run". 
  • Инструмента ще се самоизтрие след като приключи своята задача.
  • Прикачете лог файла от Delfix.

 

Предполагам, че вече не излиза прозореца, прав ли съм?

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 часа, Stoyannnov написа:

Изтеглете: P6YS34D.png Delfix.

  • Стартирайте Delfix.exе.
  • По подразбиране трябва да има 2 отметки на "Remove disinfection tools" и "Purge system restore ". Ако липсват, ги сложете.
  • Натиснете бутона "Run". 
  • Инструмента ще се самоизтрие след като приключи своята задача.
  • Прикачете лог файла от Delfix.

 

Предполагам, че вече не излиза прозореца, прав ли съм?

Да не се е появявал .. .. Всъщност мисля че се оправило ... та готово ли е ? 

DelFix.txt

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 1 час, Stoyannnov написа:

Да. Системата вече е чиста. Ако нямате въпроси ще маркирам темата като решена.

Много Ви БЛАГОДАРЯ за отделеното време :):) .. 

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от rvp
      здравейте,
       
      Проблема е че след рестарт или изключване процесът отива на 100% и трябва да го спирам ръчно. ето логовете:
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
      Ran by kpacko (administrator) on KPACKO-MOBILEPC (07-09-2018 10:02:30)
      Running from C:\Users\kpacko\Desktop
      Loaded Profiles: kpacko (Available Profiles: kpacko)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
      (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
      (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
      (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
      () C:\Users\kpacko\AppData\Roaming\WinRAR\Precomp\precomp.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
      HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
      HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
      HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
      HKU\S-1-5-21-2772379611-2548023608-3356451699-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
      IFEO\LogTransport2.exe: [Debugger] 0
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows.vbs [2018-02-26] ()
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EDC66EE9-FC63-456B-9263-6FA1362BFECA}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{F056F4A9-7DE8-4608-90FE-D6F4B68785AC}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-2772379611-2548023608-3356451699-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
      FireFox:
      ========
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      Chrome: 
      =======
      CHR NewTab: Default ->  Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
      CHR Session Restore: Default -> is enabled.
      CHR Profile: C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default [2018-09-07]
      CHR Extension: (Презентации) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Документи) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Диск) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-15]
      CHR Extension: (Auto Copy) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg [2018-01-11]
      CHR Extension: (YouTube) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-15]
      CHR Extension: (Forecastfox (fix version)) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljdehmejbffnfiiicckjhafabdepnd [2018-08-05]
      CHR Extension: (uBlock Origin) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-08-27]
      CHR Extension: (Таблици) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Google Документи офлайн) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
      CHR Extension: (Speed Dial 2 Нов раздел) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-03-28]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-15]
      CHR Extension: (Chrome Media Router) - C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-07]
      CHR Profile: C:\Users\kpacko\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-26]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
      S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-04-04] ()
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-07-17] (Microsoft Corporation)
      R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-04-04] (Intel® Corporation)
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [54192 2017-07-04] (CrystalIdea Software)
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-09-16] (DT Soft Ltd)
      R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-12-11] (Intel Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2018-03-16] (NVIDIA Corporation)
      U4 AdobeARMservice; no ImagePath
      U3 SwitchBoard; no ImagePath
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-09-07 10:02 - 2018-09-07 10:03 - 000009284 _____ C:\Users\kpacko\Desktop\FRST.txt
      2018-09-07 10:02 - 2018-09-07 10:02 - 000000000 ____D C:\FRST
      2018-09-07 10:01 - 2018-09-07 10:01 - 002413056 _____ (Farbar) C:\Users\kpacko\Desktop\FRST64.exe
      2018-09-06 22:25 - 2018-09-06 13:48 - 000083968 _____ C:\Users\kpacko\Desktop\Working_Schedule_01-10_Sep_Update_4.xls
      2018-09-04 00:43 - 2018-08-03 18:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
      2018-09-04 00:43 - 2018-08-02 06:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2018-09-04 00:43 - 2018-08-02 06:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-09-04 00:43 - 2018-08-02 06:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2018-09-04 00:43 - 2018-08-02 05:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2018-09-04 00:43 - 2018-08-02 05:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2018-09-04 00:43 - 2018-08-02 05:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2018-09-04 00:43 - 2018-08-02 05:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2018-09-04 00:43 - 2018-08-02 05:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2018-09-04 00:43 - 2018-08-02 05:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2018-09-04 00:43 - 2018-08-02 05:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2018-09-04 00:43 - 2018-08-02 05:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2018-09-04 00:43 - 2018-08-02 05:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2018-09-04 00:43 - 2018-08-02 05:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2018-09-04 00:43 - 2018-08-02 05:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2018-09-04 00:43 - 2018-08-02 05:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2018-09-04 00:43 - 2018-08-02 05:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2018-09-04 00:43 - 2018-08-02 05:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-09-04 00:43 - 2018-08-02 05:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2018-09-04 00:43 - 2018-08-02 05:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2018-09-04 00:43 - 2018-08-02 05:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
      2018-09-04 00:43 - 2018-08-02 05:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
      2018-09-04 00:43 - 2018-08-02 05:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
      2018-09-04 00:43 - 2018-08-02 05:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
      2018-09-04 00:43 - 2018-08-02 05:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2018-09-04 00:43 - 2018-08-02 05:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2018-09-04 00:43 - 2018-08-02 05:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2018-09-04 00:43 - 2018-08-02 05:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2018-09-04 00:43 - 2018-08-02 05:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2018-09-04 00:43 - 2018-08-02 05:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2018-09-04 00:43 - 2018-08-02 05:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2018-09-04 00:43 - 2018-08-02 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2018-09-04 00:43 - 2018-08-02 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2018-09-04 00:43 - 2018-07-20 02:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-09-04 00:43 - 2018-07-20 01:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2018-09-04 00:43 - 2018-07-19 07:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2018-09-04 00:43 - 2018-07-19 07:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2018-09-04 00:43 - 2018-07-19 07:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-09-04 00:43 - 2018-07-19 07:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2018-09-04 00:43 - 2018-07-19 07:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-09-04 00:43 - 2018-07-19 07:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-09-04 00:43 - 2018-07-19 07:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-09-04 00:43 - 2018-07-19 07:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2018-09-04 00:43 - 2018-07-19 07:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-09-04 00:43 - 2018-07-19 07:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2018-09-04 00:43 - 2018-07-19 07:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2018-09-04 00:43 - 2018-07-19 07:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-09-04 00:43 - 2018-07-19 07:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2018-09-04 00:43 - 2018-07-19 07:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-09-04 00:43 - 2018-07-19 07:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2018-09-04 00:43 - 2018-07-19 07:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-09-04 00:43 - 2018-07-19 07:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-09-04 00:43 - 2018-07-19 07:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2018-09-04 00:43 - 2018-07-19 07:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2018-09-04 00:43 - 2018-07-19 07:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-09-04 00:43 - 2018-07-19 07:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2018-09-04 00:43 - 2018-07-19 07:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2018-09-04 