Премини към съдържанието

Препоръчан отговор


Здравейте,

От преди малко съм се регистриралатук  и не съм запозната с работата на сайта, а също и съм новак при използване на компютъра.

Не знам какво е и как да попълня прозореца за "тагове".

Сигурно ще съм неточна и недостатъчно добре  представям проблема , затова търся и помощ при Вас. Благодаря предварително за помоща.

От известно време компа ми е много, необичайно бавен при отваряне на прозорци , забелязях и процесите в start task manager, че са 86.

Пуснах по Ваша препоръка програмата  FRST.exe и ще прибавя текстовите файлове .

http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

Опитах с copy/paste да хвана съдържанието на файла от Notepad, но докарах този http адрес.

Затова ги прикачам, дано е станало правилно.

 

 

Addition.txt

FRST.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

 

СТЪПКА 1

 

Изтеглете програмата GeekUninstaller и я запазете на десктопа.

Разархивирайте я и стартирайте файла geek.exe IxXO5oO.jpg
От списъка намерете Allin1Convert Internet Explorer Toolbar  (примера е за Mozilla Firefox, но това е просто за показно).

Кликнете с десен бутон върху програмата и изберете Force Removal
 
XhV2QLa.png
 
След края на инсталацията ще се отвори прозорец подканващ ви да премахнете всички остатъци от програмата (ако има такива, ако няма този прозорец няма да се появи):
 
Пример за Mozilla браузъра:

geekuninstaller-3.png

Уверете се, че всички редове са маркирани и натиснете бутона Finish за да изтриете останките от програмата.

Повторете стъпките и за следните програми в списъка:

FormFetcherPro Internet Explorer Homepage and New Tab
VideoDownloadConverter Internet Explorer Toolbar
YourTemplateFinder Internet Explorer Homepage and New Tab
Yahoo Toolbar
McAfee WebAdvisor

 

 

СТЪПКА 2

 

Изтеглете edit-text.giffixlist.txt и го запазете на в папката, където сте свалили FRST64.exe (в папката C:\Users\user\Downloads).

Стартирайте FRST64.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата на десктопа.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

 

 

СТЪПКА 3

 

  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner 7.2.4.0 Final
  • Натиснете бутона Scan Now (или Сканиране сега, ако ви е на български)

4lqbd6J.png

  • AdwCleaner ще обнови базата с дефинициите си и ще започне да проверява компютъра. Проверката ще отнеме не повече от няколко секунди.
  • След като проверката приключи ако има намерени обекти ще се появи диалогов прозорец подканващ ви да натиснете бутона Clean & Repair (Почисти & Поправи).
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.

FCuQiuz.png

  • Ако не бъдат открити зарази ще видите следния прозорец:

CWWivYK.png

  • Натиснете бутона Skip Basic Repair (Пропускане на основното поправяне).
  • И в двата случая ако няма открити зарази или ако програмата е почистила такива, стартирайте пак програмата и отидете до табът Log files (Журнални файлове на български, но превода не се събира в интерфейса на програмата и съм докладвал за проблема).
  • Кликнете с двукратен клил на мишката върху лог файла с последната дата и част (новите файлове са най-отдолу в списъка) и публикувайте съдържанието на файла в следващия си коментар.

 

 

СТЪПКА 4

 

Сега вече направете нова проверка с FRST и прикачете новите логове за да видя има ли остатъци за изтриване.

Пишете как е положението след изпълнението на стъпките.

Поздрави!

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте ,

Много благодаря за бързия отговор. Брилиянтно  обяснено , точно като за мен.

Докладвам по стъпка 1

Не ми даде възможност да я запазя на desktop и автоматично я прати в download, аз я копирах там и я стартирах geek.exe

в моя списък не се появи файла Allin1ConvertInternet explorertoolbar .

за файла Form Fetcher........... изпълних Force Removal и излезе прозорец с Registry 9item с 2 подпрозореца , не посмях да дам Finish.

същият прозорец с Registry 9item с 2 подпрозореца , излезе и за файла  Your template ....., и пяк не посмях да дам Finish.

другите посочени от Вас файлове също липсваха.

