Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Здравейте!

Компютъра е с Win 8.1/32bit.През 2-3 минути в горния десен ъгъл ми излиза това съобщение.

2018-06-07_at_21-35-04.jpgpost a picture

Това е от днес около обяд.Не съм забелязал да има проблем с работата на компютъра.Пуснах ъпдейти и съобщението пак си излиза.

А в долния десен ъгъл,заедно с горното съобщение,излиза това.

2018-06-07_at_22-26-22.jpgimage hosting over 5mb

Моля за помощ!

Линк към този отговор
Сподели в други сайтове

Здравейте,

Пуснете една проверка с FRST, както е описано тук и прикачете лог файловете:

Системата ми е инфектирана - Какво да правя сега?

Линк към този отговор
Сподели в други сайтове

Вече повече от 1 час досадното съобщение го няма.Върнах лентата назад и деинсталирах програмата FTprog от корен.Въпросната програма бях свалил от сайта на FTDI.Направих това което ме посъветвахте!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06.06.2018 01
Ran by Vanka (administrator) on IVAN (07-06-2018 23:13:05)
Running from C:\Users\Vanka\Desktop
Loaded Profiles: Vanka (Available Profiles: Vanka)
Platform: Microsoft Windows 8.1 Enterprise (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(HP) C:\Program Files\HP\HP Wireless Button Driver\HPRadioMgr86.exe
() C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlvknlg.exe

Addition.txt

Линк към този отговор
Сподели в други сайтове

Здравейте,

Първия лог файл е непълен. Моля прикачете целия лог файл FRST.txt

Каква лента сте върнали? Искате да кажете системата? С System Restore?

Никъде в оригиналния пост не сте споменали FT_prog? Защо изведнъж решихте, че е от нея?

А иначе дори в непълния лог видях къде се корени проблема...странно е защо съобщението според вас вече не се появява, а трябва да се появява, защото заразата си стои.

Трябва да деинсталирате => RelevantKnowledge приложението.

Windows Defender е засичал точно нея (а тя продължава да е активна) и ще се обади отново:

Цитат

(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlvknlg.exe

Цитат

Windows Defender:
===================================
Date: 2018-06-07 22:28:17.526
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Detplock&threatid=2147680291&enterprise=0
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Vanka\AppData\Local\Temp\~os316.tmp\rlvknlg32.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Vanka\AppData\Local\Temp\~os316.tmp\rlvknlg.exe
Signature Version: AV: 1.269.846.0, AS: 1.269.846.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.14901.4, NIS: 2.1.14600.4

Поздрави!

Линк към този отговор
Сподели в други сайтове

За лентата,сетих се че започна да излиза съобщението след като инсталирах FTprog.Да деинсталирам ли RelevantKnowledge и по кой начин?

Ето отново лог файла.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06.06.2018 01
Ran by Vanka (administrator) on IVAN (07-06-2018 23:13:05)
Running from C:\Users\Vanka\Desktop
Loaded Profiles: Vanka (Available Profiles: Vanka)
Platform: Microsoft Windows 8.1 Enterprise (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(HP) C:\Program Files\HP\HP Wireless Button Driver\HPRadioMgr86.exe
() C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlvknlg.exe
(TMRG,  Inc.) C:\Program Files\RelevantKnowledge\rlvknlg32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747744 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7532248 2015-05-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2523304 2015-05-07] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPRadioMgr] => C:\Program Files\HP\HP Wireless Button Driver\HPRadioMgr86.exe [233000 2015-11-11] (HP)
HKLM\...\Run: [EaseUS TB Tray Agent] => C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2014-12-15] ()
HKU\S-1-5-21-3136552650-2365130857-356673686-1001\...\MountPoints2: {2ca8489e-c5e4-11e5-9738-b05ada9c5fdf} - "D:\Install.cmd" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{77F6F871-16E3-4748-90A7-7C5866B35451}: [DhcpNameServer] 192.168.179.1

Internet Explorer:
==================
HKU\S-1-5-21-3136552650-2365130857-356673686-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default [2018-06-07]
CHR Extension: (Презентации) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-25]
CHR Extension: (Документи) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-25]
CHR Extension: (Google Диск) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-29]
CHR Extension: (YouTube) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-29]
CHR Extension: (Google Документи офлайн) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-21]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-25]
CHR Extension: (Gmail) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-10-09] () [File not signed]
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd.)
R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [37416 2015-06-23] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe [208288 2018-01-11] (TMRG, Inc.) <==== ATTENTION
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [254680 2015-05-05] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208040 2015-05-07] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)
S2 WorkshopDbService; "C:\Program Files\ATRis_Technik\pgsql\bin\pg_ctl.exe" runservice  -N WorkshopDbService -D "C:\ProgramData\WorkshopData\data2" -w 