00:43 - 2018-07-19 07:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2018-09-04 00:43 - 2018-07-19 07:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2018-09-04 00:43 - 2018-07-19 07:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2018-09-04 00:43 - 2018-07-19 07:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-09-04 00:43 - 2018-07-19 07:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2018-09-04 00:43 - 2018-07-19 07:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2018-09-04 00:43 - 2018-07-19 07:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-09-04 00:43 - 2018-07-19 07:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2018-09-04 00:43 - 2018-07-19 06:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-09-04 00:43 - 2018-07-19 06:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2018-09-04 00:43 - 2018-07-19 06:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2018-09-04 00:43 - 2018-07-19 06:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2018-09-04 00:43 - 2018-07-19 06:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2018-09-04 00:43 - 2018-07-19 06:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2018-09-04 00:43 - 2018-07-19 06:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2018-09-04 00:43 - 2018-07-19 06:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2018-09-04 00:43 - 2018-07-19 06:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-09-04 00:43 - 2018-07-19 06:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-09-04 00:43 - 2018-07-19 06:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2018-09-04 00:43 - 2018-07-19 06:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-09-04 00:43 - 2018-07-19 06:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-09-04 00:43 - 2018-07-19 06:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-09-04 00:43 - 2018-07-19 06:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2018-09-04 00:43 - 2018-07-19 06:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2018-09-04 00:43 - 2018-07-19 06:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2018-09-04 00:43 - 2018-07-19 06:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2018-09-04 00:43 - 2018-07-19 06:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2018-09-04 00:43 - 2018-07-19 06:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2018-09-04 00:43 - 2018-07-19 06:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2018-09-04 00:43 - 2018-07-19 06:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2018-09-04 00:43 - 2018-07-19 06:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2018-09-04 00:43 - 2018-07-19 06:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-09-04 00:43 - 2018-07-19 06:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2018-09-04 00:43 - 2018-07-19 06:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2018-09-04 00:43 - 2018-07-19 06:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2018-09-04 00:43 - 2018-07-19 06:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2018-09-04 00:43 - 2018-07-19 06:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2018-09-04 00:43 - 2018-07-19 06:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-09-04 00:43 - 2018-07-19 06:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2018-09-04 00:43 - 2018-07-19 06:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-09-04 00:43 - 2018-07-19 06:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2018-09-04 00:43 - 2018-07-19 06:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2018-09-04 00:43 - 2018-07-13 22:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-09-04 00:43 - 2018-07-13 22:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
      2018-09-04 00:43 - 2018-07-13 22:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2018-09-04 00:43 - 2018-07-08 19:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-09-04 00:43 - 2018-07-08 19:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
      2018-09-04 00:43 - 2018-07-08 19:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
      2018-09-04 00:43 - 2018-07-08 18:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2018-09-04 00:43 - 2018-07-08 18:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
      2018-09-04 00:43 - 2018-07-06 19:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
      2018-09-04 00:43 - 2018-07-06 19:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
      2018-09-04 00:43 - 2018-07-06 18:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
      2018-09-04 00:43 - 2018-06-29 18:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
      2018-09-04 00:43 - 2018-06-29 18:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
      2018-09-04 00:43 - 2018-06-29 18:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
      2018-09-04 00:43 - 2018-06-29 18:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
      2018-09-04 00:43 - 2018-06-29 18:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
      2018-09-04 00:43 - 2018-06-29 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
      2018-09-04 00:43 - 2018-06-27 19:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2018-09-04 00:43 - 2018-06-27 18:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
      2018-09-04 00:43 - 2018-06-27 18:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
      2018-09-04 00:43 - 2018-06-27 18:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2018-09-04 00:43 - 2018-06-27 18:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-09-04 00:43 - 2018-06-27 18:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
      2018-09-04 00:43 - 2018-06-27 18:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
      2018-09-04 00:43 - 2018-06-27 18:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
      2018-09-04 00:43 - 2018-06-27 18:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2018-09-04 00:43 - 2018-06-27 18:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
      2018-09-04 00:43 - 2018-06-27 18:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
      2018-09-04 00:43 - 2018-06-16 08:11 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
      2018-09-04 00:43 - 2018-06-13 19:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-09-04 00:43 - 2018-06-13 19:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2018-09-04 00:43 - 2018-06-13 18:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2018-09-04 00:43 - 2018-06-13 18:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
      2018-09-04 00:43 - 2018-06-08 19:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
      2018-09-04 00:43 - 2018-06-08 19:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-09-04 00:43 - 2018-06-08 19:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
      2018-09-04 00:43 - 2018-06-08 19:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
      2018-09-04 00:43 - 2018-06-08 19:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2018-09-04 00:43 - 2018-06-08 18:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2018-09-04 00:43 - 2018-06-08 18:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
      2018-09-04 00:43 - 2018-06-08 18:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
      2018-09-04 00:43 - 2018-06-08 18:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2018-09-04 00:43 - 2018-06-07 19:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-09-04 00:43 - 2018-06-07 18:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2018-09-04 00:43 - 2018-06-07 18:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
      2018-09-04 00:43 - 2018-06-07 18:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
      2018-09-04 00:43 - 2018-05-15 06:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2018-09-04 00:43 - 2018-05-15 06:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2018-09-04 00:43 - 2018-05-15 06:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2018-09-04 00:43 - 2018-05-15 06:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2018-09-04 00:43 - 2018-05-15 06:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
      2018-09-04 00:43 - 2018-05-15 06:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2018-09-04 00:43 - 2018-05-15 06:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2018-09-04 00:43 - 2018-05-15 06:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2018-09-04 00:43 - 2018-05-12 05:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2018-09-04 00:43 - 2018-05-12 05:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2018-09-04 00:43 - 2018-05-12 05:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2018-09-04 00:43 - 2018-05-12 00:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
      2018-09-04 00:43 - 2018-05-11 03:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2018-09-04 00:43 - 2018-05-11 03:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
      2018-09-04 00:43 - 2018-04-26 16:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
      2018-09-04 00:43 - 2018-04-25 19:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
      2018-09-04 00:43 - 2018-04-25 18:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-09-04 00:43 - 2018-04-23 02:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2018-09-04 00:43 - 2018-04-18 19:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
      2018-09-04 00:43 - 2018-04-18 19:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
      2018-09-04 00:43 - 2018-04-18 18:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
      2018-09-04 00:43 - 2018-04-18 18:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
      2018-09-04 00:43 - 2018-04-18 18:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
      2018-09-04 00:43 - 2018-04-18 18:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
      2018-09-04 00:43 - 2018-04-11 19:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