стъпка 2

изтеглих файла fixlist.txt  стартирах FRST64

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by user (24-10-2018 12:38:55) Run:1
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp.myway.com/formfetcherpro/s29313/index.html?n=7849CA34&p2=^CNI^xdm066^S29313^bg&ptb=80636BA3-E861-4438-B867-9756D9E434C8&si=EAIaIQobChMIyrqa_9OP3gIVxcWyCh273gGHEAEYASAAEgIQw_D_BwE&coid=6808db8c56504d52ae67b46cf8afcda0
URLSearchHook: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll No File
URLSearchHook: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} URL = hxxp://www.default-search.net/search?sid=578&aid=100&itype=n&ver=15946&tm=683&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={DB58B4F8-EF8A-4AC3-A328-AD0DDDBF08D5}&mid=a9df0639961547cdbced4d633633d453-6b40b82802fdd63dbf853a70449ab6c3c30cc4b3&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-01-20 10:35:35&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll => No File
BHO-x32: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Yahoo Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll No File
Toolbar: HKLM-x32 - No Name - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} -  No File
Toolbar: HKLM-x32 - No Name - {cd1a63ba-a08c-431b-9a34-f240aadc728d} -  No File
Toolbar: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> No Name - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} -  No File
Toolbar: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} -  No File
FF NewTab: Mozilla\Firefox\Profiles\52swtuzk.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\52swtuzk.default -> Enabled: jid1-16aeif9OQIRKxA@jetpack
FF Extension: (Search and New Tab by Yahoo) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2018-09-19]
FF Extension: (Telemetry coverage) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\features\{2c63eeac-8738-4cdf-999d-86d95b1bc2c5}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-10] [Legacy]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\ask-web-search.xml [2014-12-05]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\avg-secure-search.xml [2016-03-12]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\default-search.xml [2015-04-15]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\google-avast.xml [2016-03-25]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\yahoo-avast.xml [2015-02-13]
FF Extension: (Search and New Tab by Yahoo) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-11-29]
2018-10-18 12:19 - 2018-10-18 12:19 - 000000000 ____D C:\Users\user\AppData\Local\FormFetcherProTooltab
2018-10-18 12:07 - 2018-10-18 12:07 - 000000000 ____D C:\Users\user\AppData\Local\YourTemplateFinderTooltab
Task: {0C0BBA0A-2E7E-4A40-923C-C770C31E67FB} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {1EF0C24A-958A-4848-AB49-6E3A90993CFA} - System32\Tasks\PCRegistryShield_Popup => C:\Program Files (x86)\PC Registry Shield\Splash.exe <==== ATTENTION
Task: {3F38A587-0BAE-4C8D-8BC2-33C89E97B5F6} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {4DB7AD7F-40C1-45D7-9CFC-F17E15234E0E} - System32\Tasks\PCRegistryShield_Start => C:\Program Files (x86)\PC Registry Shield\PcRegistryShield.exe <==== ATTENTION
Task: {95A95B3E-40C5-4F1D-87B8-DA6E29ABF9AF} - System32\Tasks\Run_Bobby_Browser => C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {DC1F10AA-A0F2-4ECE-8B1C-8D237CCD8F07} - System32\Tasks\PostPoneInstall => C:\Users\user\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
AlternateDataStreams: C:\Users\user\Local Settings:init [6330190]
AlternateDataStreams: C:\Users\user\AppData\Local:init [6330190]
AlternateDataStreams: C:\Users\user\AppData\Local\Application Data:init [6330190]
cmd: del %temp%\*.* /f /s /q
cmd: rd /s /q %temp%
Hosts:
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{93a3111f-4f74-4ed8-895e-d9708497629e}" => removed successfully
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} => not found
HKLM\Software\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2578} => not found
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => not found
HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => not found
HKLM\Software\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88}" => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}" => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{cd1a63ba-a08c-431b-9a34-f240aadc728d}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} => not found
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}" => not found
HKLM\Software\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} => not found
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CD1A63BA-A08C-431B-9A34-F240AADC728D}" => removed successfully
HKLM\Software\Classes\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => not found
"Firefox newtab" => removed successfully
"Firefox NewTabOverride (jid1-16aeif9OQIRKxA@jetpack) " => removed successfully
"C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi" => not found
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\features\{2c63eeac-8738-4cdf-999d-86d95b1bc2c5}\telemetry-coverage-bug1487578@mozilla.org.xpi => moved successfully
"C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\ask-web-search.xml" => not found
"C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\avg-secure-search.xml" => not found
"C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\default-search.xml" => not found
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\google-avast.xml => moved successfully
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\52swtuzk.default\searchplugins\yahoo-avast.xml => moved successfully
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi => moved successfully
C:\Users\user\AppData\Local\FormFetcherProTooltab => moved successfully
"C:\Users\user\AppData\Local\YourTemplateFinderTooltab" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C0BBA0A-2E7E-4A40-923C-C770C31E67FB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0BBA0A-2E7E-4A40-923C-C770C31E67FB}" => not found
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EF0C24A-958A-4848-AB49-6E3A90993CFA}" => not found
"C:\Windows\System32\Tasks\PCRegistryShield_Popup" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCRegistryShield_Popup" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F38A587-0BAE-4C8D-8BC2-33C89E97B5F6}" => not found
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DB7AD7F-40C1-45D7-9CFC-F17E15234E0E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DB7AD7F-40C1-45D7-9CFC-F17E15234E0E}" => not found
"C:\Windows\System32\Tasks\PCRegistryShield_Start" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCRegistryShield_Start" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A95B3E-40C5-4F1D-87B8-DA6E29ABF9AF}" => not found
"C:\Windows\System32\Tasks\Run_Bobby_Browser" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC1F10AA-A0F2-4ECE-8B1C-8D237CCD8F07}" => not found
"C:\Windows\System32\Tasks\PostPoneInstall" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PostPoneInstall" => not found
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => not found
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => not found
C:\Users\user\Local Settings => ":init" ADS removed successfully
"C:\Users\user\AppData\Local" => ":init" ADS not found.
"C:\Users\user\AppData\Local\Application Data" => ":init" ADS not found.

========= del %temp%\*.* /f /s /q =========

Deleted file - C:\Users\user\AppData\Local\Temp\0f7b266c-60e4-4316-8f2e-acf3fbab28cb.tmp.ico
Deleted file - C:\Users\user\AppData\Local\Temp\AdobeARM.log
Deleted file - C:\Users\user\AppData\Local\Temp\au-descriptor-1.8.0_191-b12.xml
Deleted file - C:\Users\user\AppData\Local\Temp\BROPT500W.INI
Deleted file - C:\Users\user\AppData\Local\Temp\CVR3644.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVR397E.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVR3A0B.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVR48AB.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVR856.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVR8859.tmp.cvr
Deleted file - C:\Users\user\AppData\Local\Temp\CVRCA16.tmp.cvr
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\user\AppData\Local\Temp\geek64.exe
Deleted file - C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
Deleted file - C:\Users\user\AppData\Local\Temp\jre-8u191-windows-au.exe
Deleted file - C:\Users\user\AppData\Local\Temp\jusched.log
Deleted file - C:\Users\user\AppData\Local\Temp\KMP_4.2.2.16.exe
Deleted file - C:\Users\user\AppData\Local\Temp\MSI31dc2.LOG
Deleted file - C:\Users\user\AppData\Local\Temp\MSI8617.LOG
Deleted file - C:\Users\user\AppData\Local\Temp\MSIb2717.LOG
Deleted file - C:\Users\user\AppData\Local\Temp\Pismo_AIV Mavrov_plateni deinosti_2018_correction+predlojenia.docx
Deleted file - C:\Users\user\AppData\Local\Temp\Setup Log 2018-10-23 #001.txt
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-3np.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-4rl.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-5b1.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-8kv.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-9yl.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-ak7.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-k2x.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-nvm.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\tmp-uic.xpi
Deleted file - C:\Users\user\AppData\Local\Temp\trk2015.tmp
Deleted file - C:\Users\user\AppData\Local\Temp\WMZuneComm.etl.001
Deleted file - C:\Users\user\AppData\Local\Temp\WMZuneComm.etl.002
Deleted file - C:\Users\user\AppData\Local\Temp\WMZuneComm.etl.003
Deleted file - C:\Users\user\AppData\Local\Temp\WMZuneComm.etl.004
Deleted file - C:\Users\user\AppData\Local\Temp\WMZuneComm.etl.005
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\CbsProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\CompatProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\DismCore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\DismCorePS.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\DismHost.exe
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\DismProv.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\DmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\FolderProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\IntlProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\LogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\MsiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\OSProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\SmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\TransmogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\UnattendProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\wdscore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\WimProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\CompatProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\DismCore.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\DismProv.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\LogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\OSProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\30CCB95D-F5C5-442B-AE1A-4BDFCF49E777\en-US\WimProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\CbsProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\CompatProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\DismCore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\DismCorePS.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\DismHost.exe
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\DismProv.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\DmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\FolderProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\IntlProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\LogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\MsiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\OSProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\SmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\TransmogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\UnattendProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\wdscore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\WimProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\CompatProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\DismCore.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\DismProv.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\LogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\OSProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\60FFBCA2-CBC5-4F0A-9DE1-2D82CAB59FD2\en-US\WimProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\CbsProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\CompatProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\DismCore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\DismCorePS.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\DismHost.exe
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\DismProv.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\DmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\FolderProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\IntlProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\LogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\MsiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\OSProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\SmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\TransmogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\UnattendProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\wdscore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\WimProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\CompatProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\DismCore.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\DismProv.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\LogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\OSProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\8B48B31D-5CC5-47E3-86E5-C7D9D18955A7\en-US\WimProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\CbsProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\CompatProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\DismCore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\DismCorePS.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\DismHost.exe
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\DismProv.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\DmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\FolderProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\IntlProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\LogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\MsiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\OSProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\SmiProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\TransmogProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\UnattendProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\wdscore.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\WimProvider.dll
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\CompatProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\DismCore.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\DismProv.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\LogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\OSProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\9ED70840-362E-4230-A986-0977564D79EB\en-US\WimProvider.dll.mui
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\chrome\Default\Cookies
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\chrome\Default\History
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\firefox\default\cookies.sqlite
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\firefox\default\places.sqlite
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\firefox\default\search.json.mozlz4
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\Opera\Cookies
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\Opera\History
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\SecureBorwser\Cookies
Deleted file - C:\Users\user\AppData\Local\Temp\BCLTMP\SecureBorwser\History
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\Autorun.inf
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\autorunlanguage.ini
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\HiSuite.ico
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\HiSuiteDownLoader.cfg
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\HiSuiteDownLoader.exe
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\SmartPhoneAutorun.cfg
Deleted file - C:\Users\user\AppData\Local\Temp\HW_UTPS_SP_Autorun\Document\Open Source Software Notice.pdf
Deleted file - C:\Users\user\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml
Deleted file - C:\Users\user\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx
Deleted file - C:\Users\user\AppData\Local\Temp\skype-preview Crashes\operation_log.txt
Deleted file - C:\Users\user\AppData\Local\Temp\TCD34AB.tmp\Content.inf
Deleted file - C:\Users\user\AppData\Local\Temp\TCD34AB.tmp\ThemePictureAccent.glox
Deleted file - C:\Users\user\AppData\Local\Temp\TCD3502.tmp\BracketList.glox
Deleted file - C:\Users\user\AppData\Local\Temp\TCD3502.tmp\Content.inf
Deleted file - C:\Users\user\AppData\Local\Temp\TCD3808.tmp\Circuit.thmx
Deleted file - C:\Users\user\AppData\Local\Temp\TCD3808.tmp\content.inf
Deleted file - C:\Users\user\AppData\Local\Temp\TCD4101.tmp\Content.inf
Deleted file - C:\Users\user\AppData\Local\Temp\TCD4101.tmp\Insight design set.dotx
Deleted file - C:\Users\user\AppData\Local\Temp\TeamViewer\7.hta
Deleted file - C:\Users\user\AppData\Local\Temp\TeamViewer\TV13Install.log