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [15080 2013-10-24] (Advanced Micro Devices, INC.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [26168 2016-01-28] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [40504 2016-01-28] (Disc Soft Ltd)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51752 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41512 2014-12-15] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15912 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189992 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems Ltd.)
S3 FTDIBUS; C:\Windows\system32\drivers\autrbus.sys [47249 2006-05-18] (FTDI Ltd.)
S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [75904 2017-08-24] (Future Technology Devices International Ltd.)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [23360 2010-03-19] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [525568 2015-06-02] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3933952 2015-10-14] (Realtek Semiconductor Corporation )
S3 Ser2plx86; C:\Windows\system32\DRIVERS\ser2pl.sys [77824 2008-09-24] (Prolific Technology Inc.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [25768 2015-05-07] (Synaptics Incorporated)
S3 SNTNLUSB; C:\Windows\System32\drivers\SNTNLUSB.SYS [38376 2009-09-17] (SafeNet, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2018-05-30] (Duplex Secure Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29688 2015-08-13] (HP)
R3 WirelessButtonDriver86; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29688 2015-08-13] (HP)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Corporation)
S3 audas0; \SystemRoot\System32\drivers\audas0.sys [X]
S3 BlueletAudio; \SystemRoot\system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; \SystemRoot\system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; \SystemRoot\system32\DRIVERS\btnetdrv.sys [X]
S3 btaudio; \SystemRoot\system32\drivers\btaudio.sys [X]
S3 BTDriver; \SystemRoot\system32\DRIVERS\btport.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 BTKRNL; \SystemRoot\system32\DRIVERS\btkrnl.sys [X]
S3 BTWDNDIS; \SystemRoot\system32\DRIVERS\btwdndis.sys [X]
S3 BTWUSB; \SystemRoot\System32\Drivers\btwusb.sys [X]
S3 VComm; \SystemRoot\system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; \SystemRoot\System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-07 23:13 - 2018-06-07 23:13 - 000013461 _____ C:\Users\Vanka\Desktop\FRST.txt
2018-06-07 23:12 - 2018-06-07 23:13 - 000000000 ____D C:\FRST
2018-06-07 23:11 - 2018-06-07 23:09 - 001773568 _____ (Farbar) C:\Users\Vanka\Desktop\FRST.exe
2018-06-07 23:09 - 2018-06-07 23:09 - 001773568 _____ (Farbar) C:\Users\Vanka\Downloads\FRST.exe
2018-06-07 21:35 - 2018-06-07 21:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-07 21:15 - 2016-06-21 17:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-06-07 21:15 - 2016-05-14 23:01 - 000320720 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2018-06-07 21:15 - 2016-05-14 01:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-07 21:15 - 2016-05-14 00:35 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2018-06-07 21:15 - 2016-05-14 00:26 - 000631808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-06-07 21:14 - 2016-07-08 17:18 - 001118208 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-07 21:14 - 2016-07-07 23:35 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-07 21:14 - 2016-05-17 00:16 - 000479312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-07 21:14 - 2016-05-17 00:16 - 000148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-07 21:14 - 2016-05-17 00:13 - 000340872 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-06-07 21:13 - 2016-08-02 08:54 - 020343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-07 21:13 - 2016-08-02 08:51 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-07 21:13 - 2016-08-02 08:47 - 002286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-07 21:13 - 2016-08-02 08:41 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-07 21:13 - 2016-08-02 08:21 - 004608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-07 21:13 - 2016-08-02 08:20 - 000880128 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-07 21:13 - 2016-08-02 08:15 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-07 21:13 - 2016-08-02 08:15 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-07 21:13 - 2016-08-02 08:14 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-07 21:13 - 2016-08-02 08:14 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-07 21:13 - 2016-08-02 08:11 - 013808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-07 21:13 - 2016-08-02 07:56 - 002393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-07 21:13 - 2016-08-02 07:53 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-07 21:13 - 2016-08-02 07:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-07 21:13 - 2016-06-11 20:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-07 21:13 - 2016-06-11 19:44 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-07 21:13 - 2016-06-11 19:43 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-07 21:13 - 2016-06-11 19:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-07 21:10 - 2016-06-11 21:27 - 005761888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-07 21:10 - 2016-05-06 18:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-06-07 20:14 - 2018-06-07 20:14 - 000000000 ___DL C:\Users\Vanka\AppData\LocalLow\PlayReady
2018-06-07 14:14 - 2018-06-07 22:03 - 000000000 ____D C:\Program Files\FTDI
2018-06-05 21:13 - 2018-06-05 21:19 - 000000000 ____D C:\Users\Vanka\Desktop\PR
2018-06-04 12:00 - 2018-06-04 12:00 - 000000601 _____ C:\Users\Vanka\Desktop\ESGI-2-ver.3.03.exe - Shortcut.lnk
2018-06-04 11:57 - 2018-06-04 11:58 - 001722368 _____ C:\Users\Vanka\Downloads\ESGI-2-ver.3.03.exe
2018-06-03 16:22 - 2018-06-03 16:22 - 000001442 _____ C:\Users\Vanka\Desktop\Internet Explorer.lnk
2018-06-03 15:06 - 2018-06-03 15:06 - 007027424 _____ (Microsoft Corporation) C:\Users\Vanka\Downloads\Silverlight.exe
2018-06-03 00:24 - 2018-06-03 00:25 - 012448378 _____ C:\Users\Vanka\Downloads\EZ-Diag Toolkit & EasyDiag_Driver & Firmware.rar
2018-06-02 11:10 - 2018-06-01 17:35 - 003575052 _____ C:\Users\Vanka\Desktop\General_calibration_instruction_VSI-2.0_GB.pdf
2018-06-02 10:11 - 2018-06-02 10:46 - 000000000 ____D C:\Users\Vanka\Desktop\prins-ept
2018-06-01 22:00 - 2011-03-18 14:46 - 000203144 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000201096 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000105352 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000061704 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2018-06-01 21:55 - 2018-06-01 21:59 - 000000000 ____D C:\Users\Vanka\Desktop\FTDI-prins
2018-06-01 17:34 - 2018-06-01 17:35 - 003575052 _____ C:\Users\Vanka\Downloads\General_calibration_instruction_VSI-2.0_GB.pdf
2018-05-31 21:06 - 2018-05-31 21:08 - 161075683 _____ C:\Users\Vanka\Downloads\w203 key.mkv
2018-05-30 23:38 - 2018-05-30 23:38 - 000000539 _____ C:\Users\Vanka\Desktop\ADBCD.exe - Shortcut.lnk
2018-05-30 23:31 - 2018-05-31 15:03 - 000000000 ____D C:\ADCDA2
2018-05-30 16:35 - 2018-05-30 16:35 - 000192662 _____ C:\Users\Vanka\Downloads\AEB387_Is387_290900.pdf
2018-05-29 22:37 - 2018-05-29 22:42 - 000000000 ____D C:\Users\Vanka\Desktop\renault
2018-05-29 22:14 - 2018-05-29 22:15 - 000000028 _____ C:\Users\Vanka\Desktop\prins.txt
2018-05-29 16:03 - 2018-05-29 16:03 - 000003147 _____ C:\Users\Vanka\Desktop\VSI Diagnostic D2.8.2.lnk
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VSI Diagnostics
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\Program Files\Prins
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\PrinsData
2018-05-29 15:38 - 2018-05-29 15:38 - 000000000 __RSH C:\MSDOS.SYS
2018-05-29 15:38 - 2018-05-29 15:38 - 000000000 __RSH C:\IO.SYS
2018-05-29 13:39 - 2018-05-29 13:39 - 000002158 _____ C:\Users\Public\Desktop\Landi Renzo Omegas.lnk
2018-05-29 13:39 - 2018-05-29 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landi Renzo
2018-05-29 13:38 - 2018-05-29 13:38 - 000000000 ____D C:\Program Files\Landi Renzo
2018-05-26 22:29 - 2018-05-26 22:31 - 000000000 ____D C:\Users\Vanka\AppData\Local\Viber
2018-05-23 22:09 - 2018-05-23 22:09 - 000002006 _____ C:\Users\Vanka\Desktop\ZENIT PRO 1.67.lnk
2018-05-23 22:09 - 2018-05-23 22:09 - 000000201 _____ C:\Users\Vanka\Documents\sdk_id.ini
2018-05-23 22:09 - 2018-05-23 22:09 - 000000000 ____D C:\Users\Vanka\Documents\Zenit PRO Setup_Data
2018-05-23 22:09 - 2018-05-23 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zenit PRO - rel. 1.67
2018-05-23 22:08 - 2018-05-23 22:08 - 000000000 ____D C:\Program Files\Zenit_PRO_1_67
2018-05-23 22:08 - 2008-04-14 13:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2018-05-23 22:08 - 2006-07-04 14:36 - 000061440 _____ (FTDI Ltd) C:\Windows\system32\FTChipID.DLL
2018-05-23 22:08 - 2004-03-08 22:00 - 000212240 _____ (Microsoft Corporation) C:\Windows\system32\RICHTX32.OCX
2018-05-23 22:08 - 2003-01-26 14:48 - 000147456 _____ (Info-ZIP) C:\Windows\system32\vbzip11.dll
2018-05-22 18:36 - 2018-05-22 18:36 - 000106090 _____ C:\Users\Vanka\Downloads\Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017.(subs.sab.bz).rar
2018-05-21 22:51 - 2018-05-21 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2018-05-21 22:50 - 2018-01-11 21:23 - 000752544 _____ (TMRG, Inc.) C:\Windows\system32\rlls.dll
2018-05-21 22:38 - 2018-06-07 22:28 - 000000000 ____D C:\Program Files\RelevantKnowledge
2018-05-21 22:36 - 2018-05-21 22:36 - 000001001 _____ C:\Users\Vanka\Desktop\MKV Player.lnk