      2018-09-04 00:43 - 2018-04-11 19:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
      2018-09-04 00:43 - 2018-04-10 19:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
      2018-09-04 00:43 - 2018-04-10 19:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
      2018-09-04 00:43 - 2018-04-10 19:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
      2018-09-04 00:43 - 2018-04-10 19:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
      2018-09-04 00:43 - 2018-04-10 19:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
      2018-09-04 00:43 - 2018-04-10 19:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
      2018-09-04 00:43 - 2018-04-10 18:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-09-04 00:43 - 2018-04-10 18:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-09-04 00:43 - 2018-04-10 18:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-09-04 00:43 - 2018-04-07 19:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
      2018-09-04 00:43 - 2018-03-14 20:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
      2018-09-04 00:43 - 2018-03-14 20:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
      2018-09-04 00:43 - 2018-03-14 20:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
      2018-09-04 00:43 - 2018-03-14 20:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
      2018-09-04 00:43 - 2018-03-14 20:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
      2018-09-04 00:43 - 2018-03-14 19:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
      2018-09-04 00:43 - 2018-03-14 19:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
      2018-09-04 00:43 - 2018-03-14 19:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
      2018-09-04 00:43 - 2018-03-14 19:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
      2018-09-04 00:43 - 2018-03-14 19:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2018-09-04 00:43 - 2018-03-14 19:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
      2018-09-04 00:43 - 2018-03-14 19:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2018-09-04 00:43 - 2018-03-14 19:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2018-09-04 00:43 - 2018-03-14 19:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
      2018-09-04 00:43 - 2018-03-14 19:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
      2018-09-04 00:43 - 2018-03-14 19:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
      2018-09-04 00:43 - 2018-03-06 21:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
      2018-09-04 00:43 - 2018-03-06 21:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
      2018-09-04 00:43 - 2018-02-22 06:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
      2018-09-04 00:43 - 2018-02-22 06:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
      2018-09-04 00:43 - 2018-02-10 21:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
      2018-09-04 00:43 - 2018-02-10 21:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
      2018-09-04 00:43 - 2018-02-10 21:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
      2018-09-04 00:43 - 2018-02-10 21:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
      2018-09-04 00:43 - 2018-02-10 21:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
      2018-09-04 00:43 - 2018-02-10 21:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
      2018-09-04 00:43 - 2018-02-10 21:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
      2018-09-04 00:43 - 2018-02-10 20:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
      2018-09-04 00:43 - 2018-02-10 20:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
      2018-09-04 00:43 - 2018-02-10 20:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
      2018-09-04 00:43 - 2018-02-10 20:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
      2018-09-04 00:43 - 2018-01-12 19:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
      2018-09-04 00:43 - 2018-01-12 19:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
      2018-09-04 00:43 - 2018-01-12 19:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
      2018-09-04 00:43 - 2018-01-12 19:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
      2018-09-04 00:43 - 2018-01-11 19:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2018-09-04 00:43 - 2018-01-11 19:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2018-09-04 00:43 - 2018-01-01 05:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-09-04 00:43 - 2018-01-01 05:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-09-04 00:43 - 2018-01-01 05:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
      2018-09-04 00:43 - 2018-01-01 05:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-09-04 00:43 - 2018-01-01 05:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-09-04 00:43 - 2018-01-01 05:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-09-04 00:43 - 2018-01-01 05:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
      2018-09-04 00:43 - 2018-01-01 05:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
      2018-09-04 00:43 - 2018-01-01 05:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
      2018-09-04 00:43 - 2018-01-01 04:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
      2018-09-04 00:43 - 2018-01-01 04:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-09-04 00:43 - 2018-01-01 04:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
      2018-09-04 00:43 - 2018-01-01 04:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
      2018-09-04 00:43 - 2018-01-01 04:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-09-04 00:43 - 2018-01-01 04:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
      2018-09-04 00:43 - 2018-01-01 04:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
      2018-09-04 00:43 - 2018-01-01 04:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
      2018-09-04 00:43 - 2018-01-01 04:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
      2018-09-04 00:43 - 2018-01-01 04:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
      2018-09-04 00:43 - 2018-01-01 04:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-09-04 00:43 - 2017-12-05 20:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
      2018-09-04 00:43 - 2017-12-05 20:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2018-09-04 00:43 - 2017-12-05 20:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2018-09-04 00:43 - 2017-12-05 20:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2018-09-04 00:43 - 2017-12-05 20:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2018-09-04 00:43 - 2017-12-05 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
      2018-09-04 00:43 - 2017-12-05 20:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2018-09-04 00:43 - 2017-12-05 20:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
      2018-09-04 00:43 - 2017-12-05 20:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2018-09-04 00:43 - 2017-12-05 20:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2018-09-04 00:43 - 2017-12-05 20:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2018-09-04 00:43 - 2017-12-05 19:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
      2018-09-04 00:43 - 2017-12-05 18:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
      2018-09-04 00:42 - 2018-08-03 18:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
      2018-09-04 00:42 - 2018-08-02 06:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2018-09-04 00:42 - 2018-08-02 06:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2018-09-04 00:42 - 2018-08-02 06:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-09-04 00:42 - 2018-08-02 06:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2018-09-04 00:42 - 2018-08-02 05:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-09-04 00:42 - 2018-08-02 05:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2018-09-04 00:42 - 2018-08-02 05:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2018-09-04 00:42 - 2018-08-02 05:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-09-04 00:42 - 2018-08-02 05:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2018-09-04 00:42 - 2018-08-02 05:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-09-04 00:42 - 2018-08-02 05:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2018-09-04 00:42 - 2018-08-02 05:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2018-09-04 00:42 - 2018-08-02 05:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2018-09-04 00:42 - 2018-08-02 05:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2018-09-04 00:42 - 2018-08-02 05:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2018-09-04 00:42 - 2018-07-19 09:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-09-04 00:42 - 2018-07-19 07:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2018-09-04 00:42 - 2018-07-08 19:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2018-09-04 00:42 - 2018-07-08 19:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-09-04 00:42 - 2018-07-08 19:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-09-04 00:42 - 2018-07-08 18:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2018-09-04 00:42 - 2018-07-08 18:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
      2018-09-04 00:42 - 2018-07-08 18:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
      2018-09-04 00:42 - 2018-07-08 18:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2018-09-04 00:42 - 2018-07-07 18:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-09-04 00:42 - 2018-07-06 19:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
      2018-09-04 00:42 - 2018-07-06 18:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
      2018-09-04 00:42 - 2018-06-29 18:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
      2018-09-04 00:42 - 2018-06-27 18:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2018-09-04 00:42 - 2018-06-27 18:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2018-09-04 00:42 - 2018-06-27 18:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