========= End of CMD: =========


========= rd /s /q %temp% =========

C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {B55F6C6B-7CDD-4C32-92CD-EA3A974367E4}.
{7732FA97-00AE-444F-A720-21166B8B2444} canceled.
1 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-190678317-3990350971-2298258134-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37676221 B
Java, Flash, Steam htmlcache => 4953 B
Windows/system/drivers => 1504741503 B
Edge => 0 B
Chrome => 527449629 B
Firefox => 758818001 B
Opera => 22057025 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 25716895 B
systemprofile32 => 8637104 B
LocalService => 132244 B
NetworkService => 449310 B
user => 3464775432 B

RecycleBin => 74272 B
EmptyTemp: => 5.9 GB temporary data Removed.

================================


The system needed a reboot.

това е fixlog.txt  не е на десктопа , а в ...user/download

стъпка 3

стартирах AdvCleaner

имам снимка на телефона от log файла , ако ми дадете тел номер ще го пратя,

не знам как до го снимам и поставя тук.

стъпка 4 прикачвам двата файла и много благодаря за всичко до тук.

 

Addition.txt

FRST.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

СТЪПКА 1

 

Защо не сте посмяла да дадете Finish? Нали така бях написал по инструкции. Повторете стъпка 1 като този път деинсталирате напълно гореспоменатите програми.

 

СТЪПКА 2

 

Колкото до лог файловете на Adwcleaner, не можете да намерите лог файла от програмата ли? Просто отворете папката => C:\AdwCleaner\Logs и прикачете лог файловете към следващия си пост, както направихте с логовете от FRST. ;)

 

СТЪПКА 3

 

Изтеглете edit-text.giffixlist.txt и го запазете на в папката, където сте свалили FRST64.exe (в папката C:\Users\user\Downloads).

Стартирайте FRST64.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата на десктопа.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

 

Поздрави!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Здравейте,

стъпка 1

деинсталирах GeekUninstaller

в Control panel/programs and feature  не намерих програмите Adwcleaner7.2.4.0  и FRST за да ги деинсталирам и не знам какво да направя

и как да продължа.

До скоро

 

Редактирано от Калинка Попова
да е по-ясно (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За какво говорите? Аз не съм казвал да деинсталирате GeekUninstaller (той дори не се инсталира, защото ви бях казал да изтеглите преносимата версия) и програмите, които сме ползвали, защото не сме приключили...Ама явно правите, каквото си искате.

За капак и линка, към скрипта в стъпка 3 от предишния ми пост вече е изтекъл, защото сте се забавили с отговора и честно казано не знам дали ми се пише втори, защото времето ми е ценно!

Разбира се, че няма да намерите в Control Panel-a AdwCleaner и FRST, защото не са инсталирани....те са преносими версии!

Но ако сте решили да приключваме ето инструкции за премахване на използваните инструменти:

 

Можете да се ориентирате към деинсталиране на инструментите по описания тук начин:

  За да премахнем Farbar Recovery Scan Tool направете следното:

Преименувайте изпълнимия файл FRST64.exe на Uninstall.exe.

image.png.9cf9e0ab76b122782aff3552f54c5829.png     =>     image.png.44f957ce25ef61c76206655a46425152.png

Кликнете с десен бутон на мишката върху Uninstall.exe и изберете Run as administrator. Ще бъдете уведомени, че трябва да рестартирате системата, за да изтриете инструмента.

image.png.abcc20b28654d54fae08e7451bb5dc3b.png

След рестарта инструмента и прилежащите към него файлове ще бъдат изтрити.

 

За премахването на AdwCleaner направете следното:

Стартирайте AdwCleaner => отидете на Settings (Настройки) => преместете плъзгача най-отдолу и натиснете бутона Remove (Премахване):

Снимка за интерфейса на английски:

M0VRw8d.png

Снимка за интерфейса на български:

z8yyhR9.png

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Защо не сте посмяла да дадете Finish? Нали така бях написал по инструкции. Повторете стъпка 1 като този път деинсталирате напълно гореспоменатите програми.