2018-05-21 22:36 - 2018-05-21 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2018-05-21 22:36 - 2018-05-21 22:36 - 000000000 ____D C:\Program Files\MKV Player
2018-05-21 22:35 - 2018-05-21 22:35 - 006414081 _____ ( ) C:\Users\Vanka\Downloads\MKVPlayerSetupD.exe
2018-05-18 20:32 - 2006-09-18 04:06 - 000000241 _____ C:\Windows\system32\autrun2k.ini
2018-05-18 20:32 - 2006-05-24 02:47 - 000106496 _____ (FTDI Ltd.) C:\Windows\system32\autrbusui.dll
2018-05-18 20:32 - 2006-05-24 02:45 - 000176128 _____ (FTDI Ltd) C:\Windows\system32\autrd2xx.dll
2018-05-18 20:32 - 2006-05-24 02:42 - 000102400 _____ (FTDI) C:\Windows\system32\AUTRLang.dll
2018-05-18 20:32 - 2006-05-24 02:40 - 000188416 _____ C:\Windows\system32\autrunin.exe
2018-05-18 20:32 - 2006-05-19 03:51 - 000033360 _____ (FTDI Ltd.) C:\Windows\system32\autrserui2.dll
2018-05-18 20:32 - 2006-05-18 01:49 - 000061067 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\autrser2k.sys
2018-05-18 20:32 - 2006-05-18 01:48 - 000047249 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\autrbus.sys
2018-05-17 20:55 - 2018-05-29 15:51 - 000000000 ____D C:\Program Files\nodongle.biz
2018-05-17 20:51 - 2018-05-17 20:51 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2018-05-17 20:49 - 2018-05-18 18:13 - 000000000 ____D C:\Users\Vanka\Documents\Downloaded Installations
2018-05-16 21:28 - 2018-05-16 21:29 - 000000739 _____ C:\Users\Vanka\Downloads\WinRAR ZIP archive.zip
2018-05-14 19:00 - 2018-05-14 19:00 - 000001341 _____ C:\Users\Public\Desktop\Free Screen Video Recorder.lnk
2018-05-14 19:00 - 2018-05-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2018-05-14 19:00 - 2018-05-14 19:00 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-05-14 18:59 - 2018-05-14 19:00 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\DVDVideoSoft
2018-05-14 18:59 - 2018-05-14 19:00 - 000000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2018-05-14 18:59 - 2018-05-14 18:59 - 000000000 ____D C:\Program Files\FreeCodecPack
2018-05-14 18:59 - 2018-05-14 18:59 - 000000000 ____D C:\Program Files\DVDVideoSoft
2018-05-14 18:55 - 2006-10-17 22:29 - 000487479 _____ (Appspeed Inc.) C:\Windows\system32\SkinMagic.dll
2018-05-14 17:53 - 2018-05-14 17:53 - 000000734 _____ C:\Users\Vanka\Desktop\OpComHQ.rar
2018-05-12 19:39 - 2018-05-12 19:39 - 000000000 ____D C:\Windows\Downloaded Installations
2018-05-12 13:29 - 2018-05-27 22:25 - 000001280 _____ C:\Users\Public\Desktop\Skype.lnk
2018-05-12 13:29 - 2018-05-27 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-07 22:07 - 2013-08-22 09:13 - 000000187 _____ C:\Windows\win.ini
2018-06-07 22:05 - 2013-08-22 10:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-07 21:38 - 2014-11-21 05:54 - 000000000 ____D C:\Program Files\Windows Journal
2018-06-07 21:36 - 2013-08-22 11:05 - 000000000 ____D C:\Windows\CbsTemp
2018-06-07 21:35 - 2015-12-13 10:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-06-07 20:59 - 2013-08-22 09:21 - 000000000 ____D C:\Windows\inf
2018-06-07 14:19 - 2013-08-22 09:13 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-05 09:09 - 2018-04-25 20:40 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\ViberPC
2018-06-04 21:42 - 2018-04-25 20:48 - 000000000 ____D C:\Users\Vanka\Documents\ViberDownloads
2018-06-04 13:24 - 2015-12-12 06:08 - 000000000 ____D C:\Users\Vanka
2018-06-03 15:18 - 2014-11-21 06:17 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-03 15:09 - 2016-02-16 18:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-03 15:07 - 2016-02-16 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-03 00:45 - 2015-12-12 06:09 - 000000000 ____D C:\Users\Vanka\AppData\Local\Packages
2018-05-31 21:17 - 2015-12-14 03:55 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\vlc
2018-05-31 10:54 - 2015-12-25 15:45 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\uTorrent
2018-05-30 22:47 - 2016-01-28 19:32 - 000685816 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2018-05-29 15:36 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\System
2018-05-29 15:36 - 2013-08-22 07:07 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll
2018-05-29 15:36 - 2013-08-22 07:05 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2018-05-29 15:36 - 2013-08-22 07:04 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com
2018-05-29 15:36 - 2013-08-22 07:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2018-05-29 15:36 - 2013-08-22 06:55 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000069886 _____ C:\Windows\system32\edit.com
2018-05-29 15:36 - 2013-08-22 04:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000050648 _____ C:\Windows\system32\COMMAND.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE
2018-05-29 15:36 - 2013-08-22 04:42 - 000042809 _____ C:\Windows\system32\KEY01.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000042537 _____ C:\Windows\system32\KEYBOARD.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000039274 _____ C:\Windows\system32\mem.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000035776 _____ C:\Windows\system32\NTIO411.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000035552 _____ C:\Windows\system32\NTIO412.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000034688 _____ C:\Windows\system32\NTIO804.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000034688 _____ C:\Windows\system32\NTIO404.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000033968 _____ C:\Windows\system32\NTIO.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029370 _____ C:\Windows\system32\NTDOS411.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029274 _____ C:\Windows\system32\NTDOS412.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029146 _____ C:\Windows\system32\NTDOS804.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029146 _____ C:\Windows\system32\NTDOS404.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000027866 _____ C:\Windows\system32\NTDOS.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000027097 _____ C:\Windows\system32\country.sys
2018-05-29 15:36 - 2013-08-22 04:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE
2018-05-29 15:36 - 2013-08-22 04:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000021232 _____ C:\Windows\system32\graphics.pro
2018-05-29 15:36 - 2013-08-22 04:42 - 000020634 _____ C:\Windows\system32\debug.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000019694 _____ C:\Windows\system32\GRAPHICS.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000014710 _____ C:\Windows\system32\KB16.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV
2018-05-29 15:36 - 2013-08-22 04:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV
2018-05-29 15:36 - 2013-08-22 04:42 - 000012642 _____ C:\Windows\system32\edlin.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000012498 _____ C:\Windows\system32\append.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000011753 _____ C:\Windows\system32\setver.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000010790 _____ C:\Windows\system32\EDIT.HLP
2018-05-29 15:36 - 2013-08-22 04:42 - 000010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv
2018-05-29 15:36 - 2013-08-22 04:42 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000009029 _____ C:\Windows\system32\ANSI.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000008424 _____ C:\Windows\system32\exe2bin.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000007052 _____ C:\Windows\system32\nlsfunc.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000004768 _____ C:\Windows\system32\HIMEM.SYS
2018-05-29 15:36 - 2013-08-22 04:40 - 000028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE
2018-05-29 15:36 - 2013-08-22 04:40 - 000013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL
2018-05-29 15:36 - 2013-08-22 04:38 - 000053600 _____ C:\Windows\system32\dosx.exe
2018-05-29 15:36 - 2013-08-22 04:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL
2018-05-29 15:36 - 2013-08-22 04:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL
2018-05-29 15:36 - 2013-08-22 02:48 - 000256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe
2018-05-29 15:36 - 2013-08-22 02:48 - 000221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv
2018-05-29 15:36 - 2013-08-22 02:48 - 000177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000127213 _____ C:\Windows\system32\ega.cpi
2018-05-29 15:36 - 2013-08-22 02:48 - 000108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000028420 _____ C:\Windows\system32\bios1.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe
2018-05-29 15:36 - 2013-08-22 02:48 - 000018832 _____ C:\Windows\system32\v7vga.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000013312 _____ C:\Windows\system32\win87em.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000008191 _____ C:\Windows\system32\bios4.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb
2018-05-29 15:36 - 2013-08-22 02:48 - 000004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2018-05-28 23:44 - 2018-01-25 20:32 - 000000000 ____D C:\ProgramData\MCShield
2018-05-21 22:27 - 2015-12-14 03:51 - 000000000 ____D C:\Users\Vanka\AppData\Local\Adobe
2018-05-21 22:27 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-18 19:41 - 2015-12-25 19:58 - 000000000 ____D C:\Users\Vanka\AppData\Local\ElevatedDiagnostics
2018-05-17 22:16 - 2017-05-12 23:27 - 000001821 _____ C:\Users\Public\Desktop\BRC Calibration Tool.lnk
2018-05-17 22:16 - 2017-05-12 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BRC Gas Equipment
2018-05-16 08:05 - 2017-04-29 20:22 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-12 19:44 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\system32\NDF
2018-05-09 18:34 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\AppReadiness