      2018-09-04 00:42 - 2018-06-21 06:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2018-09-04 00:42 - 2018-06-21 06:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2018-09-04 00:42 - 2018-06-16 08:24 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
      2018-09-04 00:42 - 2018-06-16 08:11 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-09-04 00:42 - 2018-06-13 19:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2018-09-04 00:42 - 2018-06-13 19:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2018-09-04 00:42 - 2018-06-08 19:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-09-04 00:42 - 2018-06-08 19:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2018-09-04 00:42 - 2018-06-08 18:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2018-09-04 00:42 - 2018-06-08 18:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
      2018-09-04 00:42 - 2018-06-08 18:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
      2018-09-04 00:42 - 2018-06-08 16:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2018-09-04 00:42 - 2018-06-08 16:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2018-09-04 00:42 - 2018-06-08 16:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2018-09-04 00:42 - 2018-06-07 19:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
      2018-09-04 00:42 - 2018-06-07 19:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-09-04 00:42 - 2018-06-07 19:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-09-04 00:42 - 2018-05-15 07:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-09-04 00:42 - 2018-05-15 06:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2018-09-04 00:42 - 2018-05-15 06:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
      2018-09-04 00:42 - 2018-05-15 06:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2018-09-04 00:42 - 2018-05-15 06:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2018-09-04 00:42 - 2018-05-12 00:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2018-09-04 00:42 - 2018-05-02 18:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
      2018-09-04 00:42 - 2018-05-02 18:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
      2018-09-04 00:42 - 2018-04-23 03:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2018-09-04 00:42 - 2018-04-11 19:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
      2018-09-04 00:42 - 2018-04-11 19:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
      2018-09-04 00:42 - 2018-04-10 19:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
      2018-09-04 00:42 - 2018-03-10 20:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2018-09-04 00:42 - 2018-03-06 21:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
      2018-09-04 00:42 - 2018-03-06 21:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
      2018-09-04 00:42 - 2018-03-06 21:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2018-09-04 00:42 - 2018-03-06 21:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2018-09-04 00:42 - 2018-02-10 21:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
      2018-09-04 00:42 - 2018-02-10 21:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
      2018-09-04 00:42 - 2018-02-10 21:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
      2018-09-04 00:42 - 2018-02-10 20:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
      2018-09-04 00:42 - 2018-02-10 20:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
      2018-09-04 00:42 - 2018-02-10 20:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
      2018-09-04 00:42 - 2018-02-10 20:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
      2018-09-04 00:42 - 2018-01-01 05:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
      2018-09-04 00:42 - 2018-01-01 05:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
      2018-09-04 00:42 - 2018-01-01 05:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
      2018-09-04 00:42 - 2018-01-01 05:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
      2018-09-04 00:42 - 2018-01-01 05:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
      2018-09-04 00:42 - 2018-01-01 05:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2018-09-04 00:42 - 2018-01-01 05:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2018-09-04 00:42 - 2018-01-01 05:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
      2018-09-04 00:42 - 2018-01-01 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
      2018-09-04 00:42 - 2018-01-01 05:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
      2018-09-04 00:42 - 2018-01-01 05:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
      2018-09-04 00:42 - 2018-01-01 04:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
      2018-09-04 00:42 - 2018-01-01 04:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
      2018-09-04 00:42 - 2017-12-05 20:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2018-09-04 00:42 - 2017-12-05 20:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
      2018-09-04 00:42 - 2017-12-05 20:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
      2018-08-13 10:45 - 2018-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
      2018-08-13 10:45 - 2018-08-13 10:45 - 000000000 ____D C:\Program Files\qBittorrent
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-09-07 10:02 - 2017-09-16 15:50 - 000000000 ____D C:\Users\kpacko\AppData\Roaming\qBittorrent
      2018-09-07 07:53 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-09-07 07:53 - 2009-07-14 07:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-09-07 07:51 - 2009-07-14 08:13 - 000772130 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-09-07 07:51 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
      2018-09-07 07:49 - 2017-09-15 22:54 - 000002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-09-07 07:45 - 2017-09-16 17:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
      2018-09-07 07:45 - 2017-09-15 18:18 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-09-07 07:45 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-09-07 00:19 - 2017-10-22 09:50 - 000000000 ____D C:\Users\kpacko\AppData\Local\CrashDumps
      2018-09-06 23:59 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache
      2018-09-04 22:42 - 2017-09-17 23:54 - 000000000 ____D C:\Users\kpacko\AppData\Roaming\FileZilla
      2018-09-04 00:58 - 2009-07-14 07:45 - 000295648 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-09-04 00:56 - 2017-09-16 19:15 - 000000000 ____D C:\Windows\system32\appraiser
      2018-09-04 00:56 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\PolicyDefinitions
      2018-09-04 00:51 - 2017-07-17 23:37 - 000756356 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      2018-09-02 00:28 - 2017-10-02 14:41 - 000000000 ____D C:\Users\kpacko\AppData\Roaming\ViberPC
      2018-09-02 00:27 - 2018-07-02 00:59 - 000000000 ____D C:\Users\kpacko\AppData\Local\Viber
      2018-09-02 00:26 - 2017-10-02 14:41 - 000000000 ____D C:\Users\kpacko\Documents\ViberDownloads
      2018-08-19 17:49 - 2017-11-02 01:00 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
      2018-08-08 00:53 - 2017-10-02 09:30 - 000000000 ____D C:\Users\kpacko\AppData\Local\ElevatedDiagnostics
      2018-08-08 00:53 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\NDF
      ==================== Files in the root of some directories =======
      2018-05-04 13:56 - 2018-05-01 20:53 - 001527138 _____ () C:\Users\kpacko\AppData\Roaming\ccseetup542pro.exe
      2018-05-04 13:56 - 2018-04-30 15:50 - 015816144 ____R (Piriform Ltd) C:\Users\kpacko\AppData\Roaming\ccsetup542pro.exe
      2018-05-04 13:56 - 2018-03-12 20:36 - 001371485 _____ () C:\Users\kpacko\AppData\Roaming\ccsetup542proo.exe
      2018-05-04 13:56 - 2018-03-12 20:34 - 000211375 _____ () C:\Users\kpacko\AppData\Roaming\ccsetup542prro.exe
      2017-11-30 16:35 - 2018-02-22 12:29 - 000007603 _____ () C:\Users\kpacko\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2018-04-30 12:09 - 2018-04-30 12:09 - 011491456 _____ (Raxco Software, Inc.                                        ) C:\Users\kpacko\AppData\Local\Temp\PD140p_x64.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-09-06 23:52
      ==================== End of FRST.txt ============================
      Addition.txt
    • от мирослав24
      Здравейте,сблъсках се със следния проблем-неизвестно лице или лица правят опити за проникване в мои акаунти в електронни  пощи и  сайтове където съм се регистрирал.Получих писмо от единия сайт че е правен опит за вписване с моето потребителско име,но с грешна парола,и аналогично съобщение от е-майл провайдър.Ползвам десктоп компютър и лаптоп и не знам дали някое от устройствата не е със зловреден софтуер.Видимо нямам проблеми с машините,освен че и на двата компютъра като исках да си сменя паролата на един сайт,ми излезе прозорец с искане да си напиша електронната поща с който съм регистриран в сайта и като я написах след това ми излезе втори прозорец с подкана да напиша и паролата си за съответната поща.Нищо не смених в крайна сметка докато не установя къде е проблема.Изпращам резултатите от сканиране с FRST на настолния компютър :
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
      Ran by User1 (administrator) on PC1 (30-08-2018 15:49:50)
      Running from C:\Documents and Settings\User1\Desktop
      Loaded Profiles: User1 (Available Profiles: User1 & User2 & Administrator)
      Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
      (Comodo) C:\Program Files\Comodo\Dragon\dragon_updater.exe
      () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
      () C:\WINDOWS\tsnpstd3.exe
      () C:\WINDOWS\vsnpstd3.exe
      () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
      (BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      (MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