Съжалявам, аз така рабрах болдвания текст, кои програми да деинсталирам не разбрах.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 часа, Калинка Попова написа:

Защо не сте посмяла да дадете Finish? Нали така бях написал по инструкции. Повторете стъпка 1 като този път деинсталирате напълно гореспоменатите програми.

Съжалявам, аз така рабрах болдвания текст, кои програми да деинсталирам не разбрах.

Така и кои са тези програми ако сте прочели целите инструкции? Вижте пак поста ми и кои програми са в списъка. Там липсват GeekUninstaller, FRST и AdwCleaner. :)
 

Цитат

 

Уверете се, че всички редове са маркирани и натиснете бутона Finish за да изтриете останките от програмата.

Повторете стъпките и за следните програми в списъка:

FormFetcherPro Internet Explorer Homepage and New Tab
VideoDownloadConverter Internet Explorer Toolbar
YourTemplateFinder Internet Explorer Homepage and New Tab
Yahoo Toolbar
McAfee WebAdvisor

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Защо не сте посмяла да дадете Finish? Нали така бях написал по инструкции. Повторете стъпка 1 като този път деинсталирате напълно гореспоменатите програми.

Съжалявам, аз така рабрах болдвания текст, кои програми да деинсталирам не разбрах.

Аз започнах от началото със стъпка 1

 

 

СТЪПКА 1

 

Изтеглете програмата GeekUninstaller и я запазете на десктопа.

Разархивирайте я и стартирайте файла geek.exe IxXO5oO.jpg
От списъка намерете Allin1Convert Internet Explorer Toolbar  (примера е за Mozilla Firefox, но това е просто за показно).

Кликнете с десен бутон върху програмата и изберете Force Removal

и въобще на стигнах до посочените от Вас програми в последния пост.

FormFetcherPro Internet Explorer Homepage and New Tab
VideoDownloadConverter Internet Explorer Toolbar
YourTemplateFinder Internet Explorer Homepage and New Tab
Yahoo Toolbar
McAfee WebAdvisor

Много съжалявам за причиненото неудобство и ако искате да продължим ще съм Ви благодарна ,

Ако не Ви се занимава повече с мен , няма да се сърдя , разбирам Ви.

 

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ок, за да започнем отначало ще трябва да направите нова проверка с FRST и да прикачите новите лог файлове - FRST.txt и Addition.txt