==================== Files in the root of some directories =======

2016-10-30 20:29 - 2016-10-30 20:29 - 000009612 _____ () C:\Users\Vanka\AppData\Local\Temppicasso eobd_dba_ellemeet.svgz

Some files in TEMP:
====================
2017-09-28 19:31 - 2017-04-20 09:17 - 000050720 _____ (HP Inc.) C:\Users\Vanka\AppData\Local\Temp\ACLMInstaller.exe
2016-10-30 18:56 - 2018-01-25 18:45 - 000003584 _____ () C:\Users\Vanka\AppData\Local\Temp\dateinj01.dll
2016-10-30 20:28 - 2016-10-30 20:28 - 000155729 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.dll
2016-10-30 20:28 - 2016-10-30 20:28 - 000008273 _____ (TeamDev Ltd) C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.exe
2016-10-30 20:28 - 2016-10-30 20:28 - 000228864 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer64.2.7.1.dll
2015-12-13 10:03 - 2012-11-10 22:20 - 000150600 ____R (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\ose00000.exe
2016-01-03 15:48 - 2016-01-03 15:49 - 005850888 _____ (Innovative Solutions                                        ) C:\Users\Vanka\AppData\Local\Temp\tmp-drivermax4864470.exe
2015-12-25 15:47 - 2015-12-25 15:47 - 002026520 _____ (BitTorrent Inc.) C:\Users\Vanka\AppData\Local\Temp\uttB4C5.tmp.exe
2018-01-24 21:28 - 2018-01-25 20:33 - 000000000 _____ () C:\Users\Vanka\AppData\Local\Temp\{071FD7C0-E3FE-491A-8BBF-05F549B46E3D}-GoogleUpdateSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-04 19:05

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

 

 


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Видях, че имате инсталиран RevoUninstaller, може да ползвате и него, но в момента нямам инструкции за него, а съм на работа и не мога да напиша такива в момента. Затова ако не сте работили с Revo направете следното:

 

СТЪПКА 1

 

Изтеглете програмата GeekUninstaller и я запазете на десктопа.

Разархивирайте я и стартирайте файла geek.exe IxXO5oO.jpg
От списъка намерете RelevantKnowledge  (примера е за Mozilla Firefox, но това е просто за показно).

Кликнете с десен бутон върху програмата и изберете Force Removal
 
XhV2QLa.png
 
След края на инсталацията ще се отвори прозорец подканващ ви да премахнете всички остатъци от програмата (ако има такива, ако няма този прозорец няма да се появи):
 
Пример за Mozilla браузъра:

geekuninstaller-3.png

Уверете се, че всички редове са маркирани и натиснете бутона Finish за да изтриете останките от програмата.

 

СТЪПКА 2

 

Направете нова проверка с FRST и прикачете новите лог файлове - FRST.txt и Addition.txt (и двата).

 

Поздрави!

Линк към този отговор
Сподели в други сайтове

Здравейте!

Използвах Revo,прилагам файловете.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06.06.2018 01
Ran by Vanka (administrator) on IVAN (08-06-2018 22:35:53)
Running from C:\Users\Vanka\Desktop
Loaded Profiles: Vanka (Available Profiles: Vanka)
Platform: Microsoft Windows 8.1 Enterprise (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(HP) C:\Program Files\HP\HP Wireless Button Driver\HPRadioMgr86.exe
() C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747744 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7532248 2015-05-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2523304 2015-05-07] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPRadioMgr] => C:\Program Files\HP\HP Wireless Button Driver\HPRadioMgr86.exe [233000 2015-11-11] (HP)
HKLM\...\Run: [EaseUS TB Tray Agent] => C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2014-12-15] ()
HKU\S-1-5-21-3136552650-2365130857-356673686-1001\...\MountPoints2: {2ca8489e-c5e4-11e5-9738-b05ada9c5fdf} - "D:\Install.cmd" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{77F6F871-16E3-4748-90A7-7C5866B35451}: [DhcpNameServer] 192.168.179.1

Internet Explorer:
==================
HKU\S-1-5-21-3136552650-2365130857-356673686-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default [2018-06-08]
CHR Extension: (Презентации) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-25]
CHR Extension: (Документи) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-25]
CHR Extension: (Google Диск) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-29]
CHR Extension: (YouTube) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-29]
CHR Extension: (Google Документи офлайн) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-21]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-25]
CHR Extension: (Gmail) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Vanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-10-09] () [File not signed]
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd.)
R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [37416 2015-06-23] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [254680 2015-05-05] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208040 2015-05-07] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)
S2 WorkshopDbService; "C:\Program Files\ATRis_Technik\pgsql\bin\pg_ctl.exe" runservice  -N WorkshopDbService -D "C:\ProgramData\WorkshopData\data2" -w 