      (Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [262144 2006-06-19] ()
      HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [827392 2006-09-19] ()
      HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [8063200 2016-07-18] ()
      HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Messenger (Yahoo!)] => "F:\SKYPE_~1\yahoo\Messenger\YahooMessenger.exe" -quiet
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [395640 2011-05-02] (BitTorrent, Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6490904 2015-08-20] (Piriform Ltd)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [Google Update] => C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-12-02] (Google Inc.)
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
      HKU\S-1-5-18\...\RunOnce: [RunNarrator] => C:\WINDOWS\system32\Narrator.exe [53760 2008-04-14] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [1447936 2018-07-27] (Adobe Systems Incorporated)
      Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-03-28]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk [2018-08-30]
      ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\..\Interfaces\{0227FD86-8C54-4C88-8029-3F44137A8ADF}: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{1524681E-CD57-4084-9846-709C0A2CC0ED}: [NameServer] 192.168.100.40,192.168.100.140
      Internet Explorer:
      ==================
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-220523388-412668190-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_152\bin\ssv.dll [2017-12-08] (Oracle Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_152\bin\jp2ssv.dll [2017-12-08] (Oracle Corporation)
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-08] ()
      FF Plugin: @java.com/DTPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\dtplugin\npDeployJava1.dll [2017-12-08] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.152.2 -> C:\Program Files\Java\jre1.8.0_152\bin\plugin2\npjp2.dll [2017-12-08] (Oracle Corporation)
      FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\User1\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.)
      FF Plugin HKU\S-1-5-21-220523388-412668190-1417001333-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\User1\Local Settings\Application Data\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-02] (Google Inc.)
      FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\User1\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-27] (Adobe Systems Incorporated) [File not signed]
      S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
      R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
      R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
      R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
      R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo)
      R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
      R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
      S3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
      R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [602112 2007-06-04] (Hewlett-Packard Co.) [File not signed]
      S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [170912 2013-01-12] (Oracle Corporation)
      R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
      R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
      R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [664040 2016-07-18] ()
      S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
      S3 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
      R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
      R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
      R3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
      R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
      R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
      R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
      R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
      S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
      S2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
      R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-06-18] (Advanced Micro Devices)
      S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
      R3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
      R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed]
      R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
      R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys [175008 2016-04-28] (BitDefender LLC)
      R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-19] (HP)
      R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-19] (HP)
      R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-19] (HP)
      R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
      R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [4368896 2006-08-15] (Realtek Semiconductor Corp.) [File not signed]
      R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
      R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
      R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
      R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
      S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
      R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
      R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
      R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [57856 2006-07-11] (NVIDIA Corporation)
      R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2006-07-11] (NVIDIA Corporation)
      R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
      S3 SNPSTD3; C:\WINDOWS\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.)
      R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
      R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
      S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-04-28] (BitDefender S.R.L.)
      S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
      R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
      R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
      S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
      R3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
      S3 catchme; \??\C:\DOCUME~1\User1\LOCALS~1\Temp\catchme.sys [X]
      S4 IntelIde; no ImagePath
      S2 StarOpen; no ImagePath
      S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam32.sys [X]
      S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard32.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-08-30 15:49 - 2018-08-30 15:50 - 000014109 _____ C:\Documents and Settings\User1\Desktop\FRST.txt
      2018-08-30 15:15 - 2018-08-30 15:15 - 001773568 _____ (Farbar) C:\Documents and Settings\User1\Desktop\FRST.exe
      2018-08-10 12:36 - 2018-08-10 12:40 - 000000000 ____D C:\Documents and Settings\User2\Desktop\куче Анжело 0887999938
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-08-30 15:50 - 2015-07-18 13:46 - 000000000 ____D C:\Documents and Settings\User1\Local Settings\temp
      2018-08-30 15:49 - 2018-03-26 11:31 - 000000000 ____D C:\FRST
      2018-08-30 15:48 - 2011-05-02 12:46 - 000000000 ____D C:\Documents and Settings\User1\Application Data\uTorrent
      2018-08-30 15:31 - 2011-05-02 12:44 - 000000000 ____D C:\Program Files\Opera
      2018-08-30 14:58 - 2016-02-20 13:25 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\MCShield
      2018-08-30 14:58 - 2015-06-22 14:14 - 000000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
      2018-08-30 14:58 - 2015-06-22 14:14 - 000000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
      2018-08-30 14:58 - 2011-05-02 10:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-08-30 14:57 - 2018-03-27 15:50 - 000032638 _____ C:\WINDOWS\SchedLgU.Txt
      2018-08-30 14:57 - 2011-05-02 12:10 - 000000178 ___SH C:\Documents and Settings\User1\ntuser.ini
      2018-08-30 14:57 - 2011-05-02 12:10 - 000000000 ____D C:\Documents and Settings\User1
      2018-08-30 14:55 - 2013-03-08 15:11 - 000001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003UA.job
      2018-08-30 14:47 - 2015-04-26 09:48 - 000000000 ____D C:\Documents and Settings\User2\Application Data\Skype
      2018-08-30 14:47 - 2011-05-02 13:28 - 000000000 ____D C:\Documents and Settings\User2\Local Settings\Temp
      2018-08-30 12:55 - 2013-03-08 15:11 - 000001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-412668190-1417001333-1003Core.job
      2018-08-30 07:50 - 2001-08-23 12:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
      2018-08-25 12:48 - 2017-01-16 13:16 - 000000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
      2018-08-25 12:48 - 2011-05-02 10:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2018-08-09 12:25 - 2011-05-16 16:38 - 000000000 ____D C:\Program Files\Recuva
      2018-08-02 14:29 - 2013-12-09 13:51 - 000000000 ____D C:\Documents and Settings\User2\Desktop\образци PDF
      ==================== Files in the root of some directories =======
      2011-05-02 13:33 - 2014-09-24 16:20 - 000014848 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-01-01 13:07 - 2014-01-01 13:07 - 000000036 _____ () C:\Documents and Settings\User1\Local Settings\Application Data\housecall.guid.cache
      2011-05-15 13:35 - 2011-05-15 13:35 - 000000056 _____ () C:\Documents and Settings\All Users\Application Data\ezsidmv.dat
      2017-09-02 12:57 - 2018-04-11 15:32 - 000021736 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => MD5 is legit
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => MD5 is legit
      C:\WINDOWS\system32\dnsapi.dll => MD5 is legit
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      ==================== End of FRST.txt ============================
      Addition.txt
    • от d1cho