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018
Ran by user (administrator) on USER-PC (15-11-2018 10:37:23)
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(TeamViewer GmbH) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-11] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8921600 2013-10-22] (Dell Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-23] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {00436b5d-1004-11e5-b9e8-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {8a2f6e53-0fdf-11e5-ae17-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {8a2f6ea9-0fdf-11e5-ae17-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {96a6fd05-b6eb-11e5-a4c8-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {98f89a53-ca5d-11e4-9dcf-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {98f89a7d-ca5d-11e4-9dcf-9c2a70d73da0} - F:\AutoRun.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {c31eda96-9dfa-11e8-ad5e-9c2a70d73da0} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {d2ce57cd-e1ac-11e7-85fa-9c2a70d73da0} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\MountPoints2: {dbe2ec1f-b8ea-11e5-8456-9c2a70d73da0} - F:\AutoRun.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-21]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 195.238.84.2 195.238.84.4
Tcpip\..\Interfaces\{59D56FB3-C517-4D7D-9926-81B9DF5D37AF}: [DhcpNameServer] 192.168.88.1 195.238.84.2 195.238.84.4
Tcpip\..\Interfaces\{C3882FF1-A6F7-4A65-A3D0-B8807331FD4C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-190678317-3990350971-2298258134-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://efaktura.bg/inc/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: dsr7rdpk.default-1541649844294
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dsr7rdpk.default-1541649844294 [2018-11-14]
FF Extension: (Yahoo Homepage) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dsr7rdpk.default-1541649844294\Extensions\ff_hpset@jetpack.xpi [2018-11-08]
FF Extension: (Firefox Monitor) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dsr7rdpk.default-1541649844294\features\{74077fd0-eade-4442-81c6-5013df980ca7}\fxmonitor@mozilla.org.xpi [2018-11-13]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://obnljkamlkedffammjddflhjepplhnoj/productnewtab.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=D210US91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2018-11-15]
CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Avast Passwords) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-11-14]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-09]
CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-15]
CHR Extension: (HowToSuite) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnljkamlkedffammjddflhjepplhnoj [2018-09-11]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-190678317-3990350971-2298258134-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iomphmdalfmaifjccmagmllnicjoghhk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Ge-Force) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh [2015-04-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-23] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-23] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-26] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
R2 TeamViewer; C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2013-10-22] (Dell Inc.) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-23] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-23] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-23] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-23] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-23] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-23] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-23] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-23] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-23] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-23] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-23] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-23] (AVAST Software)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-15 10:37 - 2018-11-15 10:37 - 000000000 ____D C:\Users\user\Downloads\FRST-OlderVersion
2018-11-14 15:46 - 2018-11-14 15:46 - 000052328 _____ () C:\Windows\system32\Drivers\staport.sys
2018-11-08 06:04 - 2018-11-08 06:04 - 000000000 ____D C:\Users\user\Desktop\Old Firefox Data
2018-11-08 05:18 - 2018-11-08 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-06 15:06 - 2018-11-06 15:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 15:06 - 2018-11-06 15:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-11-02 11:16 - 2018-11-02 11:16 - 000744566 _____ C:\Users\user\Downloads\doc-dr-st-popov (1).pdf
2018-11-02 11:08 - 2018-11-02 11:08 - 000744566 _____ C:\Users\user\Downloads\doc-dr-st-popov.pdf
2018-10-28 12:27 - 2018-10-28 13:18 - 009566447 _____ C:\Users\user\Desktop\Trazodone Receptors C3 2018.pptx
2018-10-24 12:04 - 2018-10-24 12:04 - 007556816 _____ (Malwarebytes) C:\Users\user\Downloads\adwcleaner_7.2.4.0.exe
2018-10-24 11:38 - 2018-10-24 11:47 - 000034155 _____ C:\Users\user\Downloads\Fixlog.txt
2018-10-24 10:43 - 2018-10-24 10:52 - 000000000 ____D C:\Users\user\AppData\Roaming\Geek Uninstaller
2018-10-23 20:55 - 2018-10-23 20:57 - 000000000 ____D C:\AdwCleaner
2018-10-23 20:52 - 2018-10-23 20:55 - 007592144 _____ (Malwarebytes) C:\Users\user\Downloads\AdwCleaner.exe
2018-10-23 17:57 - 2018-10-24 12:42 - 000057503 _____ C:\Users\user\Downloads\Addition.txt
2018-10-23 17:55 - 2018-11-15 10:38 - 000024808 _____ C:\Users\user\Downloads\FRST.txt
2018-10-23 17:55 - 2018-11-15 10:37 - 000000000 ____D C:\FRST
2018-10-23 17:53 - 2018-11-15 10:37 - 002416128 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2018-10-23 11:46 - 2018-10-23 11:45 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-23 11:45 - 2018-10-23 11:45 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-22 04:05 - 2018-11-13 06:23 - 000000000 ____D C:\Users\user\Desktop\STEFAN_ALL
2018-10-18 12:26 - 2018-10-22 04:05 - 000000942 _____ C:\Users\user\Desktop\PerformanceTest.lnk
2018-10-18 12:26 - 2018-10-18 12:37 - 000000000 ____D C:\Program Files\PerformanceTest
2018-10-18 12:26 - 2018-10-18 12:26 - 000000000 ____D C:\Users\user\Documents\PassMark
2018-10-18 12:26 - 2018-10-18 12:26 - 000000000 ____D C:\Users\user\AppData\Local\PassMark
2018-10-18 12:26 - 2018-10-18 12:26 - 000000000 ____D C:\ProgramData\Passmark
2018-10-18 12:26 - 2018-10-18 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2018-10-18 11:50 - 2018-11-10 08:25 - 000000464 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2018-10-18 11:50 - 2018-11-08 12:37 - 000003332 _____ C:\Windows\System32\Tasks\Wise Registry Cleaner Schedule Task
2018-10-18 11:36 - 2018-10-18 11:36 - 000001140 _____ C:\Users\user\Desktop\WinASO Registry Optimizer.lnk
2018-10-18 11:36 - 2018-10-18 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinASO
2018-10-18 11:36 - 2018-10-18 11:36 - 000000000 ____D C:\Program Files (x86)\WinASO
2018-10-18 11:25 - 2018-10-18 13:40 - 000000000 ____D C:\Users\user\AppData\Roaming\Wise Registry Cleaner
2018-10-18 11:25 - 2018-10-18 11:25 - 000001187 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2018-10-18 11:25 - 2018-10-18 11:25 - 000000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2018-10-18 11:25 - 2018-10-18 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2018-10-18 11:25 - 2018-10-18 11:25 - 000000000 ____D C:\Program Files (x86)\Wise
2018-10-17 21:13 - 2018-10-04 22:15 - 000934676 _____ C:\Users\user\Desktop\satellites.xml
2018-10-17 20:43 - 2018-10-17 20:43 - 000053288 _____ C:\Users\user\Downloads\satellites.xml.zip
2018-10-17 20:43 - 2018-10-17 20:43 - 000000000 ____D C:\Users\user\Downloads\satellites.xml
2018-10-17 08:51 - 2018-10-17 08:51 - 000000000 ____D C:\Users\user\AppData\LocalLow\KMPlayer
2018-10-16 16:01 - 2018-10-16 16:01 - 000373431 _____ C:\Users\user\Downloads\Saobj_NET_zima_2018.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-15 10:29 - 2017-11-21 10:58 - 000000000 ____D C:\Users\user\AppData\Local\AVAST Software
2018-11-15 10:29 - 2015-07-17 11:15 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-15 10:29 - 2013-11-20 11:50 - 000003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B94B351E-A2DC-43F4-901C-DEBCC10FBA70}
2018-11-15 06:37 - 2017-07-01 17:29 - 000004950 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for user-PC-user user-PC
2018-11-15 06:29 - 2009-07-14 06:45 - 000021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-15 06:29 - 2009-07-14 06:45 - 000021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-15 06:28 - 2009-07-14 07:13 - 000785366 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-15 06:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-11-15 06:23 - 2015-07-17 11:15 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-15 06:23 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-14 22:54 - 2016-12-06 12:51 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2018-11-14 13:08 - 2013-11-20 03:49 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2018-11-14 12:30 - 2015-10-07 17:45 - 000000000 ____D C:\Users\user\Desktop\PEPI
2018-11-14 06:35 - 2018-10-11 05:14 - 000000000 ____D C:\Users\user\Desktop\biobran_els
2018-11-14 06:22 - 2018-03-13 12:24 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-14 06:22 - 2013-11-20 12:01 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-14 06:22 - 2013-11-20 12:00 - 000842376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-14 06:22 - 2013-11-20 12:00 - 000175240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 06:22 - 2013-11-20 12:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-14 06:22 - 2013-11-20 12:00 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-14 05:55 - 2015-02-13 14:37 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 00:46 - 2017-04-03 11:38 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-09 06:29 - 2018-04-14 11:02 - 000000000 ____D C:\Users\user\Desktop\P15-01_visit templates
2018-11-08 12:37 - 2015-12-04 13:03 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-08 12:37 - 2015-07-17 11:15 - 000003910 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-11-08 12:37 - 2015-07-17 11:15 - 000003658 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-11-08 12:37 - 2014-12-26 07:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-08 12:37 - 2014-10-23 09:55 - 000003702 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2018-11-08 12:37 - 2014-03-26 15:13 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-08 12:37 - 2014-03-26 15:13 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-08 11:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-11-08 09:20 - 2014-03-08 07:22 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2018-11-08 06:01 - 2018-03-13 15:03 - 000001266 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-08 06:01 - 2018-03-13 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-08 05:20 - 2017-09-03 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-08 05:20 - 2013-11-20 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-08 05:19 - 2015-07-17 11:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-02 11:24 - 2018-01-02 19:18 - 000007986 _____ C:\Windows\BRRBCOM.INI
2018-11-02 10:18 - 2014-03-08 07:50 - 000000000 ____D C:\Users\user\AppData\Roaming\Google
2018-10-28 09:32 - 2013-11-20 11:51 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-27 10:16 - 2018-03-17 07:26 - 000001095 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-10-27 10:16 - 2018-03-17 07:26 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-10-27 10:16 - 2013-11-20 11:55 - 000001135 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-10-27 10:16 - 2013-11-20 11:55 - 000001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-24 12:43 - 2016-08-22 09:18 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-10-23 20:58 - 2014-05-11 05:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Yahoo!
2018-10-23 20:58 - 2014-05-11 05:06 - 000000000 ____D C:\Users\user\AppData\LocalLow\Yahoo!
2018-10-23 20:58 - 2014-05-11 05:06 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2018-10-23 16:59 - 2013-11-20 12:01 - 000000000 ____D C:\Program Files (x86)\The KMPlayer
2018-10-23 12:14 - 2013-11-20 11:59 - 000000000 ____D C:\Program Files\WinRAR
2018-10-23 12:03 - 2013-11-20 12:07 - 000000000 ____D C:\Users\user\AppData\Roaming\Skype
2018-10-23 12:02 - 2013-11-20 11:59 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-23 12:02 - 2013-11-20 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-23 11:45 - 2017-11-17 05:51 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-23 11:45 - 2014-12-26 07:18 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-23 11:44 - 2017-12-23 08:23 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-10-23 11:44 - 2017-04-03 11:38 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-23 11:44 - 2017-04-03 11:38 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-23 11:44 - 2017-04-03 11:38 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-23 11:44 - 2017-04-03 11:38 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-23 11:44 - 2014-12-26 07:18 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-22 22:15 - 2018-09-22 00:49 - 000000600 _____ C:\Users\user\AppData\Roaming\winscp.rnd
2018-10-21 16:06 - 2017-07-13 11:42 - 000000000 ____D C:\Users\user\Desktop\medicine
2018-10-20 10:38 - 2018-09-30 11:52 - 000000000 ____D C:\Users\user\Desktop\TEODOR
2018-10-18 05:58 - 2013-11-20 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-18 05:58 - 2013-11-20 11:58 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-18 05:07 - 2014-05-19 16:49 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-10-17 19:46 - 2018-09-12 15:39 - 000000864 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-10-17 19:46 - 2018-09-12 15:39 - 000000814 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk

==================== Files in the root of some directories =======

2018-09-22 00:49 - 2018-10-22 22:15 - 000000600 _____ () C:\Users\user\AppData\Roaming\winscp.rnd

Some files in TEMP:
====================
2018-11-14 13:01 - 2018-11-14 13:01 - 003511888 _____ (Geek Unіnstaller) C:\Users\user\AppData\Local\Temp\geek64.exe
2018-11-12 01:36 - 2018-11-12 06:22 - 000003584 _____ () C:\Users\user\AppData\Local\Temp\kkew77py.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-14 06:17

==================== End of FRST.txt ============================

 

ьььььььььььььььььь

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018
Ran by user (15-11-2018 10:38:38)
Running from C:\Users\user\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-20 01:40:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-190678317-3990350971-2298258134-500 - Administrator - Disabled)
Guest (S-1-5-21-190678317-3990350971-2298258134-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-190678317-3990350971-2298258134-1003 - Limited - Enabled)
user (S-1-5-21-190678317-3990350971-2298258134-1000 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{B9C542F2-31A8-8EC1-B349-28C74D2A865C}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia Theatre 6 (HKLM-x32\...\{5232358C-7C23-4319-8271-E43F924196AC}) (Version: 6.7.1.199 - ArcSoft) Hidden
ArcSoft TotalMedia Theatre 6 (HKLM-x32\...\InstallShield_{5232358C-7C23-4319-8271-E43F924196AC}) (Version: 6.7.1.199 - ArcSoft)
ArenaPLAY (HKLM-x32\...\{4DB874CC-6C35-4198-9887-E9239BECD9E0}_is1) (Version: 1.0.0 - ArenaBG.com)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Brother MFL-Pro Suite DCP-T500W (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Charity Engine (HKLM\...\{A7D31CBC-80AF-4E68-83D7-20D01917C034}) (Version: 7.6.33 - Charity Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.1 - Synaptics Incorporated)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.)
FormFetcherPro Internet Explorer Homepage and New Tab (HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\FormFetcherProTooltab Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network, Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HashTab 5.1.0.23 (HKLM\...\HashTab) (Version: 5.1.0.23 - Implbits Software)
IBM SPSS Statistics 19 (HKLM-x32\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.8 - PandoraTV)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - Bulgarian (HKLM\...\{20150000-001F-0402-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 Preview - English (HKLM\...\{20150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4128.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 63.0.1 (x86 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Nokia Connectivity Cable Driver (HKLM-x32\...\{82427977-8776-4087-90CA-9F65174D3C4D}) (Version: 7.1.16.0 - Nokia)
Nokia Flashing Cable Driver (HKLM-x32\...\{A4E0CA0F-1903-440A-9B98-FEA6CB049999}) (Version: 8.6.0.2 - Nokia)
Nokia Ovi Application Installer (HKLM-x32\...\{42B74521-4706-412A-9A27-AED12B83E886}) (Version: 6.85.3011 - Nokia) Hidden
Nokia Ovi Application Installer 6.85.3011 (HKLM-x32\...\Nokia Ovi Application Installer) (Version:  - Nokia)
Nokia Ovi Content Copier (HKLM-x32\...\{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}) (Version: 6.85.3011 - Nokia) Hidden
Nokia Ovi Content Copier 6.85.3011 (HKLM-x32\...\Nokia Ovi Content Copier) (Version:  - Nokia)
Nokia Ovi One Touch Access (HKLM-x32\...\{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}) (Version: 6.85.3011 - Nokia) Hidden
Nokia Ovi One Touch Access 6.85.3011 (HKLM-x32\...\Nokia Ovi One Touch Access) (Version:  - Nokia)
Nokia Ovi Suite (HKLM-x32\...\{B5264B25-8908-49BB-A708-5A70DFBF8094}) (Version: 3.1.311 - Nokia)
Nokia Ovi System Utilities (HKLM-x32\...\{FF34EA62-92C1-41E6-BA64-B2B7ECB53737}) (Version: 6.85.3016 - Nokia) Hidden
Nokia Ovi System Utilities 6.85.3016 (HKLM-x32\...\Nokia Ovi System Utilities) (Version:  - Nokia)
Nokia Photos (HKLM-x32\...\{D3656CE3-0F62-447F-AEF3-9BF29B6197D9}) (Version: 1.6.145 - Nokia)
Nokia Software Updater (HKLM-x32\...\{2FA28330-2028-4033-BD10-425C87EB4D54}) (Version: 01.04.035.32590 - Nokia Corporation)
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}) (Version: 9.13.1.0 - Nokia)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1002.0 - Passmark Software)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (HKLM-x32\...\{6D6F8687-FC21-159E-1A5B-665B5722C6BC}) (Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Remote Camera Control (HKLM-x32\...\{178CB313-9DB5-4634-8A2B-BB3BC31DF0B0}) (Version: 3.8.00000 - Sony Corporation)
Skype version 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
uGet version 2.1.1 (HKLM-x32\...\uGet_VGI_is1) (Version: 2.1.1 - Vladimir Ivanov)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
WinASO Registry Optimizer 5.3 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version:  - X.M.Y International LLC)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.13.4 (HKLM-x32\...\winscp3_is1) (Version: 5.13.4 - Martin Prikryl)
Wise Registry Cleaner 9.6.5 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.6.5 - WiseCleaner.com, Inc.)
YourTemplateFinder Internet Explorer Homepage and New Tab (HKU\S-1-5-21-190678317-3990350971-2298258134-1000\...\YourTemplateFinderTooltab Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network, Inc.) <==== ATTENTION
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-190678317-3990350971-2298258134-1000_Classes\CLSID\{3724A688-4AE1-83FF-34ED-11A79E7B8A6C}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-10-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-15] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-23] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {089743FC-DBD8-4BAD-AE5F-6308D6996B87} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {0A5D1753-058F-42C7-9961-9E876ACCABF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B41AA9D-A599-4962-90D7-7089BD208BB8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {316AD324-4AAE-47E4-A381-B2947354331A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-26] (AVAST Software)
Task: {3C042CDD-3B5D-4488-A705-B8D9BE2F1B72} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2018-08-17] (WiseCleaner.com)
Task: {405E58BF-EC35-4B05-9F52-6D963B24E41C} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2018-08-17] (WiseCleaner.com)
Task: {4D2E1968-ADE8-4E8F-A5A4-A87775C30FFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {73790EE0-FAF7-438C-975B-F33B0D54EEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {7571C4E1-43FA-4976-A48E-C9D35145BD7A} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {76FE2135-D683-483B-94E4-5EDED710CE7B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-26] (AVAST Software)
Task: {771555C9-0948-4A74-8625-A04F4B7AF8BC} - \1014avtUpdateInfo -> No File <==== ATTENTION
Task: {7A0E2069-761A-4F58-B492-852B1A565ACB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {839B2CFD-3FDF-4813-98F2-A3F8B4746ACA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {ACA2CA31-4095-4993-B1AE-AEE8CB5FFE81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CF6F13B2-0974-4806-9CC3-10F65C0CDE1D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software) <==== ATTENTION
Task: {DED51063-B070-4976-BF7C-AA6877CB80D5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E4F005B6-608D-4834-8F33-6C9237A473A6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {E5BD4592-F4DE-4977-B9DB-2D5F05F4A46A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for user-PC-user user-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {F1D10DA9-2261-4342-B838-EF86587A8245} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-23] (AVAST Software)
Task: {F7C9ED7F-0B29-4624-B138-92E559142A50} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-11-21 12:31 - 2012-10-15 22:08 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-01-02 19:18 - 2015-04-21 13:58 - 000143360 ____R () C:\Windows\system32\BrSNMP64.dll
2018-10-23 11:45 - 2018-10-23 11:45 - 000730328 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-11-14 05:55 - 2018-11-09 00:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-14 05:55 - 2018-11-09 00:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-10-23 11:45 - 2018-10-23 11:45 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-23 11:45 - 2018-10-23 11:45 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-14 22:12 - 2018-11-14 22:12 - 005702288 _____ () C:\Program Files\AVAST Software\Avast\defs\18111404\algo.dll
2018-10-23 11:44 - 2018-10-23 11:44 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-23 11:44 - 2018-10-23 11:44 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-23 11:44 - 2018-10-23 11:44 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-13 12:53 - 2018-03-13 12:53 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-08 05:18 - 2018-11-06 15:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-08 05:18 - 2018-11-06 15:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 05:18 - 2018-11-06 15:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 05:18 - 2018-11-06 15:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-08 05:18 - 2018-11-06 15:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 011144016 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 05:18 - 2018-11-06 15:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 05:18 - 2018-11-06 15:09 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-11-08 05:18 - 2018-11-06 15:08 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 05:18 - 2018-11-06 15:08 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:09 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-11-08 05:18 - 2018-11-06 15:08 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2013-11-21 12:26 - 2012-06-25 07:11 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-28 04:42 - 2018-10-24 11:40 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-190678317-3990350971-2298258134-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 195.238.84.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk => C:\Windows\pss\TotalMedia Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: boincmgr => "C:\Program Files\BOINC\charityengine.exe" /a /s
MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe"
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: Nokia FastStart => "C:\Program Files (x86)\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C45A2E58-0086-4583-9D24-404E8507EEF0}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{59922FFB-2B31-4968-89D5-9D9240656D9D}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FBAA232-A57F-4FD1-86E2-6D625D91062D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{48188732-B550-40E1-81E9-25A59CF2736E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{62267E07-0309-4E35-9873-ACA75C081F4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{898209DC-87E8-4CEC-8F93-1C590B426EE5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2B7D8777-FDAA-4E28-8512-79A8D3265AAA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8A80EDAE-9E33-4A4C-8D1A-9C1AF10A400D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7CAE9D9E-321B-4DC7-981B-FB1A220188C4}C:\program files (x86)\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\19\stats.exe
FirewallRules: [UDP Query User{BFBAD4B9-B8C4-4F20-9A74-B0D0575EC5E3}C:\program files (x86)\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\19\stats.exe
FirewallRules: [TCP Query User{7B9A8721-54C3-4A9F-8D72-AB1BF584FC6B}C:\program files (x86)\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\19\jre\bin\javaw.exe
FirewallRules: [UDP Query User{3E54013E-AE57-4C49-9B24-B0A621C56000}C:\program files (x86)\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\19\jre\bin\javaw.exe
FirewallRules: [TCP Query User{80099AA9-963B-4C02-83A9-28D5DC5DEAE8}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [UDP Query User{1B25B5DF-5D29-488E-8735-AF7377817F94}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [{3018F5FB-9B6C-45D3-A4B3-E9399C78A7E8}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9DAEFAB-5C00-472C-8744-C77328A971EA}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3AB37F13-CD69-439F-AC5F-865142242D27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05617745-9A0C-4636-A986-0BB2DEC3BF56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{96ED1ED9-233B-438A-8204-7357909EBF20}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [UDP Query User{16AABB6F-6731-4B61-9FB7-1D44EDB96CA4}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{4BFF95DF-6A96-478A-9D9C-0FAAFC674CAD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8F91B7E6-2A89-4784-BB5D-FE87933C593A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4C85D9A5-08C3-41A3-8360-272D870769D6}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{FA1F7CAF-6FAC-4557-A2DC-F8A113C1753A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BFF62A72-802B-4E5A-A5E5-AE42C094C59B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E643631D-6DB5-4CE5-9EAB-397345FA7D83}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9A71448B-84CC-443C-99AA-F72596E3B15B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E271D251-3A1B-46AE-9545-F5FB0EBB6607}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4A651E3C-F76A-4E8F-A4EE-1AD6A195371D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1D877CC1-CB5E-4A57-8561-EFD11F827688}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{435B3007-59A3-400E-B34D-24BB51B0CD47}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{51711250-F682-498A-B12C-E8DBBA4B8BDF}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{82C5702A-3203-4AF5-B06B-1C59E9117BF0}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe
FirewallRules: [TCP Query User{4D7B8C7B-4069-4210-89CB-C5202967236B}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{76E7644A-CFA2-4B8F-8785-3D8977837C18}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{EF75D323-F1A0-45F9-998F-E244BD22B4F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E25BCF85-24E9-4238-B7F5-F5EB80075C98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C4403360-61D0-44A6-B5F5-1261E56CDF64}] => (Allow) C:\Windows\Explorer.EXE
FirewallRules: [TCP Query User{5DFDD26B-5C09-4529-A79F-B119CB98BE00}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{C558A8BC-D47B-46ED-BA66-271C0B19BC36}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => (Allow) C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{9408A315-A873-4ACF-858D-F16BEBEB141B}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [UDP Query User{495A750C-8A01-46FA-9993-A44CEAD9C644}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe] => (Allow) C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe
FirewallRules: [TCP Query User{24E25746-2330-466F-80EA-C1122684EAA0}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe
FirewallRules: [UDP Query User{D7655260-2EB5-4209-BA74-65760E7D7411}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe
FirewallRules: [{B2BD6B88-D05D-432F-B812-0AA756375F36}] => (Allow) LPort=54925
FirewallRules: [{7052BAF7-0911-4713-87D5-E96DFD81019B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{FF60F000-DEA0-4851-B5CC-A9E89809EDE3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{63A17923-98D8-4A33-8A3F-ED7E79A07264}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A7E2B06C-DCC7-4C8C-9365-64F066FC44BA}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{390BEDFB-1779-48AD-82BA-A126349D6A8D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F8C1FAD0-EA92-4870-899C-0375A8E5A235}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{27547481-71F0-4F3B-8AEB-E13A68B1D7F2}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{299AA901-CAD7-4FC4-9D3C-21A9C60499A4}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{515915A1-DF8A-4BCD-892E-D262E938AF2E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{46768ACB-72D4-4750-82AD-E9E20E8E1FB8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{98FD5FFD-5932-41E6-9850-7C7D99B45828}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer.exe
FirewallRules: [{2BBC4F41-0B25-4C60-9E2A-06CEB1069A76}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer.exe
FirewallRules: [{93AF3342-B4B0-4F1C-86B7-FC615C97CA12}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D8E80293-D7B2-4068-9E76-66D64A6640EC}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6941920E-47C2-4860-9ADF-6F4B5D7ED4A2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DF9CDA27-8429-4BD2-8D61-D7D2C6D753E1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{3D058BF8-4B06-4454-9BAA-80BF8B0C8A60}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B716D4C9-0856-4FE1-B06B-DFF30D7E21C6}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{11CF2C3C-023C-447F-A86E-C744AC50EE3B}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer.exe
FirewallRules: [{43547FA8-19AA-4806-874A-247D85B989D2}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer.exe
FirewallRules: [{1F069F3E-3CED-460C-A993-FF348ED9FD9B}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{431555D5-DF54-4420-8E74-0A5C93C97CA3}] => (Allow) C:\Users\Public\temp\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7CF6FC6D-2EB6-4227-BDC2-9C7A0C4E7C84}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E401B585-6843-434E-9899-BA7CACA2745F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5DCE0444-66DA-49AD-A5F0-01D61D073AF6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C5918ED6-FBC5-482D-9C7F-0985CEB6CD3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{32EC7155-A63F-4900-85F2-0C2727B0F53C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{019DA689-F8D8-46AB-91DD-818903A59087}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-10-2018 10:20:15 Scheduled Checkpoint
16-10-2018 10:46:11 Scheduled Checkpoint
18-10-2018 11:28:45 Created by Wise Registry Cleaner
18-10-2018 13:40:02 Created by Wise Registry Cleaner
24-10-2018 11:39:04 Restore Point Created by FRST
03-11-2018 09:53:26 Scheduled Checkpoint
12-11-2018 06:23:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2018 06:43:08 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll".Error in manifest or policy file "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll" on line 19.
The value "6.0.0.6u9b41" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/15/2018 06:42:33 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe".Error in manifest or policy file "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" on line 19.
The value "6.0.0.6u9b41" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/15/2018 06:24:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/15/2018 06:24:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 13.1.0.0, time stamp: 0x5313ef48
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x000007fe8fa80368
Faulting process id: 0xc90
Faulting application start time: 0x01d47c9af72d4e1e
Faulting application path: C:\Program Files\KMSpico\Service_KMS.exe
Faulting module path: unknown
Report Id: 5211892f-e88e-11e8-a01d-9c2a70d73da0

Error: (11/14/2018 01:47:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: user-PC)
Description: Product: Adobe Acrobat Reader DC - Update 'Adobe Acrobat Reader DC
 (19.008.20081)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/14/2018 01:47:17 PM) (Source: MsiInstaller) (EventID: 11722) (User: user-PC)
Description: Product: Adobe Acrobat Reader DC -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action InstallWebResources, location: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrServicesUpdater.exe, command: 19.008.20081 18.011.20040.1

Error: (11/13/2018 11:01:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll".Error in manifest or policy file "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll" on line 19.
The value "6.0.0.6u9b41" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (11/13/2018 11:01:10 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe".Error in manifest or policy file "C:\Program Files (x86)\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" on line 19.
The value "6.0.0.6u9b41" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (11/15/2018 06:25:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга на %1!s! Актуализация (avast) service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (11/15/2018 06:25:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Услуга на 30000!s! Актуализация (avast) service to connect.

Error: (11/15/2018 06:24:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/15/2018 06:24:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/15/2018 06:24:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/15/2018 06:23:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
The system cannot find the path specified.

Error: (11/14/2018 10:56:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (11/13/2018 09:43:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.


Windows Defender:
===================================
Date: 2016-08-08 06:56:09.553
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{21CF21E6-EB35-4A92-98B8-08DEA9B0E12D}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-06-14 07:03:32.014
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{9621FAAD-0A47-4960-A04E-D2D141C28398}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-06-13 06:25:32.049
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{5F8490C7-9DFE-44DD-B03C-D72D09CA72D3}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-01-30 06:31:18.836
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{148E690E-670A-44C2-BC24-A5ECEC288018}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2015-12-29 15:51:58.959
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{BD0EBDB0-074F-47DB-8AE4-B1D3314F1EA9}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 70%
Total physical RAM: 3971.36 MB
Available physical RAM: 1182.89 MB
Total Virtual: 7940.9 MB
Available Virtual: 4844.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:94.57 GB) (Free:20.88 GB) NTFS
Drive d: () (Fixed) (Total:371.09 GB) (Free:196.14 GB) NTFS

\\?\Volume{da6334c4-51d7-11e3-809d-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C7F4C796)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=371.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря за логовете. Ще мога да ги погледна обаче чак довечера, защото съм служебно ангажиран.

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.