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [15080 2013-10-24] (Advanced Micro Devices, INC.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [26168 2016-01-28] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [40504 2016-01-28] (Disc Soft Ltd)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51752 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [41512 2014-12-15] () [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [15912 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189992 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems Ltd.)
S3 FTDIBUS; C:\Windows\system32\drivers\autrbus.sys [47249 2006-05-18] (FTDI Ltd.)
S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [75904 2017-08-24] (Future Technology Devices International Ltd.)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [23360 2010-03-19] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [525568 2015-06-02] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3933952 2015-10-14] (Realtek Semiconductor Corporation )
S3 Ser2plx86; C:\Windows\system32\DRIVERS\ser2pl.sys [77824 2008-09-24] (Prolific Technology Inc.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [25768 2015-05-07] (Synaptics Incorporated)
S3 SNTNLUSB; C:\Windows\System32\drivers\SNTNLUSB.SYS [38376 2009-09-17] (SafeNet, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2018-05-30] (Duplex Secure Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29688 2015-08-13] (HP)
R3 WirelessButtonDriver86; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29688 2015-08-13] (HP)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Corporation)
S3 audas0; \SystemRoot\System32\drivers\audas0.sys [X]
S3 BlueletAudio; \SystemRoot\system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; \SystemRoot\system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; \SystemRoot\system32\DRIVERS\btnetdrv.sys [X]
S3 btaudio; \SystemRoot\system32\drivers\btaudio.sys [X]
S3 BTDriver; \SystemRoot\system32\DRIVERS\btport.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 BTKRNL; \SystemRoot\system32\DRIVERS\btkrnl.sys [X]
S3 BTWDNDIS; \SystemRoot\system32\DRIVERS\btwdndis.sys [X]
S3 BTWUSB; \SystemRoot\System32\Drivers\btwusb.sys [X]
S3 VComm; \SystemRoot\system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; \SystemRoot\System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-08 22:35 - 2018-06-08 22:36 - 000013038 _____ C:\Users\Vanka\Desktop\FRST.txt
2018-06-08 22:34 - 2018-06-08 22:34 - 003542160 _____ C:\Users\Vanka\Desktop\2018-06-08 at 22-30-27.rar
2018-06-08 22:30 - 2018-06-08 22:30 - 003550499 _____ C:\Users\Vanka\Desktop\2018-06-08 at 22-30-27.mp4
2018-06-08 09:35 - 2018-06-08 09:36 - 000000229 _____ C:\Users\Vanka\Desktop\New Text Document.txt
2018-06-07 23:12 - 2018-06-08 22:35 - 000000000 ____D C:\FRST
2018-06-07 23:11 - 2018-06-07 23:09 - 001773568 _____ (Farbar) C:\Users\Vanka\Desktop\FRST.exe
2018-06-07 23:09 - 2018-06-07 23:09 - 001773568 _____ (Farbar) C:\Users\Vanka\Downloads\FRST.exe
2018-06-07 21:35 - 2018-06-07 21:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-07 21:15 - 2016-06-21 17:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-06-07 21:15 - 2016-05-14 23:01 - 000320720 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2018-06-07 21:15 - 2016-05-14 01:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-07 21:15 - 2016-05-14 00:35 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2018-06-07 21:15 - 2016-05-14 00:26 - 000631808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-06-07 21:14 - 2016-07-08 17:18 - 001118208 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-07 21:14 - 2016-07-07 23:35 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-07 21:14 - 2016-05-17 00:16 - 000479312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-07 21:14 - 2016-05-17 00:16 - 000148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-07 21:14 - 2016-05-17 00:13 - 000340872 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-06-07 21:13 - 2016-08-02 08:54 - 020343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-07 21:13 - 2016-08-02 08:51 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-07 21:13 - 2016-08-02 08:47 - 002286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-07 21:13 - 2016-08-02 08:41 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-07 21:13 - 2016-08-02 08:21 - 004608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-07 21:13 - 2016-08-02 08:20 - 000880128 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-07 21:13 - 2016-08-02 08:15 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-07 21:13 - 2016-08-02 08:15 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-07 21:13 - 2016-08-02 08:14 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-07 21:13 - 2016-08-02 08:14 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-07 21:13 - 2016-08-02 08:11 - 013808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-07 21:13 - 2016-08-02 07:56 - 002393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-07 21:13 - 2016-08-02 07:53 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-07 21:13 - 2016-08-02 07:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-07 21:13 - 2016-06-11 20:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-07 21:13 - 2016-06-11 19:44 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-07 21:13 - 2016-06-11 19:43 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-07 21:13 - 2016-06-11 19:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-07 21:10 - 2016-06-11 21:27 - 005761888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-07 21:10 - 2016-05-06 18:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-06-07 20:14 - 2018-06-07 20:14 - 000000000 ___DL C:\Users\Vanka\AppData\LocalLow\PlayReady
2018-06-07 14:14 - 2018-06-07 22:03 - 000000000 ____D C:\Program Files\FTDI
2018-06-05 21:13 - 2018-06-05 21:19 - 000000000 ____D C:\Users\Vanka\Desktop\PR
2018-06-04 12:00 - 2018-06-04 12:00 - 000000601 _____ C:\Users\Vanka\Desktop\ESGI-2-ver.3.03.exe - Shortcut.lnk
2018-06-04 11:57 - 2018-06-04 11:58 - 001722368 _____ C:\Users\Vanka\Downloads\ESGI-2-ver.3.03.exe
2018-06-03 16:22 - 2018-06-03 16:22 - 000001442 _____ C:\Users\Vanka\Desktop\Internet Explorer.lnk
2018-06-03 15:06 - 2018-06-03 15:06 - 007027424 _____ (Microsoft Corporation) C:\Users\Vanka\Downloads\Silverlight.exe
2018-06-03 00:24 - 2018-06-03 00:25 - 012448378 _____ C:\Users\Vanka\Downloads\EZ-Diag Toolkit & EasyDiag_Driver & Firmware.rar
2018-06-02 11:10 - 2018-06-01 17:35 - 003575052 _____ C:\Users\Vanka\Desktop\General_calibration_instruction_VSI-2.0_GB.pdf
2018-06-02 10:11 - 2018-06-02 10:46 - 000000000 ____D C:\Users\Vanka\Desktop\prins-ept
2018-06-01 22:00 - 2011-03-18 14:46 - 000203144 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000201096 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000105352 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2018-06-01 22:00 - 2011-03-18 14:46 - 000061704 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2018-06-01 21:55 - 2018-06-01 21:59 - 000000000 ____D C:\Users\Vanka\Desktop\FTDI-prins
2018-06-01 17:34 - 2018-06-01 17:35 - 003575052 _____ C:\Users\Vanka\Downloads\General_calibration_instruction_VSI-2.0_GB.pdf
2018-05-31 21:06 - 2018-05-31 21:08 - 161075683 _____ C:\Users\Vanka\Downloads\w203 key.mkv
2018-05-30 23:38 - 2018-05-30 23:38 - 000000539 _____ C:\Users\Vanka\Desktop\ADBCD.exe - Shortcut.lnk
2018-05-30 23:31 - 2018-05-31 15:03 - 000000000 ____D C:\ADCDA2
2018-05-30 16:35 - 2018-05-30 16:35 - 000192662 _____ C:\Users\Vanka\Downloads\AEB387_Is387_290900.pdf
2018-05-29 22:37 - 2018-05-29 22:42 - 000000000 ____D C:\Users\Vanka\Desktop\renault
2018-05-29 22:14 - 2018-05-29 22:15 - 000000028 _____ C:\Users\Vanka\Desktop\prins.txt
2018-05-29 16:03 - 2018-05-29 16:03 - 000003147 _____ C:\Users\Vanka\Desktop\VSI Diagnostic D2.8.2.lnk
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VSI Diagnostics
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\Program Files\Prins
2018-05-29 16:03 - 2018-05-29 16:03 - 000000000 ____D C:\PrinsData
2018-05-29 15:38 - 2018-05-29 15:38 - 000000000 __RSH C:\MSDOS.SYS
2018-05-29 15:38 - 2018-05-29 15:38 - 000000000 __RSH C:\IO.SYS
2018-05-29 13:39 - 2018-05-29 13:39 - 000002158 _____ C:\Users\Public\Desktop\Landi Renzo Omegas.lnk
2018-05-29 13:39 - 2018-05-29 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landi Renzo
2018-05-29 13:38 - 2018-05-29 13:38 - 000000000 ____D C:\Program Files\Landi Renzo
2018-05-26 22:29 - 2018-05-26 22:31 - 000000000 ____D C:\Users\Vanka\AppData\Local\Viber
2018-05-23 22:09 - 2018-05-23 22:09 - 000002006 _____ C:\Users\Vanka\Desktop\ZENIT PRO 1.67.lnk
2018-05-23 22:09 - 2018-05-23 22:09 - 000000201 _____ C:\Users\Vanka\Documents\sdk_id.ini
2018-05-23 22:09 - 2018-05-23 22:09 - 000000000 ____D C:\Users\Vanka\Documents\Zenit PRO Setup_Data
2018-05-23 22:09 - 2018-05-23 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zenit PRO - rel. 1.67
2018-05-23 22:08 - 2018-05-23 22:08 - 000000000 ____D C:\Program Files\Zenit_PRO_1_67
2018-05-23 22:08 - 2008-04-14 13:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2018-05-23 22:08 - 2006-07-04 14:36 - 000061440 _____ (FTDI Ltd) C:\Windows\system32\FTChipID.DLL
2018-05-23 22:08 - 2004-03-08 22:00 - 000212240 _____ (Microsoft Corporation) C:\Windows\system32\RICHTX32.OCX
2018-05-23 22:08 - 2003-01-26 14:48 - 000147456 _____ (Info-ZIP) C:\Windows\system32\vbzip11.dll
2018-05-22 18:36 - 2018-05-22 18:36 - 000106090 _____ C:\Users\Vanka\Downloads\Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017.(subs.sab.bz).rar
2018-05-21 22:50 - 2018-01-11 21:23 - 000752544 _____ (TMRG, Inc.) C:\Windows\system32\rlls.dll
2018-05-21 22:36 - 2018-05-21 22:36 - 000001001 _____ C:\Users\Vanka\Desktop\MKV Player.lnk
2018-05-21 22:36 - 2018-05-21 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV Player