      Привет преди два дни ми изпищя windows defender-a и антивируснта програма,пише, че гадината е Trojan:Win32/Killav.DR. Компютрите са в мрежа, единя е с vista business 64 bit, a другия с windows 10 32bit. Този с vistata не ми да ва да включа защитната стена и да инсталриам антивирусна. Мъчих компютъра с windows 10 с различни антивирусни понеже ми позволява да инсталриам,но само ги слага под карантина,а мен ме е страх да ги трия понеже имаме софтуер за работа и ме тревожи да не би да повредя нещо и да замине информацията.
      Моля за съдействие, понеже е почти невъзможно да се работи на компютрите.
      Ето тоша ми е от лог файла на компѝтъра с вистата FRST.txt
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
      Ran by DBPROTOOLS (administrator) on DBPROTOOLS-PC (17-08-2018 10:17:44)
      Running from C:\Users\DBPROTOOLS\Desktop
      Loaded Profiles: DBPROTOOLS (Available Profiles: DBPROTOOLS)
      Platform: Windows Vista (TM) Business Service Pack 2 (X64) Language: English (United States)
      Internet Explorer Version 7 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      () C:\Windows\zqmeyojeujuakpbxqoc.exe
      (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
      () C:\Users\DBPROTOOLS\AppData\Local\Temp\zeoucgp.exe
      () C:\Users\DBPROTOOLS\AppData\Local\Temp\zeoucgp.exe
      (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
      (Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
      HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-23] (Brother Industries, Ltd.)
      HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
      HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
      HKLM-x32\...\Run: [mqzelo] => C:\Windows\fuoewkdwkxgksvfzq.exe [503808 2018-08-17] ()
      HKLM-x32\...\Run: [qapanwkyhpts] => C:\Users\DBPROTOOLS\AppData\Local\Temp\fuoewkdwkxgksvfzq.exe [503808 2018-08-16] () <==== ATTENTION
      HKLM-x32\...\RunOnce: [zeoucgp] => mebupgcypfryjpcztshe.exe .
      HKLM-x32\...\RunOnce: [tcqamuhucjm] => C:\Users\DBPROTOOLS\AppData\Local\Temp\zqmeyojeujuakpbxqoc.exe . [503808 2018-08-16] () <==== ATTENTION
      HKLM\...\Policies\Explorer\Run: [oufmvaku] => C:\Windows\zqmeyojeujuakpbxqoc.exe [503808 2018-08-16] ()
      HKLM\...\Policies\Explorer\Run: [bemqw] => C:\Users\DBPROTOOLS\AppData\Local\Temp\fuoewkdwkxgksvfzq.exe [503808 2018-08-16] ()
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\Run: [fmygqwhsy] => C:\Windows\oezqjysmbpzenrcxpm.exe [503808 2018-08-17] ()
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\Run: [mqzelo] => C:\Users\DBPROTOOLS\AppData\Local\Temp\ymfulyqivhpszbkd.exe [503808 2018-08-16] () <==== ATTENTION
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\RunOnce: [ygtcnugszf] => fuoewkdwkxgksvfzq.exe .
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\RunOnce: [zeoucgp] => C:\Users\DBPROTOOLS\AppData\Local\Temp\oezqjysmbpzenrcxpm.exe . [503808 2018-08-16] () <==== ATTENTION
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\Policies\system: [DisableRegistryTools] 1
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\MountPoints2: {175dbd82-9a45-11e8-861a-0019990d7d87} - E:\tyquftktfbz.bat
      HKU\S-1-5-21-3181692578-1277306937-1901717452-1000\...\MountPoints2: {1b56a57f-9a44-11e8-a149-8748c642f7d2} - E:\setup.exe
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
      Tcpip\..\Interfaces\{16F65250-913D-4F56-B2DA-49AF5C765191}: [DhcpNameServer] 192.168.0.1 192.168.0.1
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      SearchScopes: HKU\S-1-5-21-3181692578-1277306937-1901717452-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-04-11] (Microsoft Corporation)
      Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-04-11] (Microsoft Corporation)
      Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-04-11] (Microsoft Corporation)
      Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-04-11] (Microsoft Corporation)
      FireFox:
      ========
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
      Chrome: 
      =======
      CHR Profile: C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default [2018-08-17]
      CHR Extension: (Slides) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-07]
      CHR Extension: (Docs) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-07]
      CHR Extension: (Google Drive) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-07]
      CHR Extension: (YouTube) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-07]
      CHR Extension: (Sheets) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-07]
      CHR Extension: (Google Docs Offline) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-07]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-07]
      CHR Extension: (Gmail) - C:\Users\DBPROTOOLS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-07]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
      S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
      S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
      S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-08-17 10:17 - 2018-08-17 10:18 - 000008964 _____ C:\Users\DBPROTOOLS\Desktop\FRST.txt
      2018-08-17 10:16 - 2018-08-17 10:17 - 000000000 ____D C:\FRST
      2018-08-17 10:15 - 2018-08-17 10:15 - 002412544 _____ (Farbar) C:\Users\DBPROTOOLS\Desktop\FRST64.exe
      2018-08-17 09:35 - 2018-08-17 09:36 - 046625016 _____ (Microsoft Corporation) C:\Users\DBPROTOOLS\Downloads\Windows-KB890830-x64-V5.63.exe
      2018-08-16 12:03 - 2018-08-16 12:03 - 000000000 ____D C:\ProgramData\AVG
      2018-08-16 12:02 - 2018-08-16 11:36 - 007460520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\DBPROTOOLS\Desktop\avg_antivirus_free_setup.exe
      2018-08-15 16:13 - 2018-08-15 16:33 - 000038147 _____ C:\Users\DBPROTOOLS\Documents\ПРОТОКОЛ КОНСИГНАЦИЯ.odt
      2018-08-15 10:04 - 2018-08-17 10:18 - 000000272 ____H C:\Windows\SysWOW64\dacaawxyupgsitlnmqkmj.vgd
      2018-08-15 10:04 - 2018-08-17 10:18 - 000000272 ____H C:\Windows\dacaawxyupgsitlnmqkmj.vgd
      2018-08-15 10:04 - 2018-08-17 10:18 - 000000272 ____H C:\Program Files (x86)\dacaawxyupgsitlnmqkmj.vgd
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\ymfulyqivhpszbkd.exe
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\smlgdwusldranvkjfgxwqy.exe
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\oezqjysmbpzenrcxpm.exe
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\mebupgcypfryjpcztshe.exe
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\fuoewkdwkxgksvfzq.exe
      2018-08-15 10:03 - 2018-08-17 10:16 - 000503808 __RSH C:\Windows\busmiaxumdqykrfdyyomf.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\zqmeyojeujuakpbxqoc.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\zqmeyojeujuakpbxqoc.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\ymfulyqivhpszbkd.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\smlgdwusldranvkjfgxwqy.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\oezqjysmbpzenrcxpm.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\mebupgcypfryjpcztshe.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH C:\Windows\SysWOW64\fuoewkdwkxgksvfzq.exe
      2018-08-15 10:03 - 2018-08-15 10:03 - 000503808 __RSH C:\Windows\SysWOW64\busmiaxumdqykrfdyyomf.exe
      2018-08-08 19:55 - 2018-08-08 19:55 - 000000586 _____ C:\Users\DBPROTOOLS\Desktop\control8.lnk
      2018-08-08 19:53 - 2018-08-08 19:54 - 000000586 _____ C:\Users\DBPROTOOLS\Desktop\control7.lnk
      2018-08-08 10:50 - 2018-08-08 10:51 - 000000000 ___HD C:\Program Files (x86)\Temp
      2018-08-08 10:49 - 2018-08-08 10:49 - 020227746 _____ C:\Users\DBPROTOOLS\Downloads\FTS_RealtekHDAudio_6015911_1039707.zip
      2018-08-08 10:36 - 2018-08-08 10:36 - 000529696 _____ (Fujitsu) C:\Users\DBPROTOOLS\Downloads\AutoDetect_CR.exe
      2018-08-08 10:19 - 2018-08-08 10:19 - 000870768 _____ (PDFLogic Corporation ) C:\Users\DBPROTOOLS\Downloads\pdfvista.exe
      2018-08-08 10:14 - 2018-08-08 10:14 - 000127389 _____ C:\Users\DBPROTOOLS\Downloads\received_1656658347796650.jpeg
      2018-08-08 09:51 - 2018-08-08 09:51 - 000131068 _____ C:\Users\DBPROTOOLS\Downloads\ACFrOgD5qMx8urBDsFoSA7F_JPxuDeiEhFOgmeQLIU44kuc2fxOLoZfY-xq9ebf1sM-mw4X0coR12Y2kOz69foLufsDyMtHGIiFwi_Ya2E4BRTKHCOlw-VxJoiTp7S8=
      2018-08-08 09:41 - 2018-08-08 09:41 - 000949332 _____ (Vivid Document Imaging Technologies ) C:\Users\DBPROTOOLS\Downloads\PDFViewerSetup (1).exe
      2018-08-08 09:40 - 2018-08-16 12:03 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Roaming\YcanPDF
      2018-08-08 09:39 - 2018-08-08 09:39 - 003451040 _____ (PDFZilla, Inc. ) C:\Users\DBPROTOOLS\Downloads\freepdfreader.exe
      2018-08-07 17:15 - 2018-08-07 17:15 - 000008192 ___RS C:\BOOTSECT.BAK
      2018-08-07 17:15 - 2018-08-07 16:22 - 000000000 ____D C:\Windows\Panther
      2018-08-07 17:15 - 2009-04-11 19:22 - 000333257 __RSH C:\bootmgr
      2018-08-07 16:21 - 2018-08-07 16:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
      2018-08-07 16:18 - 2018-08-07 16:18 - 000000000 ____D C:\Windows\CSC
      2018-08-07 12:34 - 2018-08-07 12:34 - 000044749 _____ C:\Users\DBPROTOOLS\Downloads\logo_db_protools.pdf
      2018-08-07 12:29 - 2018-08-07 12:29 - 001207800 _____ (Adobe Systems Incorporated) C:\Users\DBPROTOOLS\Downloads\readerdc_en_ha_install.exe
      2018-08-07 12:27 - 2018-08-07 12:27 - 000949332 _____ (Vivid Document Imaging Technologies ) C:\Users\DBPROTOOLS\Downloads\PDFViewerSetup.exe
      2018-08-07 12:22 - 2018-08-07 12:22 - 000004088 ____H C:\Users\DBPROTOOLS\AppData\Local\ygtcnugszfhefberbqviqmyucpyjqcov.dab
      2018-08-07 12:20 - 2018-08-17 10:18 - 000000272 ____H C:\Users\DBPROTOOLS\AppData\Local\dacaawxyupgsitlnmqkmj.vgd
      2018-08-07 12:19 - 2018-08-07 12:19 - 000000000 ____D C:\Users\DBPROTOOLS\Desktop\Оферти Доставчици
      2018-08-07 12:16 - 2018-08-07 12:16 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Roaming\ControlCenter4
      2018-08-07 12:13 - 2018-08-07 12:13 - 000001975 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