2018-05-21 22:36 - 2018-05-21 22:36 - 000000000 ____D C:\Program Files\MKV Player
2018-05-21 22:35 - 2018-05-21 22:35 - 006414081 _____ ( ) C:\Users\Vanka\Downloads\MKVPlayerSetupD.exe
2018-05-18 20:32 - 2006-09-18 04:06 - 000000241 _____ C:\Windows\system32\autrun2k.ini
2018-05-18 20:32 - 2006-05-24 02:47 - 000106496 _____ (FTDI Ltd.) C:\Windows\system32\autrbusui.dll
2018-05-18 20:32 - 2006-05-24 02:45 - 000176128 _____ (FTDI Ltd) C:\Windows\system32\autrd2xx.dll
2018-05-18 20:32 - 2006-05-24 02:42 - 000102400 _____ (FTDI) C:\Windows\system32\AUTRLang.dll
2018-05-18 20:32 - 2006-05-24 02:40 - 000188416 _____ C:\Windows\system32\autrunin.exe
2018-05-18 20:32 - 2006-05-19 03:51 - 000033360 _____ (FTDI Ltd.) C:\Windows\system32\autrserui2.dll
2018-05-18 20:32 - 2006-05-18 01:49 - 000061067 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\autrser2k.sys
2018-05-18 20:32 - 2006-05-18 01:48 - 000047249 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\autrbus.sys
2018-05-17 20:55 - 2018-05-29 15:51 - 000000000 ____D C:\Program Files\nodongle.biz
2018-05-17 20:51 - 2018-05-17 20:51 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2018-05-17 20:49 - 2018-05-18 18:13 - 000000000 ____D C:\Users\Vanka\Documents\Downloaded Installations
2018-05-16 21:28 - 2018-05-16 21:29 - 000000739 _____ C:\Users\Vanka\Downloads\WinRAR ZIP archive.zip
2018-05-14 19:00 - 2018-05-14 19:00 - 000001341 _____ C:\Users\Public\Desktop\Free Screen Video Recorder.lnk
2018-05-14 19:00 - 2018-05-14 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2018-05-14 19:00 - 2018-05-14 19:00 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-05-14 18:59 - 2018-05-14 19:00 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\DVDVideoSoft
2018-05-14 18:59 - 2018-05-14 19:00 - 000000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2018-05-14 18:59 - 2018-05-14 18:59 - 000000000 ____D C:\Program Files\FreeCodecPack
2018-05-14 18:59 - 2018-05-14 18:59 - 000000000 ____D C:\Program Files\DVDVideoSoft
2018-05-14 18:55 - 2006-10-17 22:29 - 000487479 _____ (Appspeed Inc.) C:\Windows\system32\SkinMagic.dll
2018-05-14 17:53 - 2018-05-14 17:53 - 000000734 _____ C:\Users\Vanka\Desktop\OpComHQ.rar
2018-05-12 19:39 - 2018-05-12 19:39 - 000000000 ____D C:\Windows\Downloaded Installations
2018-05-12 13:29 - 2018-05-27 22:25 - 000001280 _____ C:\Users\Public\Desktop\Skype.lnk
2018-05-12 13:29 - 2018-05-27 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-08 22:33 - 2015-12-14 03:55 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\vlc
2018-06-08 09:15 - 2017-04-29 20:22 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-07 22:07 - 2013-08-22 09:13 - 000000187 _____ C:\Windows\win.ini
2018-06-07 22:05 - 2013-08-22 10:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-07 21:38 - 2014-11-21 05:54 - 000000000 ____D C:\Program Files\Windows Journal
2018-06-07 21:36 - 2013-08-22 11:05 - 000000000 ____D C:\Windows\CbsTemp
2018-06-07 21:35 - 2015-12-13 10:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-06-07 20:59 - 2013-08-22 09:21 - 000000000 ____D C:\Windows\inf
2018-06-07 14:19 - 2013-08-22 09:13 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-05 09:09 - 2018-04-25 20:40 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\ViberPC
2018-06-04 21:42 - 2018-04-25 20:48 - 000000000 ____D C:\Users\Vanka\Documents\ViberDownloads
2018-06-04 13:24 - 2015-12-12 06:08 - 000000000 ____D C:\Users\Vanka
2018-06-03 15:18 - 2014-11-21 06:17 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-03 15:09 - 2016-02-16 18:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-03 15:07 - 2016-02-16 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-03 00:45 - 2015-12-12 06:09 - 000000000 ____D C:\Users\Vanka\AppData\Local\Packages
2018-05-31 10:54 - 2015-12-25 15:45 - 000000000 ____D C:\Users\Vanka\AppData\Roaming\uTorrent
2018-05-30 22:47 - 2016-01-28 19:32 - 000685816 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2018-05-29 15:36 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\System
2018-05-29 15:36 - 2013-08-22 07:07 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll
2018-05-29 15:36 - 2013-08-22 07:05 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2018-05-29 15:36 - 2013-08-22 07:04 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com
2018-05-29 15:36 - 2013-08-22 07:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2018-05-29 15:36 - 2013-08-22 06:55 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000069886 _____ C:\Windows\system32\edit.com
2018-05-29 15:36 - 2013-08-22 04:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000050648 _____ C:\Windows\system32\COMMAND.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE
2018-05-29 15:36 - 2013-08-22 04:42 - 000042809 _____ C:\Windows\system32\KEY01.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000042537 _____ C:\Windows\system32\KEYBOARD.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000039274 _____ C:\Windows\system32\mem.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000035776 _____ C:\Windows\system32\NTIO411.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000035552 _____ C:\Windows\system32\NTIO412.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000034688 _____ C:\Windows\system32\NTIO804.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000034688 _____ C:\Windows\system32\NTIO404.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000033968 _____ C:\Windows\system32\NTIO.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029370 _____ C:\Windows\system32\NTDOS411.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029274 _____ C:\Windows\system32\NTDOS412.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029146 _____ C:\Windows\system32\NTDOS804.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000029146 _____ C:\Windows\system32\NTDOS404.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000027866 _____ C:\Windows\system32\NTDOS.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000027097 _____ C:\Windows\system32\country.sys
2018-05-29 15:36 - 2013-08-22 04:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE
2018-05-29 15:36 - 2013-08-22 04:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000021232 _____ C:\Windows\system32\graphics.pro
2018-05-29 15:36 - 2013-08-22 04:42 - 000020634 _____ C:\Windows\system32\debug.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000019694 _____ C:\Windows\system32\GRAPHICS.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000014710 _____ C:\Windows\system32\KB16.COM
2018-05-29 15:36 - 2013-08-22 04:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV
2018-05-29 15:36 - 2013-08-22 04:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV
2018-05-29 15:36 - 2013-08-22 04:42 - 000012642 _____ C:\Windows\system32\edlin.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000012498 _____ C:\Windows\system32\append.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000011753 _____ C:\Windows\system32\setver.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000010790 _____ C:\Windows\system32\EDIT.HLP
2018-05-29 15:36 - 2013-08-22 04:42 - 000010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv
2018-05-29 15:36 - 2013-08-22 04:42 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000009029 _____ C:\Windows\system32\ANSI.SYS
2018-05-29 15:36 - 2013-08-22 04:42 - 000008424 _____ C:\Windows\system32\exe2bin.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000007052 _____ C:\Windows\system32\nlsfunc.exe
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2018-05-29 15:36 - 2013-08-22 04:42 - 000004768 _____ C:\Windows\system32\HIMEM.SYS
2018-05-29 15:36 - 2013-08-22 04:40 - 000028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE
2018-05-29 15:36 - 2013-08-22 04:40 - 000013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL
2018-05-29 15:36 - 2013-08-22 04:38 - 000053600 _____ C:\Windows\system32\dosx.exe
2018-05-29 15:36 - 2013-08-22 04:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL
2018-05-29 15:36 - 2013-08-22 04:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL
2018-05-29 15:36 - 2013-08-22 02:48 - 000256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe
2018-05-29 15:36 - 2013-08-22 02:48 - 000221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv
2018-05-29 15:36 - 2013-08-22 02:48 - 000177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000127213 _____ C:\Windows\system32\ega.cpi
2018-05-29 15:36 - 2013-08-22 02:48 - 000108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000028420 _____ C:\Windows\system32\bios1.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe
2018-05-29 15:36 - 2013-08-22 02:48 - 000018832 _____ C:\Windows\system32\v7vga.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000013312 _____ C:\Windows\system32\win87em.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll
2018-05-29 15:36 - 2013-08-22 02:48 - 000008191 _____ C:\Windows\system32\bios4.rom
2018-05-29 15:36 - 2013-08-22 02:48 - 000005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb
2018-05-29 15:36 - 2013-08-22 02:48 - 000004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2018-05-28 23:44 - 2018-01-25 20:32 - 000000000 ____D C:\ProgramData\MCShield
2018-05-21 22:27 - 2015-12-14 03:51 - 000000000 ____D C:\Users\Vanka\AppData\Local\Adobe
2018-05-21 22:27 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-18 19:41 - 2015-12-25 19:58 - 000000000 ____D C:\Users\Vanka\AppData\Local\ElevatedDiagnostics
2018-05-17 22:16 - 2017-05-12 23:27 - 000001821 _____ C:\Users\Public\Desktop\BRC Calibration Tool.lnk
2018-05-17 22:16 - 2017-05-12 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BRC Gas Equipment
2018-05-12 19:44 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\system32\NDF
2018-05-09 18:34 - 2013-08-22 11:17 - 000000000 ____D C:\Windows\AppReadiness

==================== Files in the root of some directories =======

2016-10-30 20:29 - 2016-10-30 20:29 - 000009612 _____ () C:\Users\Vanka\AppData\Local\Temppicasso eobd_dba_ellemeet.svgz

Some files in TEMP:
====================
2017-09-28 19:31 - 2017-04-20 09:17 - 000050720 _____ (HP Inc.) C:\Users\Vanka\AppData\Local\Temp\ACLMInstaller.exe
2016-10-30 18:56 - 2018-01-25 18:45 - 000003584 _____ () C:\Users\Vanka\AppData\Local\Temp\dateinj01.dll
2016-10-30 20:28 - 2016-10-30 20:28 - 000155729 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.dll
2016-10-30 20:28 - 2016-10-30 20:28 - 000008273 _____ (TeamDev Ltd) C:\Users\Vanka\AppData\Local\Temp\JExplorer32.2.7.1.exe
2016-10-30 20:28 - 2016-10-30 20:28 - 000228864 _____ () C:\Users\Vanka\AppData\Local\Temp\JExplorer64.2.7.1.dll
2015-12-13 10:03 - 2012-11-10 22:20 - 000150600 ____R (Microsoft Corporation) C:\Users\Vanka\AppData\Local\Temp\ose00000.exe
2016-01-03 15:48 - 2016-01-03 15:49 - 005850888 _____ (Innovative Solutions                                        ) C:\Users\Vanka\AppData\Local\Temp\tmp-drivermax4864470.exe
2015-12-25 15:47 - 2015-12-25 15:47 - 002026520 _____ (BitTorrent Inc.) C:\Users\Vanka\AppData\Local\Temp\uttB4C5.tmp.exe
2018-01-24 21:28 - 2018-01-25 20:33 - 000000000 _____ () C:\Users\Vanka\AppData\Local\Temp\{071FD7C0-E3FE-491A-8BBF-05F549B46E3D}-GoogleUpdateSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-04 19:05

==================== End of FRST.txt ============================

Addition.txt

Линк към този отговор
Сподели в други сайтове

Изглежда наред. Има само някои остатъци от RelevantKnowledge:

 

Изтеглете edit-text.giffixlist.txt и го запазете на в папката, където сте свалили FRST64.exe преименуван на проба64.exe (в папката C:\Users\kalin\Desktop\проба64.exe или иначе казано на десктопа).
Стартирайте проба64.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Пишете как е положението след скрипта!  ;)

Поздрави!