      2018-08-07 12:13 - 2018-08-07 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
      2018-08-07 12:11 - 2018-08-07 12:11 - 000000000 ____D C:\ProgramData\ControlCenter4
      2018-08-07 12:11 - 2018-08-07 12:11 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
      2018-08-07 12:11 - 2018-08-07 12:11 - 000000000 ____D C:\Program Files (x86)\BrownyInd
      2018-08-07 12:11 - 2018-08-07 12:11 - 000000000 ____D C:\Program Files (x86)\Browny02
      2018-08-07 12:11 - 2018-08-07 12:11 - 000000000 ____D C:\Brother
      2018-08-07 12:11 - 2012-12-14 04:31 - 000180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
      2018-08-07 12:11 - 2012-12-14 04:31 - 000113744 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
      2018-08-07 12:11 - 2012-12-14 04:31 - 000077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
      2018-08-07 12:11 - 2012-12-14 04:31 - 000045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
      2018-08-07 12:11 - 2012-12-14 04:31 - 000025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
      2018-08-07 12:11 - 2012-12-14 04:31 - 000000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
      2018-08-07 12:11 - 2012-12-14 04:29 - 000000050 _____ C:\Windows\system32\BRADM12A.DAT
      2018-08-07 12:11 - 2012-12-13 19:00 - 000226816 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOM12A.DLL
      2018-08-07 12:11 - 2012-10-19 15:07 - 001441792 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi212c.dll
      2018-08-07 12:11 - 2012-10-19 15:03 - 000054272 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi12c.dll
      2018-08-07 12:11 - 2012-07-06 13:56 - 000012800 _____ (Brother Industries Ltd.) C:\Windows\system32\BrCiImg.dll
      2018-08-07 12:11 - 2011-09-08 12:36 - 000279040 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
      2018-08-07 12:10 - 2018-08-07 12:11 - 000000000 ____D C:\Program Files (x86)\Brother
      2018-08-07 12:10 - 2018-08-07 12:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2018-08-07 12:10 - 2012-11-02 18:15 - 000245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
      2018-08-07 12:10 - 2012-02-02 11:21 - 000002560 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
      2018-08-07 12:10 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
      2018-08-07 12:10 - 2007-12-13 22:16 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
      2018-08-07 12:09 - 2018-08-07 12:13 - 000000000 ____D C:\ProgramData\Brother
      2018-08-07 12:09 - 2018-08-07 12:09 - 000000000 ____D C:\Users\DBPROTOOLS\Downloads\install
      2018-08-07 12:08 - 2018-08-07 12:08 - 141297272 _____ (A.I.SOFT,INC.) C:\Users\DBPROTOOLS\Downloads\DCP-1510-inst-A1-eeu.EXE
      2018-08-07 10:22 - 2018-08-07 10:22 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Roaming\OpenOffice
      2018-08-07 10:12 - 2018-08-07 10:12 - 000000985 _____ C:\Users\Public\Desktop\OpenOffice 4.1.5.lnk
      2018-08-07 10:12 - 2018-08-07 10:12 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
      2018-08-07 10:12 - 2018-08-07 10:12 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
      2018-08-07 09:45 - 2018-08-07 09:46 - 000456080 _____ C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistMSI22E4.txt
      2018-08-07 09:45 - 2018-08-07 09:46 - 000011632 _____ C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistUI22E4.txt
      2018-08-07 09:44 - 2018-08-07 09:45 - 000452836 _____ C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistMSI223D.txt
      2018-08-07 09:44 - 2018-08-07 09:45 - 000011616 _____ C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistUI223D.txt
      2018-08-07 09:44 - 2018-08-07 09:44 - 000000000 ____D C:\Users\DBPROTOOLS\Desktop\OpenOffice 4.1.5 (bg) Installation Files
      2018-08-07 09:40 - 2018-08-07 09:40 - 013057882 _____ C:\Users\DBPROTOOLS\Downloads\Apache_OpenOffice_4.1.5_Win_x86_langpack_bg.exe
      2018-08-07 09:40 - 2018-08-07 09:40 - 000000000 ____D C:\Users\DBPROTOOLS\Desktop\OpenOffice 4.1.5 Language Pack (Bulgarian) Installation Files
      2018-08-07 09:39 - 2018-08-07 09:40 - 129515834 _____ C:\Users\DBPROTOOLS\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_bg.exe
      2018-08-07 09:34 - 2018-08-07 09:34 - 000000000 ____D C:\Users\DBPROTOOLS\Desktop\Нова папка
      2018-08-07 09:34 - 2013-06-28 14:49 - 001732096 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys
      2018-08-07 09:31 - 2018-08-07 09:32 - 245571584 _____ C:\Users\DBPROTOOLS\Downloads\LibreOffice_5.4.7_Win_x64.msi
      2018-08-07 07:22 - 2018-08-08 09:45 - 000054608 _____ C:\Users\DBPROTOOLS\AppData\Local\GDIPFONTCACHEV1.DAT
      2018-08-07 07:22 - 2018-08-07 07:22 - 000000979 _____ C:\Users\DBPROTOOLS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2018-08-07 07:22 - 2018-08-07 07:22 - 000000974 _____ C:\Users\DBPROTOOLS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
      2018-08-07 07:22 - 2018-08-07 07:22 - 000000949 _____ C:\Users\DBPROTOOLS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
      2018-08-07 07:21 - 2018-08-16 17:01 - 000000732 _____ C:\Users\DBPROTOOLS\AppData\Local\d3d9caps64.dat
      2018-08-07 07:21 - 2018-08-10 15:00 - 000000000 ____D C:\Users\DBPROTOOLS
      2018-08-07 07:21 - 2018-08-07 12:20 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Local\VirtualStore
      2018-08-07 07:21 - 2018-08-07 07:22 - 000000915 _____ C:\Users\DBPROTOOLS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
      2018-08-07 07:21 - 2018-08-07 07:21 - 000000020 ___SH C:\Users\DBPROTOOLS\ntuser.ini
      2018-08-07 00:53 - 2018-08-16 17:02 - 000000680 _____ C:\Users\DBPROTOOLS\AppData\Local\d3d9caps.dat
      2018-08-07 00:52 - 2018-08-16 17:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
      2018-08-07 00:52 - 2018-08-15 06:17 - 000000882 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
      2018-08-07 00:52 - 2018-08-15 06:17 - 000000870 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
      2018-08-07 00:52 - 2018-08-07 00:52 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Roaming\TeamViewer
      2018-08-07 00:51 - 2018-08-07 00:51 - 020688888 _____ (TeamViewer GmbH) C:\Users\DBPROTOOLS\Downloads\TeamViewer_Setup.exe
      2018-08-07 00:47 - 2018-08-07 00:47 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-08-07 00:47 - 2018-08-07 00:47 - 000002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-08-07 00:47 - 2018-08-07 00:47 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Local\Google
      2018-08-07 00:47 - 2018-08-07 00:47 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Local\Deployment
      2018-08-07 00:47 - 2018-08-07 00:47 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Local\Apps\2.0
      2018-08-07 00:47 - 2018-08-07 00:47 - 000000000 ____D C:\Program Files (x86)\Google
      2018-08-07 00:47 - 2018-08-06 16:30 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-08-07 00:47 - 2018-08-06 16:30 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-08-06 19:35 - 2018-08-06 19:35 - 000000000 ____D C:\Users\DBPROTOOLS\AppData\Local\TeamViewer
      2018-08-06 16:30 - 2018-08-06 16:30 - 000000693 _____ C:\Users\DBPROTOOLS\Desktop\Downloads - Shortcut.lnk
      2018-08-06 16:29 - 2018-08-06 16:29 - 000000000 ____D C:\Program Files (x86)\GUM4368.tmp
      2018-08-06 14:37 - 2018-08-06 14:38 - 274317312 _____ C:\Users\DBPROTOOLS\Downloads\LibreOffice_6.0.6_Win_x64.msi
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-08-17 09:01 - 2006-11-02 18:20 - 000005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
      2018-08-17 09:01 - 2006-11-02 18:20 - 000005024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
      2018-08-16 17:08 - 2006-11-02 16:33 - 000000000 ____D C:\Windows\inf
      2018-08-16 17:08 - 2006-11-02 15:46 - 000690960 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-08-16 17:01 - 2006-11-02 18:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-08-16 14:51 - 2006-11-02 18:38 - 000011762 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2018-08-08 09:44 - 2006-11-02 18:20 - 000256016 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-08-07 17:15 - 2006-11-02 18:05 - 000262144 _____ C:\Windows\system32\config\BCD-Template
      2018-08-07 09:44 - 2006-11-02 16:33 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
      2018-08-07 09:43 - 2006-11-02 16:34 - 000000000 ____D C:\Windows\system32\NDF
      2018-08-07 07:21 - 2006-11-02 16:33 - 000000000 ____D C:\Windows\rescache
      ==================== Files in the root of some directories =======
      2018-08-15 10:04 - 2018-08-17 10:18 - 000000272 ____H () C:\Program Files (x86)\dacaawxyupgsitlnmqkmj.vgd
      2018-08-07 00:53 - 2018-08-16 17:02 - 000000680 _____ () C:\Users\DBPROTOOLS\AppData\Local\d3d9caps.dat
      2018-08-07 07:21 - 2018-08-16 17:01 - 000000732 _____ () C:\Users\DBPROTOOLS\AppData\Local\d3d9caps64.dat
      2018-08-07 12:20 - 2018-08-17 10:18 - 000000272 ____H () C:\Users\DBPROTOOLS\AppData\Local\dacaawxyupgsitlnmqkmj.vgd
      2018-08-07 09:44 - 2018-08-07 09:45 - 000452836 _____ () C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistMSI223D.txt
      2018-08-07 09:45 - 2018-08-07 09:46 - 000456080 _____ () C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistMSI22E4.txt
      2018-08-07 09:44 - 2018-08-07 09:45 - 000011616 _____ () C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistUI223D.txt
      2018-08-07 09:45 - 2018-08-07 09:46 - 000011632 _____ () C:\Users\DBPROTOOLS\AppData\Local\dd_vcredistUI22E4.txt
      2018-08-07 12:22 - 2018-08-07 12:22 - 000004088 ____H () C:\Users\DBPROTOOLS\AppData\Local\ygtcnugszfhefberbqviqmyucpyjqcov.dab
      Files to move or delete:
      ====================
      C:\Users\DBPROTOOLS\AppData\Local\Temp\fuoewkdwkxgksvfzq.exe
      C:\Users\DBPROTOOLS\AppData\Local\Temp\zqmeyojeujuakpbxqoc.exe .
      C:\Users\DBPROTOOLS\AppData\Local\Temp\ymfulyqivhpszbkd.exe
      C:\Users\DBPROTOOLS\AppData\Local\Temp\oezqjysmbpzenrcxpm.exe .

      Some files in TEMP:
      ====================
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\busmiaxumdqykrfdyyomf.exe
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\fuoewkdwkxgksvfzq.exe
      2018-08-07 12:20 - 2018-08-07 12:20 - 000327680 _____ () C:\Users\DBPROTOOLS\AppData\Local\Temp\gegdhvgwcqz.exe
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\mebupgcypfryjpcztshe.exe
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\oezqjysmbpzenrcxpm.exe
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\smlgdwusldranvkjfgxwqy.exe
      2018-08-15 10:03 - 2018-08-16 17:01 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\ymfulyqivhpszbkd.exe
      2018-08-07 12:20 - 2018-08-07 12:20 - 000708608 _____ () C:\Users\DBPROTOOLS\AppData\Local\Temp\zeoucgp.exe
      2018-08-15 10:03 - 2018-08-16 17:02 - 000503808 __RSH () C:\Users\DBPROTOOLS\AppData\Local\Temp\zqmeyojeujuakpbxqoc.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-08-17 05:08
      ==================== End of FRST.txt ============================
      Addition.txt
    • от Мила Д
      Здравейте! Нова съм тук и се надявам скоро някой от вас да даде отговор на един въпрос, който ме мъчи от доста време. 
       А именно - превключих личния си  Инстаграм профил си към бизнес профил и с цел да виждам дейността по качванията, но започнах да виждам негативите... Няма как да го направя поверителен, дори не мога да го изтрия. Опитах се да го върна към личен, пробвах няколко (стотин) пъти, но нищо... Четох навсякъде, има и други хора с този проблем, но решения - никакви. Моля ви за помощ! 
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.