Линк към този отговор
Сподели в други сайтове

Направих това което казахте.

Fix result of Farbar Recovery Scan Tool (x86) Version: 06.06.2018 01
Ran by Vanka (09-06-2018 09:12:38) Run:1
Running from C:\Users\Vanka\Desktop
Loaded Profiles: Vanka (Available Profiles: Vanka)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3136552650-2365130857-356673686-1001\...\MountPoints2: {2ca8489e-c5e4-11e5-9738-b05ada9c5fdf} - "D:\Install.cmd"
2018-05-21 22:50 - 2018-01-11 21:23 - 000752544 _____ (TMRG, Inc.) C:\Windows\system32\rlls.dll
Task: {224392C1-C183-49BF-A1AB-9E934895266E} - System32\Tasks\{72506DC6-EA26-4672-8938-B0280C31B602} => C:\Windows\system32\pcalua.exe -a F:\Setup_.exe -d F:\
Task: {884BDB2D-8BC3-4565-8221-A9C7BE122026} - System32\Tasks\{89C72C19-5F7D-4C08-BEA1-08D70CAAD14E} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\
EmptyTemp:
end

*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
"HKU\S-1-5-21-3136552650-2365130857-356673686-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ca8489e-c5e4-11e5-9738-b05ada9c5fdf}" => removed successfully.
HKLM\Software\Classes\CLSID\{2ca8489e-c5e4-11e5-9738-b05ada9c5fdf} => not found
"C:\Windows\system32\rlls.dll" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{224392C1-C183-49BF-A1AB-9E934895266E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{224392C1-C183-49BF-A1AB-9E934895266E}" => removed successfully.
C:\Windows\System32\Tasks\{72506DC6-EA26-4672-8938-B0280C31B602} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{72506DC6-EA26-4672-8938-B0280C31B602}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{884BDB2D-8BC3-4565-8221-A9C7BE122026}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{884BDB2D-8BC3-4565-8221-A9C7BE122026}" => removed successfully.
C:\Windows\System32\Tasks\{89C72C19-5F7D-4C08-BEA1-08D70CAAD14E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{89C72C19-5F7D-4C08-BEA1-08D70CAAD14E}" => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17390865 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 189237685 B
Edge => 0 B
Chrome => 478312159 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 155417056 B
Vanka => 385843638 B

RecycleBin => 80673 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:15:20 ====

 

Според мен всичко е наред вече!

Fixlog.txt

Линк към този отговор
Сподели в други сайтове

Чудесно:

За да премахнем Farbar Recovery Scan Tool направете следното:

Преименувайте изпълнимия файл FRST.exe на Uninstall.exe.

image.png.9cf9e0ab76b122782aff3552f54c5829.png     =>     image.png.44f957ce25ef61c76206655a46425152.png

Кликнете с десен бутон на мишката върху Uninstall.exe и изберете Run as administrator. Ще бъдете уведомени, че трябва да рестартирате системата, за да изтриете инструмента.

image.png.abcc20b28654d54fae08e7451bb5dc3b.png

След рестарта инструмента и прилежащите към него файлове ще бъдат изтрити.

Поздрави и спокойни почивни дни! :bye1:

Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от nikolaustirol
      Здравейте. Имам съмнение, че компютъра е заразен защото в мултитаскинг менюто виждам, че процесора е винаги натоварен поне на 46%, а паметта е заета над 65%. Случва ми се често страници да пишат, че липсва достатъчно памет и да искат обновяване. Компютърът е Фуджицо Сименс Еспримо с процесор Intel Core Duo E7600 3,06 GHz. Инсталирана памет 8 ГБ, но пише, че само 3 ГБ са използваеми. ОС е Уиндоус 7 Про, 32 бита. Имам оригинален диск.
      FRST.txt Addition.txt
    • от Усмихни_Се :)
      Компютъра днес стана страшно бавен , и отделно имам 7 папки, които не могат да се изтрият по никакъв начин ( пробвах през Safe Mode, и с програма за триене на папки )  Не се получава, стоят си папките на DSKTOPA..
      FRST.txt Addition.txt
    • от doktorkartar
      Здравейте, и честит Никулден на всички празнуващи!
       
      Преди няколко дни почистих с AdwCleaner и от тогава Mozilla се шашна.  Отварям си някой сайт (без значение кой), и си го преглеждам в продължение на няколко мин. Изведнъж спира да ми зарежда страницата все едно няма нет. Каквото и да се опитам да отворя в сайта е без успех. Тръгва да зарежда но все не успява. Даже и да презаредя страницата пак не се получава. Обаче ако реша да отворя същия сайт или друг в нов раздел, всичко си е нормално до следващото забиване.
      Пример с youtube:
      Пускам някой клип върви си нормално и по едно време клипа спира и се опитва да го зареди но без успех. Цъкам на някой друг клип и се опитва да зареди в адресната лента но не успява. Общо взето от този раздел не може да се отвори нищо повече. Цъкам със скрола на мишката върху друг клип, за да го отвори в нов раздел и всичко си се зарежда нормално до следващото забиване на новия раздел.
       
      С Хром страниците се отварят нормално и няма този проблем.
      Изтрих мозилата и я инсталирах на ново и пак същото.
      Пробвах с изключени добавки и отново без резултат.
       
      Пусках JRT и malwarebytes, така че ето и техния доклад.
      Разполагам с диск за ОС.
       
       
      JRT.txt mb1.txt Addition.txt FRST.txt
    • от Венцислав Бориславов
      Здравейте, току що си сложи флашката за да прегледам стара снимки и забелязах че има са заключени с .harma фаил и не помага нищо. 
      Пусках лаптопа в safe mode, свалях няколко тоолкита но нище помага, други решения има ли за проблема или утре да му бия преинстала, че и без това му е наближило. 😀
    • от grizly
      Здравейте, преди няколко дни пробвах едни дискове в какво състояние са и в един от тях ми се залепиха някакви вируси, касперски започва да ги дезинфектира и изтрива но мисля че не успя да се справи с тях напълно.
      Долу в систем трея иконата на касперски стои червена постоянно и пише защитата е застрашена,
      Открито MEM:Virus.Win32.Sality.Gen Обект: Системна памет, срещу него като чукна на бутон Изтрий не се случва абсолютно нищо и стои червен знак за внимание.
      Общо взето системата ми се държи добре и нормално но ме дразни много тази червена икона на касперски в систем трея долу.
      https://dox.abv.bg/download?id=8257cebfb2# - Линк за сваляне
  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване