Премини към съдържанието
qnkov

Вирус с постоянни реклами, премахване?

Препоръчан отговор


Инсталирах едно нещо, което се оказа, че не трябва и сега ми пъкват реклами постоянно, компа забозва и така нататък. С любов от русия. :)

С какво може да сканирам и да оправя нещата, уиндолс 10. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Пишете в специален раздел!

Изчакайте екипа на HJT Team

Изпълнете указанията тук.

Системата ми е инфектирана - Какво да правя сега?

Редактирано от barbuncela (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ако съм объркал раздела, да пусна другаде? 
Като цяло минах със malwarebytes намери 250 заплахи, оправих ги, но усещам, че още нещо тежи на компа. Мисли повече, и перката я чувам. :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 4 минути, qnkov написа:

Ако съм объркал раздела, да пусна другаде? 

Това вие си решавате! Тук трябва да изпълните указанията и да чакате човек от HJT Team

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by Vladi (administrator) on DESKTOP-38DQMQI (19-01-2019 18:29:09)
Running from C:\Users\Vladi\Downloads
Loaded Profiles: Vladi &  (Available Profiles: Vladi)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() C:\Program Files (x86)\SmartData\svchost_ms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) C:\Windows\System32\MSTM64_Q.EXE
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(BitTorrent Inc.) C:\Users\Vladi\AppData\Roaming\uTorrent\uTorrent.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(BitTorrent Inc.) C:\Users\Vladi\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(BitTorrent Inc.) C:\Users\Vladi\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(Viber Media S.à r.l.) C:\Users\Vladi\AppData\Local\Viber\Viber.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(Epic Games, Inc.) D:\Игри\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(Discord Inc.) C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Vaclav Slavik) C:\Program Files (x86)\Poedit\Poedit.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\SmartData\performer.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] => C:\Windows\system32\MSTM64_Q.EXE [247224 2011-03-09] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [uTorrent] => C:\Users\Vladi\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-15] (BitTorrent Inc.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [Discord] => C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [Viber] => C:\Users\Vladi\AppData\Local\Viber\Viber.exe [37117512 2018-12-21] (Viber Media S.à r.l.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\...\Run: [EpicGamesLauncher] => D:\Игри\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35184016 2019-01-10] (Epic Games, Inc.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [uTorrent] => C:\Users\Vladi\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-15] (BitTorrent Inc.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [Discord] => C:\Users\Vladi\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [Viber] => C:\Users\Vladi\AppData\Local\Viber\Viber.exe [37117512 2018-12-21] (Viber Media S.à r.l.)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\...\Run: [EpicGamesLauncher] => D:\Игри\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35184016 2019-01-10] (Epic Games, Inc.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] ()
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [181760 2018-04-12] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project)
HKLM\...\Drivers32-x32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] ()
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [190464 2018-04-12] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-19] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvinitx.dll [209128 2018-03-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvinit.dll => C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvinit.dll [182592 2018-03-25] (NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{1d01a90e-b932-4fb9-9113-fcc33134707d}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{3b4a32f7-c8c9-4470-aaf6-71de369df7e5}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2956623404-1635080235-2419004971-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-02-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: d9we50gv.default
FF ProfilePath: C:\Users\Vladi\AppData\Roaming\Mozilla\Firefox\Profiles\d9we50gv.default [2019-01-19]
FF Homepage: Mozilla\Firefox\Profiles\d9we50gv.default -> hxxps://inline.go.mail.ru/homepage?inline_comp=ffhp15.1.11.102&inline_hp_cnt=11956636
FF HomepageOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: homepage@mail.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF NewTabOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: search@mail.ru
FF Extension: (Firefox Protection) - C:\Users\Vladi\AppData\Roaming\Mozilla\Firefox\Profiles\d9we50gv.default\Extensions\{ab10d63e-3096-4492-ab0e-5edcf4baf988} [2019-01-19] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-19] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default [2019-01-19]
CHR Extension: (Презентации) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-19]
CHR Extension: (Документи) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-19]
CHR Extension: (Google Диск) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-19]
CHR Extension: (YouTube) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-19]
CHR Extension: (Таблици) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-19]
CHR Extension: (Google Документи офлайн) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-19]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-19]
CHR Extension: (Gmail) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-19]
CHR Extension: (Chrome Media Router) - C:\Users\Vladi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-02-16] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-16] (EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85296 2018-06-22] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773512 2018-10-10] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
R2 Smart Monitoring; C:\Program Files (x86)\SmartData\svchost_ms.exe [2203648 2019-01-19] () [File not signed]
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-10-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2019-01-19] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2019-01-19] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [44768 2019-01-19] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2019-01-19] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [103648 2019-01-19] (Malwarebytes)
R2 MEmuDrv; C:\Program Files (x86)\Microvirt\MEmuHyperv\MEmuDrv.sys [319304 2018-03-30] (Maiwei Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation)
R0 nvpciflt; C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f658c3ebd2a88192\nvpciflt.sys [48480 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
R0 vsock; C:\Windows\system32\DRIVERS\vsock.sys [91712 2018-05-05] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
S2 MLPTDR_Q; \??\C:\Windows\system32\ [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-19 18:27 - 2019-01-19 18:29 - 000060823 _____ C:\Users\Vladi\Downloads\Addition.txt
2019-01-19 18:27 - 2019-01-19 18:27 - 000018831 _____ C:\Users\Vladi\Downloads\um-activity-bg_BG.po
2019-01-19 18:27 - 2019-01-19 18:27 - 000018831 _____ C:\Users\Vladi\Desktop\um-activity-bg_BG.po
2019-01-19 18:25 - 2019-01-19 18:30 - 000022491 _____ C:\Users\Vladi\Downloads\FRST.txt
2019-01-19 18:24 - 2019-01-19 18:29 - 000000000 ____D C:\FRST
2019-01-19 18:24 - 2019-01-19 18:24 - 002427904 _____ (Farbar) C:\Users\Vladi\Downloads\FRST64.exe
2019-01-19 18:24 - 2019-01-19 18:24 - 002427904 _____ (Farbar) C:\Users\Vladi\Downloads\FRST64 (1).exe
2019-01-19 18:21 - 2019-01-19 18:19 - 000976005 _____ C:\Users\Vladi\Desktop\contus-video-gallery-master 2.7.zip
2019-01-19 18:19 - 2019-01-19 18:19 - 000976005 _____ C:\Users\Vladi\Downloads\contus-video-gallery-master (1).zip
2019-01-19 18:15 - 2015-07-08 08:50 - 000000000 ____D C:\Users\Vladi\Downloads\contus-video-gallery-master
2019-01-19 18:14 - 2019-01-19 18:13 - 000977191 _____ C:\Users\Vladi\Desktop\contus-video-gallery-master.zip
2019-01-19 18:13 - 2019-01-19 18:13 - 000977191 _____ C:\Users\Vladi\Downloads\contus-video-gallery-master.zip
2019-01-19 17:43 - 2019-01-19 17:43 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-19 17:43 - 2019-01-19 17:43 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-19 17:42 - 2019-01-19 17:42 - 000003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-19 17:42 - 2019-01-19 17:42 - 000003394 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-19 17:34 - 2019-01-19 17:34 - 001136176 _____ (Google Inc.) C:\Users\Vladi\Downloads\ChromeSetup.exe
2019-01-19 17:16 - 2019-01-19 17:16 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-01-19 17:15 - 2019-01-19 17:16 - 000103648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-01-19 17:15 - 2019-01-19 17:15 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-01-19 17:15 - 2019-01-19 17:15 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-19 17:15 - 2019-01-19 17:15 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-01-19 17:15 - 2019-01-19 17:15 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-19 17:15 - 2019-01-19 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-19 17:15 - 2019-01-19 17:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-19 17:15 - 2019-01-19 17:15 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-19 17:15 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-19 17:14 - 2019-01-19 17:29 - 000000000 ____D C:\Users\Vladi\AppData\LocalLow\uTorrent
2019-01-19 17:10 - 2019-01-19 17:10 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Obsidium
2019-01-19 16:56 - 2019-01-19 16:56 - 000020267 _____ C:\Users\Vladi\Downloads\RyuKo_Karin.torrent
2019-01-19 16:56 - 2019-01-19 16:56 - 000012689 _____ C:\Users\Vladi\Downloads\Malwarebytes Anti-Malware Premium v3.5.1.2522 (1).torrent
2019-01-19 16:50 - 2019-01-19 16:50 - 000012689 _____ C:\Users\Vladi\Downloads\Malwarebytes Anti-Malware Premium v3.5.1.2522.torrent
2019-01-19 16:21 - 2019-01-19 17:26 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\TablacusApp2
2019-01-19 16:21 - 2019-01-19 16:25 - 000000000 ____D C:\Users\Vladi\AppData\Local\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-01-19 16:21 - 2019-01-19 16:21 - 004915200 _____ C:\Users\Vladi\Downloads\apptha-wordpress-video-gallery-nulled-league-1_9fbbb6b-2366.iso
2019-01-19 16:18 - 2019-01-19 16:18 - 004915200 _____ C:\Users\Vladi\Downloads\wordpress-video-gallery-apptha-nulled-io_f77ad62-2055.iso
2019-01-19 16:17 - 2019-01-19 16:18 - 004915200 _____ C:\Users\Vladi\Downloads\wordpress-video-gallery-apptha-nulled-io_ca04b65-3040.iso
2019-01-19 15:30 - 2019-01-19 15:28 - 003631542 _____ C:\Users\Vladi\Desktop\contus-video-gallery_5.zip
2019-01-19 15:28 - 2019-01-19 15:28 - 003631542 _____ C:\Users\Vladi\Downloads\contus-video-gallery_5.zip
2019-01-19 15:21 - 2019-01-19 15:21 - 000000038 _____ C:\Users\Vladi\Desktop\Трейлър.txt
2019-01-19 15:18 - 2019-01-19 15:18 - 001628887 _____ C:\Users\Vladi\Downloads\Karin 01-24.rar
2019-01-19 13:42 - 2019-01-19 13:42 - 000038822 _____ C:\Users\Vladi\Downloads\[RyuKo]Karin.torrent
2019-01-19 13:26 - 2019-01-19 13:26 - 000000754 _____ C:\Users\Vladi\Desktop\Documents - Shortcut.lnk
2019-01-19 13:11 - 2019-01-19 13:11 - 000043368 _____ C:\Users\Vladi\Downloads\cricket-bold_[bg.allfont.net].ttf
2019-01-19 13:11 - 2019-01-19 13:11 - 000043348 _____ C:\Users\Vladi\Downloads\cricket_[allfont.net].ttf
2019-01-19 13:10 - 2019-01-19 13:10 - 000135004 _____ C:\Users\Vladi\Downloads\dom-casual.zip
2019-01-19 13:08 - 2019-01-19 13:08 - 000051246 _____ C:\Users\Vladi\Downloads\uk_arbat_[bg.allfont.net].ttf
2019-01-18 18:53 - 2019-01-18 18:54 - 000000000 ____D C:\Users\Vladi\Desktop\WPTouch.Pro.v4.0.18.Nulled
2019-01-18 18:52 - 2019-01-18 18:52 - 001242266 _____ C:\Users\Vladi\Desktop\WPTouch.Pro.v4.0.18._ed.zip
2019-01-18 18:51 - 2019-01-18 18:52 - 001242266 _____ C:\Users\Vladi\Downloads\WPTouch.Pro.v4.0.18._ed.zip
2019-01-18 18:40 - 2019-01-09 15:12 - 001486670 _____ C:\Users\Vladi\Desktop\WPTouch Pro Nulled v4.3.13.zip
2019-01-18 18:39 - 2019-01-18 18:40 - 000000000 ____D C:\Users\Vladi\Desktop\Installable-plugin
2019-01-18 18:39 - 2019-01-18 18:39 - 001403484 _____ C:\Users\Vladi\Downloads\72624_wptouch-pro_v4313.zip
2019-01-18 18:39 - 2019-01-18 18:39 - 001403484 _____ C:\Users\Vladi\Desktop\72624_wptouch-pro_v4313.zip
2019-01-18 18:34 - 2019-01-18 18:34 - 003505696 _____ C:\Users\Vladi\Desktop\wptouch-pro.zip
2019-01-18 18:33 - 2019-01-18 18:34 - 000000000 ____D C:\Users\Vladi\Desktop\wptouch-pro
2019-01-18 18:31 - 2019-01-18 18:31 - 003486154 _____ C:\Users\Vladi\Downloads\87581_wptouch-pro_v4325.zip
2019-01-17 21:45 - 2019-01-17 21:45 - 000012565 _____ C:\Users\Vladi\Desktop\New Text Document (2).txt
2019-01-16 22:39 - 2019-01-16 22:39 - 073999135 _____ C:\Users\Vladi\Desktop\Платени плъгини.zip
2019-01-16 22:35 - 2019-01-16 22:38 - 000000000 ____D C:\Users\Vladi\Desktop\Платени плъгини
2019-01-16 17:40 - 2018-09-20 06:12 - 001483576 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-01-15 18:00 - 2019-01-15 18:00 - 000001047 _____ C:\Users\Vladi\Desktop\IrfanView 64.lnk
2019-01-15 18:00 - 2019-01-15 18:00 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2019-01-15 18:00 - 2019-01-15 18:00 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\IrfanView
2019-01-15 18:00 - 2019-01-15 18:00 - 000000000 ____D C:\Program Files\IrfanView
2019-01-15 17:56 - 2019-01-15 17:56 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\FastStone
2019-01-15 17:55 - 2019-01-15 17:55 - 000001196 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2019-01-15 17:55 - 2019-01-15 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2019-01-15 17:55 - 2019-01-15 17:55 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2019-01-15 00:38 - 2019-01-15 00:38 - 000000000 ____D C:\Users\Vladi\AppData\Local\Brice_Lambson
2019-01-15 00:11 - 2019-01-15 00:11 - 000000000 ____D C:\Program Files\Image Resizer for Windows
2019-01-15 00:09 - 2019-01-15 00:09 - 000000000 ____D C:\Program Files (x86)\Image Resizer for Windows
2019-01-13 21:53 - 2018-10-14 14:08 - 000000000 ____D C:\Users\Vladi\Desktop\madara1511
2019-01-13 17:08 - 2019-01-13 17:08 - 000000683 _____ C:\Users\Vladi\Desktop\Favorite tab.txt
2019-01-12 17:43 - 2019-01-12 18:25 - 000009065 _____ C:\Users\Vladi\Desktop\New Text Document (3).txt
2019-01-11 01:14 - 2019-01-11 01:14 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Poedit
2019-01-09 15:19 - 2019-01-01 15:46 - 012710912 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 15:19 - 2019-01-01 15:20 - 011902976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 15:19 - 2019-01-01 09:14 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-01-09 15:19 - 2019-01-01 09:14 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-01-09 15:19 - 2019-01-01 09:14 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-01-09 15:19 - 2019-01-01 09:13 - 003292152 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-01-09 15:19 - 2019-01-01 09:13 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-01-09 15:19 - 2019-01-01 09:13 - 000709728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-01-09 15:19 - 2019-01-01 09:13 - 000170808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 15:19 - 2019-01-01 09:12 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 15:19 - 2019-01-01 09:12 - 007520104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:19 - 2019-01-01 09:12 - 002765344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 15:19 - 2019-01-01 09:12 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-09 15:19 - 2019-01-01 09:12 - 002421288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 15:19 - 2019-01-01 09:12 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-01-09 15:19 - 2019-01-01 08:55 - 025856512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-01-09 15:19 - 2019-01-01 08:50 - 022715392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 15:19 - 2019-01-01 08:50 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-01-09 15:19 - 2019-01-01 08:47 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-01-09 15:19 - 2019-01-01 08:46 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-01-09 15:19 - 2019-01-01 08:45 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-01-09 15:19 - 2019-01-01 08:45 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-01-09 15:19 - 2019-01-01 08:44 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-01-09 15:19 - 2019-01-01 08:44 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 15:19 - 2019-01-01 08:44 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-01-09 15:19 - 2019-01-01 08:43 - 001805312 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 15:19 - 2019-01-01 08:42 - 004939776 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 15:19 - 2019-01-01 08:42 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-01-09 15:19 - 2019-01-01 08:41 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-01-09 15:19 - 2019-01-01 08:41 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-01-09 15:19 - 2019-01-01 08:37 - 006571584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:19 - 2019-01-01 08:37 - 002478664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-01-09 15:19 - 2019-01-01 08:37 - 002253696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 15:19 - 2019-01-01 08:37 - 001989040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-01-09 15:19 - 2019-01-01 08:29 - 022016512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-01-09 15:19 - 2019-01-01 08:22 - 019405312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 15:19 - 2019-01-01 08:16 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-01-09 15:19 - 2019-01-01 08:15 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-01-09 15:19 - 2019-01-01 08:15 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-01-09 15:19 - 2019-01-01 08:15 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-01-09 15:19 - 2019-01-01 08:14 - 004514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 15:19 - 2019-01-01 08:14 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-01-09 15:19 - 2019-01-01 08:13 - 001628160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 15:19 - 2019-01-01 08:13 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-01-09 15:18 - 2019-01-01 15:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-01-09 15:18 - 2019-01-01 15:47 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\windowslivelogin.dll
2019-01-09 15:18 - 2019-01-01 15:45 - 000714752 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2019-01-09 15:18 - 2019-01-01 15:45 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2019-01-09 15:18 - 2019-01-01 15:43 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-01-09 15:18 - 2019-01-01 15:20 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowslivelogin.dll
2019-01-09 15:18 - 2019-01-01 15:18 - 000500736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2019-01-09 15:18 - 2019-01-01 15:17 - 000231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2019-01-09 15:18 - 2019-01-01 09:14 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-01-09 15:18 - 2019-01-01 09:14 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-01-09 15:18 - 2019-01-01 09:14 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-01-09 15:18 - 2019-01-01 09:13 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 15:18 - 2019-01-01 09:12 - 000268304 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-01-09 15:18 - 2019-01-01 09:12 - 000128824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-01-09 15:18 - 2019-01-01 09:12 - 000043536 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-01-09 15:18 - 2019-01-01 08:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2019-01-09 15:18 - 2019-01-01 08:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 15:18 - 2019-01-01 08:48 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Print.Workflow.Source.dll
2019-01-09 15:18 - 2019-01-01 08:47 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-01-09 15:18 - 2019-01-01 08:46 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:18 - 2019-01-01 08:46 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-01-09 15:18 - 2019-01-01 08:45 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-01-09 15:18 - 2019-01-01 08:44 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2019-01-09 15:18 - 2019-01-01 08:44 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:18 - 2019-01-01 08:42 - 002247680 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2019-01-09 15:18 - 2019-01-01 08:42 - 001371136 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2019-01-09 15:18 - 2019-01-01 08:41 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 15:18 - 2019-01-01 08:41 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:18 - 2019-01-01 08:37 - 000880048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2019-01-09 15:18 - 2019-01-01 08:37 - 000581808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-01-09 15:18 - 2019-01-01 08:37 - 000381240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 15:18 - 2019-01-01 08:17 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:18 - 2019-01-01 08:16 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-01-09 15:18 - 2019-01-01 08:16 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2019-01-09 15:18 - 2019-01-01 08:15 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-01-09 15:18 - 2019-01-01 08:14 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:18 - 2019-01-01 08:13 - 000594432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-01-09 15:18 - 2019-01-01 08:12 - 001036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2019-01-09 15:18 - 2019-01-01 08:12 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:18 - 2019-01-01 08:12 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 15:18 - 2019-01-01 08:12 - 000516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2019-01-09 15:18 - 2019-01-01 07:23 - 000001310 _____ C:\Windows\system32\tcbres.wim
2019-01-09 15:18 - 2018-12-19 06:49 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-06 02:56 - 2019-01-06 02:56 - 000001008 _____ C:\Users\Vladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2019-01-06 02:56 - 2019-01-06 02:56 - 000000000 ____D C:\Users\Vladi\AppData\Local\4kdownload.com
2019-01-06 02:56 - 2019-01-06 02:56 - 000000000 ____D C:\Program Files (x86)\4KDownload
2019-01-05 11:13 - 2019-01-05 11:13 - 000004574 _____ C:\Users\Vladi\AppData\Local\recently-used.xbel
2019-01-04 18:19 - 2019-01-04 18:19 - 000000000 ____D C:\Users\Vladi\AppData\Local\Aegisub
2018-12-26 18:34 - 2018-12-26 18:34 - 000000000 ____D C:\Users\Vladi\AppData\LocalLow\Adobe
2018-12-26 18:32 - 2018-12-26 18:32 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\NVIDIA
2018-12-26 10:57 - 2018-12-26 10:57 - 000000000 ____D C:\Users\Vladi\AppData\Local\Viber
2018-12-26 10:53 - 2018-12-26 18:46 - 000000000 ____D C:\Windows\Minidump
2018-12-24 10:12 - 2018-12-25 10:36 - 000003680 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-38DQMQI-Vladi
2018-12-23 16:53 - 2018-12-23 16:53 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-12-23 16:53 - 2018-12-23 16:53 - 000000000 ____D C:\Users\Vladi\Documents\Adobe
2018-12-23 16:53 - 2018-12-23 16:53 - 000000000 ____D C:\Program Files (x86)\Starth
2018-12-23 16:47 - 2018-12-23 16:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-12-23 16:47 - 2018-12-23 16:47 - 000000000 ____D C:\Program Files\Adobe
2018-12-23 16:45 - 2018-12-26 18:33 - 000000000 ____D C:\Users\Vladi\AppData\Local\Adobe
2018-12-23 16:45 - 2018-12-23 16:49 - 000000000 ____D C:\ProgramData\Adobe
2018-12-23 16:45 - 2018-12-23 16:45 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-12-21 12:50 - 2019-01-19 13:23 - 000020480 ____H C:\Users\Vladi\Desktop\photothumb.db
2018-12-20 15:10 - 2018-12-14 09:29 - 001130760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-12-20 15:10 - 2018-12-14 09:25 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-12-20 15:10 - 2018-12-14 09:21 - 001457240 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-12-20 15:10 - 2018-12-14 09:21 - 001257672 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-12-20 15:10 - 2018-12-14 09:21 - 001140480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-12-20 15:10 - 2018-12-14 09:21 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-12-20 15:10 - 2018-12-14 09:21 - 000982912 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-12-20 15:10 - 2018-12-14 09:10 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-12-20 15:10 - 2018-12-14 09:07 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-20 15:10 - 2018-12-14 08:55 - 003396608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-12-20 15:10 - 2018-12-14 08:55 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-12-20 15:10 - 2018-12-14 08:54 - 006032384 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-12-20 15:10 - 2018-12-14 08:54 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-12-20 15:10 - 2018-12-14 08:52 - 002173440 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 15:10 - 2018-12-14 08:52 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-12-20 15:10 - 2018-12-14 08:51 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 15:10 - 2018-12-14 08:50 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-20 14:40 - 2018-12-20 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association
2018-12-20 14:40 - 2018-12-20 14:40 - 000000000 ____D C:\Program Files (x86)\SDA
2018-12-20 14:38 - 2018-12-20 14:38 - 000000000 ____D C:\Users\Vladi\AppData\Local\Downloaded Installations

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-19 18:30 - 2018-10-24 21:05 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\uTorrent
2019-01-19 18:20 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 17:43 - 2018-10-24 20:51 - 000000000 ____D C:\Users\Vladi\AppData\Local\Google
2019-01-19 17:41 - 2018-10-24 20:51 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-19 17:32 - 2018-10-24 20:41 - 000842712 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-19 17:32 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-01-19 17:31 - 2018-10-24 20:42 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-19 17:28 - 2018-10-28 20:00 - 000000000 ____D C:\ProgramData\VMware
2019-01-19 17:27 - 2018-10-24 20:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-19 17:27 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-01-19 17:26 - 2018-10-26 22:40 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\AIMP
2019-01-19 17:19 - 2018-11-30 19:34 - 000000000 ____D C:\Users\Vladi\AppData\LocalLow\Mozilla
2019-01-19 17:13 - 2018-10-24 20:30 - 000500904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-19 17:12 - 2018-11-16 09:17 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\qBittorrent
2019-01-19 16:22 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-19 16:22 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-01-19 14:59 - 2018-10-24 20:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-01-19 13:25 - 2018-11-03 21:37 - 000000000 ____D C:\Users\Vladi\Desktop\Originals
2019-01-19 13:23 - 2018-10-25 18:50 - 000000000 ____D C:\Users\Vladi\AppData\Local\MKVCleaver
2019-01-19 13:12 - 2018-10-25 19:48 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Aegisub
2019-01-19 13:11 - 2018-10-25 19:49 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\fontconfig
2019-01-18 17:02 - 2018-11-16 09:44 - 000000000 ____D C:\Program Files\rempl
2019-01-17 23:12 - 2018-10-24 23:25 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\discord
2019-01-17 18:17 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-01-16 20:39 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-01-16 17:12 - 2018-10-24 23:25 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-01-16 17:12 - 2018-10-24 23:25 - 000000000 ____D C:\Users\Vladi\AppData\Local\Discord
2019-01-15 00:53 - 2018-10-25 19:21 - 000000000 ____D C:\Users\Vladi\AppData\Local\CrashDumps
2019-01-15 00:09 - 2018-10-25 19:48 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-12 23:07 - 2018-10-24 23:45 - 000000000 ____D C:\Users\Vladi\Documents\ViberDownloads
2019-01-11 21:08 - 2018-10-29 22:03 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-01-11 21:06 - 2018-10-29 22:04 - 000000000 ____D C:\Users\Vladi\AppData\Local\Battle.net
2019-01-11 02:24 - 2018-10-24 20:40 - 000000000 ____D C:\Users\Vladi
2019-01-10 02:03 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-01-10 02:03 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-01-09 15:48 - 2018-10-25 18:15 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 15:43 - 2018-10-25 18:15 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-07 20:54 - 2018-11-01 23:53 - 000000000 ____D C:\ProgramData\TEMP
2019-01-06 21:07 - 2018-11-01 22:01 - 000000000 ____D C:\Users\Vladi\Desktop\Escanor
2019-01-05 12:48 - 2018-11-01 22:01 - 000000000 ____D C:\Users\Vladi\Desktop\Зъби
2019-01-05 11:13 - 2018-10-26 21:36 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\deluge
2019-01-02 21:41 - 2018-04-12 01:41 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-02 21:41 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 15:05 - 2018-10-29 22:43 - 000000000 ____D C:\Users\Vladi\Documents\StarCraft II
2019-01-01 15:05 - 2018-10-29 22:05 - 000000000 ____D C:\Users\Vladi\AppData\Local\Blizzard Entertainment
2019-01-01 15:04 - 2018-10-29 22:06 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2019-01-01 11:55 - 2018-10-25 18:30 - 000000000 ____D C:\Users\Vladi\Desktop\Игри
2018-12-31 09:49 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-12-26 18:33 - 2018-10-24 20:41 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\Adobe
2018-12-26 12:15 - 2018-10-24 23:32 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\ViberPC
2018-12-23 20:11 - 2018-10-24 20:41 - 000000000 ____D C:\Users\Vladi\AppData\Local\Packages
2018-12-23 16:42 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-20 15:26 - 2018-10-24 20:46 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2956623404-1635080235-2419004971-1001
2018-12-20 15:26 - 2018-10-24 20:44 - 000000000 ___RD C:\Users\Vladi\OneDrive
2018-12-20 15:26 - 2018-10-24 20:40 - 000002367 _____ C:\Users\Vladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2018-10-31 19:36 - 2018-10-31 19:36 - 000000000 _____ () C:\Users\Vladi\AppData\Local\D27589.tmp
2018-10-31 19:36 - 2018-10-31 19:36 - 000000000 _____ () C:\Users\Vladi\AppData\Local\D2C37B.tmp
2018-12-25 10:36 - 2018-12-25 10:36 - 000000000 _____ () C:\Users\Vladi\AppData\Local\oobelibMkey.log
2019-01-05 11:13 - 2019-01-05 11:13 - 000004574 _____ () C:\Users\Vladi\AppData\Local\recently-used.xbel
2018-10-24 21:12 - 2018-10-24 21:12 - 000000003 _____ () C:\Users\Vladi\AppData\Local\updater.log
2018-10-24 21:12 - 2018-10-24 21:12 - 000000425 _____ () C:\Users\Vladi\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2019-01-19 17:11 - 2019-01-19 16:51 - 074288784 _____ (Malwarebytes                                                ) C:\Users\Vladi\AppData\Local\Temp\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.4968.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-24 20:30

==================== End of FRST.txt ============================

Addition.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

По-късно ще напиша скрипт. Но май видях виновниците:

Цитат

2019-01-19 16:21 - 2019-01-19 17:26 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\TablacusApp2
2019-01-19 16:21 - 2019-01-19 16:25 - 000000000 ____D C:\Users\Vladi\AppData\Local\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\Program Files (x86)\SmartData

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря, аз ще минавам и ще гледам за отговор. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете edit-text.giffixlist.txt и го запазете на в папката, където сте свалили FRST64.exe.

Стартирайте FRST64.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.

Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by Vladi (20-01-2019 11:31:59) Run:1
Running from C:\Users\Vladi\Downloads
Loaded Profiles: Vladi &  (Available Profiles: Vladi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\d9we50gv.default -> hxxps://inline.go.mail.ru/homepage?inline_comp=ffhp15.1.11.102&inline_hp_cnt=11956636
FF HomepageOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: homepage@mail.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF NewTabOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: search@mail.ru
R2 Smart Monitoring; C:\Program Files (x86)\SmartData\svchost_ms.exe [2203648 2019-01-19] () [File not signed]
2019-01-19 16:21 - 2019-01-19 17:26 - 000000000 ____D C:\Users\Vladi\AppData\Roaming\TablacusApp2
2019-01-19 16:21 - 2019-01-19 16:25 - 000000000 ____D C:\Users\Vladi\AppData\Local\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-01-19 16:21 - 2019-01-19 16:22 - 000000000 ____D C:\Program Files (x86)\SmartData
2018-10-31 19:36 - 2018-10-31 19:36 - 000000000 _____ () C:\Users\Vladi\AppData\Local\D27589.tmp
2018-10-31 19:36 - 2018-10-31 19:36 - 000000000 _____ () C:\Users\Vladi\AppData\Local\D2C37B.tmp
Folder: C:\Program Files\rempl
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [376]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
FirewallRules: [{4C747352-DFE3-42CC-9CDA-6E4A6D5B845F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{874565AC-CC23-4F43-9829-00B61FBC3587}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [TCP Query User{CDC65CAE-DF99-4604-B10F-A07C45E4E43B}D:\игри\starcraft ii\versions\base71061\sc2_x64.exe] => (Allow) D:\игри\starcraft ii\versions\base71061\sc2_x64.exe No File
FirewallRules: [UDP Query User{0436E92A-359A-4A72-9BC0-98120D700805}D:\игри\starcraft ii\versions\base71061\sc2_x64.exe] => (Allow) D:\игри\starcraft ii\versions\base71061\sc2_x64.exe No File
FirewallRules: [TCP Query User{DB7C44BE-3310-479D-918C-3204CB6790CB}C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe No File
FirewallRules: [UDP Query User{F215E1D4-E7E6-41B6-A13D-288F1A6D00FD}C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe No File
FirewallRules: [TCP Query User{8B1E7ABC-2B26-40D2-BF83-F90617757C2A}C:\users\vladi\downloads\downloader_diablo2_enus (1).exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_enus (1).exe No File
FirewallRules: [UDP Query User{C5B2F0DA-49FA-4959-9385-AE3181766ACF}C:\users\vladi\downloads\downloader_diablo2_enus (1).exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_enus (1).exe No File
FirewallRules: [TCP Query User{52D2F5FA-3473-42B5-83C3-4C8B1EFA8614}C:\users\vladi\downloads\downloader_diablo2_enus.exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_enus.exe No File
FirewallRules: [UDP Query User{DAE615DB-F43A-4B2D-98B2-BB5E461E5F45}C:\users\vladi\downloads\downloader_diablo2_enus.exe] => (Allow) C:\users\vladi\downloads\downloader_diablo2_enus.exe No File
cmd: del %temp%\*.* /f /s /q
cmd: rd /s /q %temp%
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"Firefox homepage" => removed successfully
"FF HomepageOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: homepage@mail.ru" => not found
"FF NewTabOverride: Mozilla\Firefox\Profiles\d9we50gv.default -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}" => not found
"Firefox NewTabOverride (search@mail.ru) " => removed successfully
HKLM\System\CurrentControlSet\Services\Smart Monitoring => removed successfully
Smart Monitoring => service removed successfully
C:\Users\Vladi\AppData\Roaming\TablacusApp2 => moved successfully
C:\Users\Vladi\AppData\Local\Mail.Ru => moved successfully
C:\ProgramData\Mail.Ru => moved successfully
C:\Program Files (x86)\SmartData => moved successfully
C:\Users\Vladi\AppData\Local\D27589.tmp => moved successfully
C:\Users\Vladi\AppData\Local\D2C37B.tmp => moved successfully

========================= Folder: C:\Program Files\rempl ========================

2019-01-07 17:01 - 2019-01-07 17:01 - 000014534 ____A [E022D8156E57EBA1D416660669E67987] () C:\Program Files\rempl\CTAC.json
2019-01-07 17:01 - 2019-01-07 17:01 - 000092664 ____A [C8C3B8FB878CE29B75A69219ABFF4CCF] (Microsoft Corporation) C:\Program Files\rempl\disktoast.exe
2019-01-07 17:01 - 2019-01-07 17:01 - 000076984 ____A [A7851A05E83F42F741A804320C485083] (Microsoft Corporation) C:\Program Files\rempl\osrrb.exe
2019-01-07 17:01 - 2019-01-07 17:01 - 000003798 ____A [902B8F146998B77AB9450A484FA8796E] () C:\Program Files\rempl\rempl.xml
2019-01-11 13:28 - 2019-01-11 13:28 - 000283448 ____A [F8326B64CC70665225A2547CF84BE14F] (Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
2019-01-11 13:29 - 2019-01-11 13:29 - 001113912 ____A [EA27C334320FAA404D788E1251E213FD] (Microsoft Corporation) C:\Program Files\rempl\sedplugins.dll
2019-01-11 13:28 - 2019-01-11 13:28 - 000325432 ____A [B2A91F7491623480CEBF260355943E76] (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
2019-01-07 17:01 - 2019-01-07 17:01 - 000034696 ____A [CFF38DAC2D884B3A493DD74D8053E684] () C:\Program Files\rempl\ServiceStackHardening.Inf
2019-01-11 13:30 - 2019-01-11 13:30 - 000475960 ____A [F1DD9A74E929F72BE15725D3E0158BCA] (Microsoft Corporation) C:\Program Files\rempl\strgsnsaddons.dll
2019-01-07 17:01 - 2019-01-07 17:01 - 000000570 ____A [DF28BE0DF05E1F12A22F72902F25360C] () C:\Program Files\rempl\toastlogo.png
2018-11-16 09:44 - 2019-01-20 11:32 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\rempl\Logs
2019-01-19 12:42 - 2019-01-20 11:14 - 000065536 _____ [6065369F82A2D0773EDEA1E1318AC53A] () C:\Program Files\rempl\Logs\LauncherRemediation.001.etl
2019-01-19 12:42 - 2019-01-19 17:12 - 000131072 ____A [9337884AEC5FEB0E1454A696682420CF] () C:\Program Files\rempl\Logs\LauncherRemediation.002.etl
2018-11-16 09:44 - 2019-01-18 17:02 - 000196608 ____A [FF131D0B9ED3D765E3208BA38FFE12F1] () C:\Program Files\rempl\Logs\LauncherRemediation.004.etl
2018-11-16 09:44 - 2019-01-17 16:48 - 000131072 ____A [2445CB5996531FC3D667B2A8649C8FD0] () C:\Program Files\rempl\Logs\LauncherRemediation.005.etl
2018-11-16 09:44 - 2019-01-16 17:42 - 000131072 ____A [62F1A0138923A97C45180F9563621A27] () C:\Program Files\rempl\Logs\LauncherRemediation.006.etl
2018-11-16 09:44 - 2019-01-16 17:10 - 000196608 ____A [003CD97BFFAA3AE60790359434FE1DBF] () C:\Program Files\rempl\Logs\LauncherRemediation.007.etl
2018-11-16 09:44 - 2019-01-15 17:18 - 000131072 ____A [C58B372AB3E6DA95224D31B5BE2BDDDC] () C:\Program Files\rempl\Logs\LauncherRemediation.008.etl
2018-11-16 09:44 - 2019-01-15 17:17 - 000131072 ____A [CE12472B688C90DB0CC2BD9820AD2EB7] () C:\Program Files\rempl\Logs\LauncherRemediation.009.etl
2018-11-16 09:44 - 2019-01-14 17:44 - 000131072 ____A [EE300443CD2CBE55D4C614F3F2EC7728] () C:\Program Files\rempl\Logs\LauncherRemediation.010.etl
2018-11-16 09:44 - 2019-01-13 15:29 - 000131072 ____A [FD8196712A0E4BB24FFD8A6DE57F3A31] () C:\Program Files\rempl\Logs\LauncherRemediation.011.etl
2018-11-16 09:44 - 2019-01-13 12:05 - 000131072 ____A [66C51663DED92B29EB3F236E28185D04] () C:\Program Files\rempl\Logs\LauncherRemediation.012.etl
2018-11-16 09:44 - 2019-01-13 11:45 - 000131072 ____A [C176D0E75F30235505BEFBCBA18DB59C] () C:\Program Files\rempl\Logs\LauncherRemediation.013.etl
2018-11-16 09:44 - 2019-01-13 10:44 - 000131072 ____A [58EB9FB57DDBAF1ED865E7E7C2A59AB2] () C:\Program Files\rempl\Logs\LauncherRemediation.014.etl
2018-11-16 09:44 - 2019-01-12 16:29 - 000131072 ____A [2C42DC82EEEDCE6435F6019577E17810] () C:\Program Files\rempl\Logs\LauncherRemediation.015.etl
2018-11-16 09:44 - 2019-01-12 12:45 - 000131072 ____A [90177B479E18AA13634F22A86D5EFE28] () C:\Program Files\rempl\Logs\LauncherRemediation.016.etl
2018-11-16 09:44 - 2019-01-12 10:00 - 000131072 ____A [EFD617F8B087D26243565ECFFDD99B75] () C:\Program Files\rempl\Logs\LauncherRemediation.017.etl
2018-11-16 09:44 - 2019-01-11 17:31 - 000131072 ____A [A745AD73F6241E5BF5D4506D2E6A1FB1] () C:\Program Files\rempl\Logs\LauncherRemediation.018.etl
2018-11-16 09:44 - 2019-01-10 17:06 - 000131072 ____A [3F04921790A7EF62093956E88E395172] () C:\Program Files\rempl\Logs\LauncherRemediation.019.etl
2018-11-16 09:44 - 2019-01-09 15:55 - 000131072 ____A [B5D1F5277D3CF4FE346114F54E2C5161] () C:\Program Files\rempl\Logs\LauncherRemediation.020.etl
2018-11-16 09:44 - 2019-01-09 12:23 - 000131072 ____A [75D992918136CF39FEB3971331C48A92] () C:\Program Files\rempl\Logs\LauncherRemediation.021.etl
2018-11-16 09:44 - 2019-01-09 10:28 - 000131072 ____A [494CB56807D64BE257AC24A8E6542C8E] () C:\Program Files\rempl\Logs\LauncherRemediation.022.etl
2018-11-16 09:44 - 2019-01-09 09:00 - 000131072 ____A [34F09A7CA46CF138C1ED467CFD6B0E38] () C:\Program Files\rempl\Logs\LauncherRemediation.023.etl
2018-11-16 09:44 - 2019-01-08 17:04 - 000131072 ____A [3F9979EDA503ED6160734247B26AEB07] () C:\Program Files\rempl\Logs\LauncherRemediation.024.etl
2018-11-16 09:44 - 2019-01-07 12:28 - 000131072 ____A [9028B10961A02BD87CBA0D6BB30E8158] () C:\Program Files\rempl\Logs\LauncherRemediation.025.etl
2018-11-16 09:44 - 2019-01-07 11:02 - 000131072 ____A [5D3C47F9F0202248335AA0AD282D19FD] () C:\Program Files\rempl\Logs\LauncherRemediation.026.etl
2018-11-16 09:44 - 2019-01-06 12:23 - 000131072 ____A [C7A2E2D9C109A1692A57B0411D96AFC3] () C:\Program Files\rempl\Logs\LauncherRemediation.027.etl
2018-11-16 09:44 - 2019-01-06 11:57 - 000131072 ____A [EAAF893BC29F1131BFF265991A6A100E] () C:\Program Files\rempl\Logs\LauncherRemediation.028.etl
2018-11-16 09:44 - 2019-01-06 11:39 - 000131072 ____A [FFD42F3699642E2C9D1AE62C1F4CC1CB] () C:\Program Files\rempl\Logs\LauncherRemediation.029.etl
2018-11-16 09:44 - 2019-01-05 13:00 - 000131072 ____A [9FEA8B24F81308940F021265DE72CC5D] () C:\Program Files\rempl\Logs\LauncherRemediation.030.etl
2018-11-16 09:44 - 2019-01-05 11:46 - 000131072 ____A [1B93D36F9DA33420798DC747B2FB4CF1] () C:\Program Files\rempl\Logs\LauncherRemediation.031.etl
2018-11-16 09:44 - 2019-01-05 10:55 - 000131072 ____A [F6FB5DAA47C31ED14D5A2145234D7C4C] () C:\Program Files\rempl\Logs\LauncherRemediation.032.etl
2018-11-16 09:44 - 2019-01-04 12:46 - 000131072 ____A [45767E338F92C6E898EBC7CB7E954683] () C:\Program Files\rempl\Logs\LauncherRemediation.033.etl
2018-11-16 09:44 - 2019-01-04 11:58 - 000131072 ____A [CCEC330F383C0953E5167B144AE21512] () C:\Program Files\rempl\Logs\LauncherRemediation.034.etl
2018-11-16 09:44 - 2019-01-03 12:01 - 000131072 ____A [3EE6C1968FFF3FA0341E1A4F576EB780] () C:\Program Files\rempl\Logs\LauncherRemediation.035.etl
2018-11-16 09:44 - 2019-01-03 11:29 - 000131072 ____A [81E19E027025958B9B024F988392FA2B] () C:\Program Files\rempl\Logs\LauncherRemediation.036.etl
2018-11-16 09:44 - 2019-01-02 12:17 - 000131072 ____A [D6733622070EC3C7E0FE6E744EB3B16D] () C:\Program Files\rempl\Logs\LauncherRemediation.037.etl
2018-11-16 09:44 - 2019-01-02 11:26 - 000131072 ____A [C611602AA676A48506584A6627972FC7] () C:\Program Files\rempl\Logs\LauncherRemediation.038.etl
2018-11-16 09:44 - 2019-01-02 10:00 - 000131072 ____A [89E3958F9F7820CCAEF7C1FAE1EDE26A] () C:\Program Files\rempl\Logs\LauncherRemediation.039.etl
2018-11-16 09:44 - 2019-01-01 12:29 - 000131072 ____A [C04686AEFE9139021A57693C989935F5] () C:\Program Files\rempl\Logs\LauncherRemediation.040.etl
2018-11-16 09:44 - 2019-01-01 11:47 - 000131072 ____A [622F72C3639A6B4D7AD0C77195A80946] () C:\Program Files\rempl\Logs\LauncherRemediation.041.etl
2018-11-16 09:44 - 2018-12-31 12:22 - 000131072 ____A [5609443E442ACC771125BC68CF4D0CE2] () C:\Program Files\rempl\Logs\LauncherRemediation.042.etl
2018-11-16 09:44 - 2018-12-31 11:00 - 000131072 ____A [097AF243718FBB92DE3F4E91E41FA7A9] () C:\Program Files\rempl\Logs\LauncherRemediation.043.etl
2018-11-16 09:44 - 2018-12-31 10:46 - 000131072 ____A [8B071E955D37B9DAD1366F612BBBF37C] () C:\Program Files\rempl\Logs\LauncherRemediation.044.etl
2018-11-16 09:44 - 2018-12-31 09:50 - 000131072 ____A [55ED9D578BF332088AE39FFA1CA064D0] () C:\Program Files\rempl\Logs\LauncherRemediation.045.etl
2018-11-16 09:44 - 2018-12-30 12:00 - 000131072 ____A [17D3857FFA03107D07292256CED811E3] () C:\Program Files\rempl\Logs\LauncherRemediation.046.etl
2018-11-16 09:44 - 2018-12-30 11:46 - 000131072 ____A [2105959EED8E91ACC739BD0D7AAFFD4E] () C:\Program Files\rempl\Logs\LauncherRemediation.047.etl
2018-11-16 09:44 - 2018-12-30 11:12 - 000131072 ____A [69B833A0AB55CD82C7E435E931AB72FB] () C:\Program Files\rempl\Logs\LauncherRemediation.048.etl
2018-11-16 09:44 - 2018-12-29 12:46 - 000131072 ____A [EFF0CF791F8BA58A353544B76ACDAEC8] () C:\Program Files\rempl\Logs\LauncherRemediation.049.etl
2018-11-16 09:44 - 2018-12-29 11:14 - 000131072 ____A [AA38F2A8CDEDA2F3E081693E3CE3AB26] () C:\Program Files\rempl\Logs\LauncherRemediation.050.etl
2019-01-19 12:42 - 2019-01-20 11:15 - 000458752 _____ [081BCD7BFDFD27EA3F7BBE4E68A2E7F3] () C:\Program Files\rempl\Logs\Remediation.001.etl
2019-01-19 12:42 - 2019-01-19 17:12 - 000655360 ____A [F603D60CDB2A48B15D1EAA2EAC3F6F6B] () C:\Program Files\rempl\Logs\Remediation.002.etl
2018-11-16 09:44 - 2019-01-18 17:02 - 000458752 ____A [42B0EDA28B93DF9BE112F3E08E922E73] () C:\Program Files\rempl\Logs\Remediation.004.etl
2018-11-16 09:44 - 2019-01-17 16:48 - 000131072 ____A [54638CF5E457FB9381D109D12CCF60DF] () C:\Program Files\rempl\Logs\Remediation.005.etl
2018-11-16 09:44 - 2019-01-16 17:42 - 000458752 ____A [AA03E7FE9D1D7BAC4F1BF1E6CDAFE983] () C:\Program Files\rempl\Logs\Remediation.006.etl
2018-11-16 09:44 - 2019-01-16 17:10 - 000196608 ____A [8A28D5EEDD630F6E914793017F7B0F3C] () C:\Program Files\rempl\Logs\Remediation.007.etl
2018-11-16 09:44 - 2019-01-15 17:18 - 000131072 ____A [1ED5BE942B86A02D296C08562A828BD5] () C:\Program Files\rempl\Logs\Remediation.008.etl
2018-11-16 09:44 - 2019-01-15 17:17 - 000131072 ____A [D8CDF9B5A52AD83DD9E0FBBBCE8E5848] () C:\Program Files\rempl\Logs\Remediation.009.etl
2018-11-16 09:44 - 2019-01-14 17:44 - 000458752 ____A [9EAEB1373CEFB9CBCD7D0FE979D1F117] () C:\Program Files\rempl\Logs\Remediation.010.etl
2018-11-16 09:44 - 2019-01-13 15:29 - 000131072 ____A [33F709AD708CD342902C14B474EA28A6] () C:\Program Files\rempl\Logs\Remediation.011.etl
2018-11-16 09:44 - 2019-01-13 12:05 - 000131072 ____A [E31784443E678D123D3CB04D6455E724] () C:\Program Files\rempl\Logs\Remediation.012.etl
2018-11-16 09:44 - 2019-01-13 11:45 - 000131072 ____A [404D6829DA1058E7307A7B409123C7A2] () C:\Program Files\rempl\Logs\Remediation.013.etl
2018-11-16 09:44 - 2019-01-13 10:44 - 000458752 ____A [7EF959E788745F8B2E1EEB267BC4021D] () C:\Program Files\rempl\Logs\Remediation.014.etl
2018-11-16 09:44 - 2019-01-12 16:29 - 000131072 ____A [923260F289D69324DB7D764A43D6D371] () C:\Program Files\rempl\Logs\Remediation.015.etl
2018-11-16 09:44 - 2019-01-12 12:45 - 000131072 ____A [56FD86D9E0AE3490DD7A82D83DA1B19C] () C:\Program Files\rempl\Logs\Remediation.016.etl
2018-11-16 09:44 - 2019-01-12 10:00 - 000131072 ____A [FB42EED96670F1E0E1E265AAF77BBB46] () C:\Program Files\rempl\Logs\Remediation.017.etl
2018-11-16 09:44 - 2019-01-11 17:31 - 000458752 ____A [C83A54C1B8C3EFD7F029912DB2947AB6] () C:\Program Files\rempl\Logs\Remediation.018.etl
2018-11-16 09:44 - 2019-01-10 17:06 - 000458752 ____A [0E07C78A54C9F978F497CCB5B095E7F9] () C:\Program Files\rempl\Logs\Remediation.019.etl
2018-11-16 09:44 - 2019-01-09 15:55 - 000131072 ____A [8832F03DBDFCC515CAB3A134FED0D2FD] () C:\Program Files\rempl\Logs\Remediation.020.etl
2018-11-16 09:44 - 2019-01-09 12:23 - 000131072 ____A [4011674DAD6C88CADA8D712E0D982B7F] () C:\Program Files\rempl\Logs\Remediation.021.etl
2018-11-16 09:44 - 2019-01-09 10:28 - 000131072 ____A [FE7B122908CE6018206F5422D27816F6] () C:\Program Files\rempl\Logs\Remediation.022.etl
2018-11-16 09:44 - 2019-01-09 09:00 - 000131072 ____A [3044C6A61CCA60FA39C81FA90633B244] () C:\Program Files\rempl\Logs\Remediation.023.etl
2018-11-16 09:44 - 2019-01-08 17:04 - 000458752 ____A [21B305387D2A0831F7A05C7A5789BA68] () C:\Program Files\rempl\Logs\Remediation.024.etl
2018-11-16 09:44 - 2019-01-07 12:28 - 000131072 ____A [AC246268536E8FCA0F505744BDCA78E5] () C:\Program Files\rempl\Logs\Remediation.025.etl
2018-11-16 09:44 - 2019-01-07 11:02 - 000458752 ____A [70502ED878A94D0F4993BDA8D0B1ED9D] () C:\Program Files\rempl\Logs\Remediation.026.etl
2018-11-16 09:44 - 2019-01-06 12:23 - 000131072 ____A [08F2F612FCDAFA6090BF7FCF859614C1] () C:\Program Files\rempl\Logs\Remediation.027.etl
2018-11-16 09:44 - 2019-01-06 11:57 - 000131072 ____A [88AB7C76E20FEACC3AC75A04128F9EA3] () C:\Program Files\rempl\Logs\Remediation.028.etl
2018-11-16 09:44 - 2019-01-06 11:39 - 000131072 ____A [5CB7FB0F37D796A9548195EBF3DEA737] () C:\Program Files\rempl\Logs\Remediation.029.etl
2018-11-16 09:44 - 2019-01-05 13:00 - 000458752 ____A [05C9C155F9F270F1443AC21DED7426ED] () C:\Program Files\rempl\Logs\Remediation.030.etl
2018-11-16 09:44 - 2019-01-05 11:46 - 000131072 ____A [5E2916DC8DEA880DEED650D64547A583] () C:\Program Files\rempl\Logs\Remediation.031.etl
2018-11-16 09:44 - 2019-01-05 10:55 - 000131072 ____A [7E66C2B7F22D1202D1790BF971D2CBB3] () C:\Program Files\rempl\Logs\Remediation.032.etl
2018-11-16 09:44 - 2019-01-04 12:46 - 000131072 ____A [E8737D1D9F0E3BCE27BE58F254EE8B2D] () C:\Program Files\rempl\Logs\Remediation.033.etl
2018-11-16 09:44 - 2019-01-04 11:58 - 000458752 ____A [A89D7F3EDDA35A75CD50AAA4A62A9B36] () C:\Program Files\rempl\Logs\Remediation.034.etl
2018-11-16 09:44 - 2019-01-03 12:01 - 000131072 ____A [9C365C648F67F4F21647CB236BFA4B6E] () C:\Program Files\rempl\Logs\Remediation.035.etl
2018-11-16 09:44 - 2019-01-03 11:29 - 000458752 ____A [DD9452B6D9C763407466AD8E91CACF90] () C:\Program Files\rempl\Logs\Remediation.036.etl
2018-11-16 09:44 - 2019-01-02 12:17 - 000131072 ____A [1AB2890F553BA20E6F5252FE0170D0DB] () C:\Program Files\rempl\Logs\Remediation.037.etl
2018-11-16 09:44 - 2019-01-02 11:26 - 000131072 ____A [66D98F35651E253DC5357B033E84DA28] () C:\Program Files\rempl\Logs\Remediation.038.etl
2018-11-16 09:44 - 2019-01-02 10:00 - 000131072 ____A [14EF4208A0116B4831975A29391E4FF5] () C:\Program Files\rempl\Logs\Remediation.039.etl
2018-11-16 09:44 - 2019-01-01 12:29 - 000458752 ____A [42D2F660F2F746E9428AB09B4CBFC987] () C:\Program Files\rempl\Logs\Remediation.040.etl
2018-11-16 09:44 - 2019-01-01 11:47 - 000131072 ____A [1D3A2A65DC25BFAAADB3897FD24B8AF8] () C:\Program Files\rempl\Logs\Remediation.041.etl
2018-11-16 09:44 - 2018-12-31 12:22 - 000458752 ____A [3CBAA6441A28ED3BD8B9939443EA481D] () C:\Program Files\rempl\Logs\Remediation.042.etl
2018-11-16 09:44 - 2018-12-31 11:00 - 000131072 ____A [FABCBB3A9DCA25DC614CBAA42510CC91] () C:\Program Files\rempl\Logs\Remediation.043.etl
2018-11-16 09:44 - 2018-12-31 10:46 - 000131072 ____A [10B89D5B5435D1EEBEDA3BEB4DDC46CE] () C:\Program Files\rempl\Logs\Remediation.044.etl
2018-11-16 09:44 - 2018-12-31 09:50 - 000131072 ____A [C160001391937967B5726DF9A402196C] () C:\Program Files\rempl\Logs\Remediation.045.etl
2018-11-16 09:44 - 2018-12-30 12:00 - 000131072 ____A [1D8576B3DF23BC3675FB5BE15C2672ED] () C:\Program Files\rempl\Logs\Remediation.046.etl
2018-11-16 09:44 - 2018-12-30 11:46 - 000131072 ____A [9CFEBEBB468BF552E95FA89F50EB33E5] () C:\Program Files\rempl\Logs\Remediation.047.etl
2018-11-16 09:44 - 2018-12-30 11:12 - 000458752 ____A [CC2CC482DBE7C16002749C38AD313FC6] () C:\Program Files\rempl\Logs\Remediation.048.etl
2018-11-16 09:44 - 2018-12-29 12:46 - 000131072 ____A [950900C1AC56F2A33C035CB00D85A909] () C:\Program Files\rempl\Logs\Remediation.049.etl
2018-11-16 09:44 - 2018-12-29 11:14 - 000131072 ____A [BE85A8F17D72ACD80F3673198AFA2111] () C:\Program Files\rempl\Logs\Remediation.050.etl
2018-11-16 09:44 - 2019-01-19 17:30 - 000065536 ____A [D77DE6665643C92EFF689C26824B207E] () C:\Program Files\rempl\Logs\ServiceRemediation.002.etl
2018-11-16 09:44 - 2019-01-19 17:26 - 000131072 ____A [B9BC9597798C9B1029D94E75BAD7F850] () C:\Program Files\rempl\Logs\ServiceRemediation.003.etl
2018-11-16 09:44 - 2019-01-19 17:12 - 000131072 ____A [AABEE16E6D617EFF9E1040F3CA62F87F] () C:\Program Files\rempl\Logs\ServiceRemediation.004.etl
2018-11-16 09:44 - 2019-01-19 02:07 - 000131072 ____A [3E082BD908F2FC5F0D0B1343BC420B99] () C:\Program Files\rempl\Logs\ServiceRemediation.005.etl
2018-11-16 09:44 - 2019-01-18 17:02 - 000131072 ____A [3F502DDD36FBD0A9ADCF06692C52B798] () C:\Program Files\rempl\Logs\ServiceRemediation.006.etl
2018-11-16 09:44 - 2019-01-17 02:03 - 000131072 ____A [BCA2384E76651E14DD20861FA086871C] () C:\Program Files\rempl\Logs\ServiceRemediation.007.etl
2018-11-16 09:44 - 2019-01-10 16:52 - 000065536 ____A [8870EA913C471C0D20F703D16B2B4952] () C:\Program Files\rempl\Logs\ServiceRemediation.008.etl
2018-11-16 09:44 - 2019-01-10 02:04 - 000131072 ____A [A918C2782B65C9E7D33DC29F165D5607] () C:\Program Files\rempl\Logs\ServiceRemediation.009.etl
2018-11-16 09:44 - 2019-01-07 01:47 - 000131072 ____A [1A8BF0446566913D1FD116C6DC005218] () C:\Program Files\rempl\Logs\ServiceRemediation.010.etl
2018-11-16 09:44 - 2018-12-26 10:57 - 000065536 ____A [DE3A498310B834C70620BCF2F782A064] () C:\Program Files\rempl\Logs\ServiceRemediation.011.etl
2018-11-16 09:44 - 2018-12-23 17:03 - 000065536 ____A [BA84202676BE493C28E5EC133BCC0EDF] () C:\Program Files\rempl\Logs\ServiceRemediation.012.etl
2018-11-16 09:44 - 2018-12-23 16:59 - 000131072 ____A [769C3E71AE223C999D59D278E5731052] () C:\Program Files\rempl\Logs\ServiceRemediation.013.etl
2018-11-16 09:44 - 2018-12-21 02:07 - 000131072 ____A [BDA200EA8E9905F768909B3FB8868697] () C:\Program Files\rempl\Logs\ServiceRemediation.014.etl
2018-11-16 09:44 - 2018-12-20 14:52 - 000131072 ____A [641C9B1369CF403D8A7BB1A47DD85C54] () C:\Program Files\rempl\Logs\ServiceRemediation.015.etl
2018-11-16 09:44 - 2018-12-15 16:22 - 000131072 ____A [2A69FB7C516BE2955CAB3D00347A38C1] () C:\Program Files\rempl\Logs\ServiceRemediation.016.etl
2018-11-16 09:44 - 2018-12-15 15:15 - 000065536 ____A [E2AA0DFBA090EFA44AE461816BC142C4] () C:\Program Files\rempl\Logs\ServiceRemediation.017.etl
2018-11-16 09:44 - 2018-12-15 14:22 - 000065536 ____A [ED0C7F98DA76AD0A812611BEA8ECECD9] () C:\Program Files\rempl\Logs\ServiceRemediation.018.etl
2018-11-16 09:44 - 2018-12-13 17:49 - 000065536 ____A [A13D23A20266E4CDDDECFE9164CF95F0] () C:\Program Files\rempl\Logs\ServiceRemediation.019.etl
2018-11-16 09:44 - 2018-12-13 17:44 - 000131072 ____A [7A19AB462775520EE695DEA7ED25754D] () C:\Program Files\rempl\Logs\ServiceRemediation.020.etl
2018-11-16 09:44 - 2018-12-08 09:36 - 000131072 ____A [D9B6E411602DD5D51E7E1D8F6B24F185] () C:\Program Files\rempl\Logs\ServiceRemediation.021.etl
2018-11-16 09:44 - 2018-11-22 07:27 - 000065536 ____A [DF12AB3AA15A10DFE3AD8D7C26F5C2F3] () C:\Program Files\rempl\Logs\ServiceRemediation.022.etl
2018-11-16 09:44 - 2018-11-22 00:29 - 000196608 ____A [570BF28841AFB1EB8B195A708A96807E] () C:\Program Files\rempl\Logs\ServiceRemediation.023.etl

====== End of Folder: ======

C:\ProgramData\TEMP => ":58A5270D" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C747352-DFE3-42CC-9CDA-6E4A6D5B845F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{874565AC-CC23-4F43-9829-00B61FBC3587}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CDC65CAE-DF99-4604-B10F-A07C45E4E43B}D:\игри\starcraft ii\versions\base71061\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0436E92A-359A-4A72-9BC0-98120D700805}D:\игри\starcraft ii\versions\base71061\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB7C44BE-3310-479D-918C-3204CB6790CB}C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F215E1D4-E7E6-41B6-A13D-288F1A6D00FD}C:\users\vladi\downloads\downloader_diablo2_lord_of_destruction_enus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B1E7ABC-2B26-40D2-BF83-F90617757C2A}C:\users\vladi\downloads\downloader_diablo2_enus (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C5B2F0DA-49FA-4959-9385-AE3181766ACF}C:\users\vladi\downloads\downloader_diablo2_enus (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{52D2F5FA-3473-42B5-83C3-4C8B1EFA8614}C:\users\vladi\downloads\downloader_diablo2_enus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DAE615DB-F43A-4B2D-98B2-BB5E461E5F45}C:\users\vladi\downloads\downloader_diablo2_enus.exe" => removed successfully

========= del %temp%\*.* /f /s /q =========

Deleted file - C:\Users\Vladi\AppData\Local\Temp\2a65f440-c1f8-4c8e-a77b-8f824c09c534.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\3ab1e975-c451-43ee-b645-7640ad0c4331.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\4670c979-94e2-4bf8-907e-5fb081c37d42.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\7ecf5189-71c4-4608-98a1-4fd0f6e45030.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\8bd066d3-42a9-4ff6-9495-415093f9b816.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\adobegc.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-10760.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-11188.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-11608.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-12220.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-14060.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-14240.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-19244.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-3084.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-35316.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-35628.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-36984.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-37064.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-37832.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-3888.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-39696.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-40228.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-41612.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-42856.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-44300.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-44660.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-74632.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\aria-debug-8592.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\ashinet_B442E08F.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\chrome_installer.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\ecache.bin
Deleted file - C:\Users\Vladi\AppData\Local\Temp\f175b275-40a8-4739-941d-00d64986c502.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\f27e6b25-ee63-40f9-af8a-caf88eeb82e5.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\fno18dhjs
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Image_Resizer_for_Windows_20190115000849.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Image_Resizer_for_Windows_20190115000849_000_ImageResizer_x86.msi.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Image_Resizer_for_Windows_20190115000849_001_ImageResizer_x64.msi.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt1262.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt14E0.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt15E9.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt1A2C.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt1AF8.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt35F1.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt399F.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt3F98.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt48A9.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt48C8.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt61E9.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt78D2.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt8007.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt86B8.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgt8838.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtA47F.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtD1FC.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtDDA1.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtDE56.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtDF47.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtE3A9.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtE90C.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtF18.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtF5D1.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtFC9E.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\lgtFE46.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mb-clean-results.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.4968.exe
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mb_setup.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-qBitto-2d83-1-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-1-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-2-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-4-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-5-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-6-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\qtsingleapp-Viber-0-7-lockfile
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Setup Log 2019-01-19 #001.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Setup Log 2019-01-19 #002.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Setup Log 2019-01-19 #003.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Setup Log 2019-01-19 #004.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\StructuredQuery.log
Deleted file - C:\Users\Vladi\AppData\Local\Temp\test
Deleted file - C:\Users\Vladi\AppData\Local\Temp\tmpaddon
Deleted file - C:\Users\Vladi\AppData\Local\Temp\tmpaddon-96085
Deleted file - C:\Users\Vladi\AppData\Local\Temp\wct1928.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\wct1D82.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\wct1E24.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\wctD7EA.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\wctF14.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\139b-8b28-5d3d-7e8e\ie\p0b4c3115a4446533ea643007f860c4f6
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\AppxProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\AssocProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\CbsProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\CompatProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\DismCore.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\DismCorePS.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\DismHost.exe
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\DismProv.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\DmiProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\FfuProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\FolderProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\GenericProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\IBSProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\ImagingProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\IntlProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\LogProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\MsiProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\OfflineSetupProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\OSProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\ProvProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\SetupPlatformProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\SmiProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\SysprepProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\TransmogProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\UnattendProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\VhdProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\WimProvider.dll
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\AppxProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\AssocProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\CompatProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\DismCore.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\DismProv.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\FfuProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\GenericProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\IBSProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\ImagingProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\LogProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\OfflineSetupProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\OSProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\ProvProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\SetupPlatformProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\SysprepProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\VhdProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\2D8AD443-A0E1-4805-8BCA-C0D9C1641C1D\en-US\WimProvider.dll.mui
Deleted file - C:\Users\Vladi\AppData\Local\Temp\9WFQLUEr4qVgzpq5\b385232b4bb22f7d096bf88633b52ab9.exe
Deleted file - C:\Users\Vladi\AppData\Local\Temp\bsTempPath\ACD8835.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\CR_D010B.tmp\setup.exe
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Discord Crashes\operation_log.txt
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\3ca9678.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\3ca97e8.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\3f0bcd0.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\3f0bce0.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\434e1c0.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\434e200.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\434e210.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\434e2f0.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\c15480.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\mbam\qt-jl-icons\c154a0.ico
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir16848_27802\14e7cb37049d7fd65e36032a110ef3de.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir16904_5517\58fd2875d568072bcb10dfd70064bdc9.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir416_10469\942c842d271cee2501c2ac1a319c8f31.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir416_10469\acbf7002cee0b04daf2ff5c2cb156a4e.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir51172_7754\58fd2875d568072bcb10dfd70064bdc9.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir51172_7754\74744bcbb4eb8e81202b18768be08e1d.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir51172_7754\acbf7002cee0b04daf2ff5c2cb156a4e.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6772_28160\14e7cb37049d7fd65e36032a110ef3de.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\f27e6b25-ee63-40f9-af8a-caf88eeb82e5.tmp
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\128.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\manifest.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ar\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\bg\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ca\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\cs\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\da\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\de\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\el\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\en_GB\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\en_US\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\es\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\es_419\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\et\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\eu\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\fi\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\fil\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\fr\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\he\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\hi\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\hr\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\hu\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\id\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\it\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ja\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ko\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\lt\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\lv\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ms\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\nl\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\no\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\pl\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\pt_BR\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\pt_PT\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ro\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\ru\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\sk\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\sl\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\sr\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\sv\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\th\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\tr\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\uk\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\vi\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\zh_CN\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_locales\zh_TW\messages.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir6904_186\CRX_INSTALL\_metadata\verified_contents.json
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir8980_12632\14e7cb37049d7fd65e36032a110ef3de.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\scoped_dir8980_12632\942c842d271cee2501c2ac1a319c8f31.png
Deleted file - C:\Users\Vladi\AppData\Local\Temp\Viber Crashes\.id
Deleted file - C:\Users\Vladi\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
Deleted file - C:\Users\Vladi\AppData\Local\Temp\~nsuA.tmp\Un_B.exe

========= End of CMD: =========


========= rd /s /q %temp% =========


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2956623404-1635080235-2419004971-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2956623404-1635080235-2419004971-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01192019172904180\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 302866105 B
Java, Flash, Steam htmlcache => 28178442 B
Windows/system/drivers => 1794614 B
Edge => 1486043 B
Chrome => 401778466 B
Firefox => 50343889 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 23626 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 295686 B
NetworkService => 0 B
Vladi => 8057527 B

RecycleBin => 16592939 B
EmptyTemp: => 781.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:37:01 ====

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ми, май пак си е така. Забелязвам, че в мозилата ми изкачат тия реклами, въпреки че я преинсталирах. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не би трябвало да е същото, защото премахнахме Bitcoinminer-a и поне би трябвало да не товари охлаждането.

А иначе не правете неща на своя глава докато имате тема тук, защото така може да пропусна някои детайли по време на почистващия процес.

  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner 7.2.6.0 Final
  • Натиснете бутона Scan Now (или Сканиране сега, ако ви е на български)

4lqbd6J.png

  • AdwCleaner ще обнови базата с дефинициите си и ще започне да проверява компютъра. Проверката ще отнеме не повече от няколко секунди.
  • След като проверката приключи ако има намерени обекти ще се появи диалогов прозорец подканващ ви да натиснете бутона Clean & Repair (Почисти & Поправи).
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.

FCuQiuz.png

  • Ако не бъдат открити зарази ще видите следния прозорец:

CWWivYK.png

  • Натиснете бутона Skip Basic Repair (Пропускане на основното поправяне).
  • И в двата случая ако няма открити зарази или ако програмата е почистила такива, стартирайте пак програмата и отидете до табът Log files (Журнални файлове на български, но превода не се събира в интерфейса на програмата и съм докладвал за проблема).
  • Кликнете с двукратен клил на мишката върху лог файла с последната дата и част (новите файлове са най-отдолу в списъка) и публикувайте съдържанието на файла в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря много за съдействието. Определено ще е по-добре, но явно е останало нещо в мозилата...

http://prntscr.com/m9t9wy

Ето с нея какво излезе. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Аз искам да видя лог файла.

В инструкциите е споменато как да се извади лог файла след сканирането и почистването. :)

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здрасти. Опитах се да редактирам снощи публикацията си, но не стана. Историята накратко.

След като минах с adwcleaner и лаптопа го рестартирах, след като се пусна, все едно бях инсталирал всички вируси обратно. Компа бозеше, като търсиш в гугъл ти излизаха първо 10 реклами преди реалното търсене, трагедия. Не знаех какво да правя и взех, че повторих нещата с оная програма и файла и всичко се нормализира. След това инсталирах NOD32 да видя какво се случва. Нода намери 4 заплахи, които премахнах.Не видях как да ги видя... или лог. Но при отваряне на браузера НОД-а блокира постоянно сайтове, потенциални вируси. Бях събрал 30 блокирания за 5 минути с Мозила. Според мен тия вируси се прикачват от сървър или веднага се пускат с браузерите. Явно това дето съм инсталирал е прикачено по някакъв начин към браузерите ми. По някаква причина се връщат. В момента след почистването с НОДА, гледам че не ми изкарва блокирано сайтове, но знае ли човек... Като цяло лиценза ще ми изтече сиа на 29 на НОДА и пак съм на вълците оставен.  Как се преебах само с това, дето инсталирах тогава, не е истина. :)))

Ще дам отново файловете.

Addition.txt

FRST.txt

adwscan.txt

adwclean.txt

 

Edit: Няколко снимки от сега, пак се започна след рестарт на компютъра.

http://prntscr.com/ma4zf9

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Нещо не стана ясно...с коя програма сте минали и са се нормализирали нещата? С FRST? Ама със скрипта или без него, защото ако е без него FRST само сканира и нищо не поправя и няма как това да е оправило проблема. Това говорим за рекламите или за Bitcoinminer-a? Ако миньора се е върнал няма да е добре, но ако са само рекламите, то има просто обяснение. Ако използвате синхронизация на профила си в Mozilla с облака, след почистването на браузъра, заразите (рекламите) ще се върнат от копието в облака. Добре е да спрете временно синхронизацията (ако има такава) докато трае почистването.

Би било добре да покажете и какво е премахнал NOD32 все пак.

Предоставените лог файлове са чисти (поне миньора не се е върнал), но не се вижда и наличие на адуер в системата.

Видях обаче, че използвате доста пиратски софтуер и keygen-и (дори за Malwarebytes) и това не е добра идея, защото те често също са бъкани от зарази.

Как преинсталирахте Mozilla? Върху старата инсталация или премахнахте старата версия и инсталирахте новата?

Пробвахте ли да дадете първо Help => Troubleshooting information => Refresh Firefox... ?

Ако не се оправи от него просто я деинсталирайте например с Revo Uninstaller (като спрете синхронизацията с облака преди това) и я качете наново и вижте дали проблема остава.

Пишете за резултатите.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте. Да, програмите са ми пиратски, инсталирах ги само заради тоя проблем. Най-вероятно ще ги премахна след като им изтекат сроковете и ще търся някакво решение. 

Да, с FRST и файла, дето ми направихте, с него оправих нещата - повторно. 

Преинсталирах ги с унистал просто. И да, четох, че ако имам някаква синрхонизация, връща. Но аз нямам, в Хромето е изключена. Мозилата дори не съм я ползвал много-много.

http://prntscr.com/ma66ok

Ако говориме за това. Щом пише, Включване на синрхонизирането - явно не е включвано. 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не, не трябва да я включвате. Точно трябва да стоят изключени синхронизациите.

Пробвайте да деинсталирате браузърите например с GeekUninstaller и след това ги инсталирайте наново.

Изтеглете програмата GeekUninstaller и я запазете на десктопа.

Разархивирайте я и стартирайте файла geek.exe IxXO5oO.jpg
От списъка намерете Mozilla Firefox и Google Chrome  (примера е за Mozilla Firefox, но това е просто за показно).

Кликнете с десен бутон върху програмата и изберете Uninstall.
 
XhV2QLa.png
 
След края на инсталацията ще се отвори прозорец подканващ ви да премахнете всички остатъци от програмата (ако има такива, ако няма този прозорец няма да се появи):
 
Пример за Mozilla браузъра:

geekuninstaller-3.png

Уверете се, че всички редове са маркирани и натиснете бутона Finish за да изтриете останките от програмата.

Повторете и за Google Chrome и след това ги преинсталирайте.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Току-що я изтрих с нея, но не се появи прозорец. Инсталирах Revo unistaller Pro пробната:

http://prntscr.com/ma6jpt

 

Тя намери някакви остатъци. Трябва ли да маркирам тъмно черните и да дам Delete? Да не оплескам нещо... ;0

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Натиснете Select All и после Delete. Повторете това и за прозореца с файловете (ако се появи такъв).

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Като дам селект алл, то маркира всичко, не само тъмно черните.

http://prntscr.com/ma6qc4

Така ли трябва да стане, да не изтърка и повреди уиндолса? 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, това трябва да стане. Трябва да се изберат всички, не само черните...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Направих го и за Мозила и за Хроме като ги нсталирах отначало. Единственото, което направих е да влеза в гугъл акаунта си през Хроме. 

Нода веднага хвана някакъв сайт и го блокира...

http://prntscr.com/ma6vql

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да проверим за остатъци:

 

СТЪПКА 1

 

Моля изтеглете   Malwarebytes Anti-Malware 3.6.1.2711 Final и я запазете на вашия десктоп.

  • Стартирайте файла mb3-setup-consumer-3.6.1.2711.exe и следвайте указанията за да инсталирате програмата.
  • След като инсталацията приключи програмата ще стартира автоматично.
  • Отидете до табът Settings => Protection > и под категорията Scan Options включете опцията "Scan for rootkits" като преместите плъзгача надясно.

xTvORSF.png

  • Отидете до табът Scan, и изберете Threat Scan и след това натиснете бутона Start Scan.

RUSrqgW.png

  • Ще започне проверка за зловреден софтуер.

4CJ90KI.png

  • При някои инфекции можете да видите съобщението:
  • "Could not load DDA driver"
  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Разрешете на компютъра да се рестартира и след това продължете с останалите инструкции.
  • След като проверката приключи ще се появи списъка с резултатите (ако има намерени обекти). Ако програмата е минимизирана докато сканира ще се появи следното съобщение ако има открити заплахи. Натиснете бутона View Scan Results.

37b.png

  • . Натиснете бутона Quarantine Selected.

2CfXEk1.png

  • Изчакайте да се появи прозореца подканващ ви да рестартирате и след това натиснете бутона Yes.

8Jc9dl9.png

  • След рестарта, стартирайте отново Malwarebytes Anti-Malware.
  • Отидете то табът Reports и отворете лог файла с името Scan Report.

X0ha4sd.png

  • Натиснете бутона Export и след това =>  "Copy to Clipboard"

fE9qzai.png

Сега вече поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.

 

СТЪПКА 2

 

1.Изтеглете Hitman Pro.

За 32-битова система - dEMD6.gif.
За 64-битова система - Download-button3.gif

2.Стартирайте програмата.
3.След като сте стартирали програмата като кликнете върху иконата 5vo5F.jpg и натиснете бутона „Напред“ като се съгласите с лицензионното споразумение (EULA).

4.Сложете отметка пред "Не, искам да завърша еднократно сканиране на компютъра".

5.Натиснете бутона „Напред“.

6.Програмата ще започне да сканира. Времето за сканиране е около 2 минути.

7.След завършване на сканирането от списъка с намерените неща (ако има такива) изберете Apply to all => Ignore.

8.Натиснете "Next" и след това натиснете "Изнеси резултата в XML file" и запазете лог файла на десктопа.

9.Архивирайте файла и го прикачете в следващия си коментар или копирайте съдържанието му в следващия си коментар.
 
Забележка: Ако няма падащо меню, където да изберете ignore както на снимката:
 
6-scanfin-choose.jpg
 
Тогава просто затворете програмата след края на проверката (без да премахвате нищо)...след това отворете C:\Programdata\HitmanPro\Logs, отворете и публикувайте съдържанието на лог файла в следващия си коментар. Пак повтарям, не трийте нищо с програмата, защото е доста мощна и може да бъде опасна!

Забележка: Папката C:\ProgramData е скрита и затова трябва да направите скритите файлове видими по-следния начин:

От My Computer => Tools => Folder Options => View:

Сложете отметка пред "Show hidden files, folders and drives"

и махнете отметката пред "Hide protected operating system files (recommended)".

Натиснете Apply.

Сега проверете за лог файла в папката C:\Programdata\HitmanPro\Logs и го прикачете в следващия си коментар. :)

 

СТЪПКА 3

 

emsisoft_emergency_kit.pnglogo.png

  • Моля изтеглете EmsisoftEmergencyKit, стартирайте exe файла и посочете къде да се разархивира програмата - например в (C:\EEK), натискайки бутона Extract.
  • Стартирайте иконата на файла Start Emsisoft Emergency Kit от десктопа за да стартирате приложението.
  • Натиснете бутона"Yes", когато бъдете подканени да обновите дефинициите на програмата.
  • След като процеса по обновяването на дефинициите приключи натиснете бутона "Scan".
  • Натиснете бутона "Yes", когато бъдете попитани дали да програмата да включи засичането на потенциално нежелани приложения (Potentially Unwanted Applications).
  • Сега вече изберете бутона Custom Scan. Премахнете от списъка всички дялове без C:\ (т.е. нека да остане само дял C:\ в списъка).
  • Натиснете Next за да започне проверката.
  • Когато проверката приключи натиснете бутона View Report.
  • Копирайте съдържанието на лог файла в следващия си коментар.

 

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Така. Malwarebyes не намери нищо, освен че ми блокираше някакви сайтове от уторента. Прикачил съм файл за него и за другите, като с последната стъпка дадох направи Изтрий, защото тия файлове ги знам и не ми трябват.

Emisoft.txt

HitmanPro_20190121_2017.log

utorrent.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Duclos
      Здравейте,
      преди ден антивирусната ми програма непрекъснато даваше известия за троянец, който се опитва да се свърже - "Website Blocked Due to Trojan". При сканиране обаче, не се откриваше нищо. При днешното пускане на компютъра забелязах, че работи изключи бавно, непрекъснато забива и т.н. Пробвах да сканирам - антивирусната отказа да стартира. Когато цъкна рестарт всeки път излиза съобщение "Preparing to configure your computer", и отново лаптопът работи видимо затруднено.
      Нямам диск за операционна система, по-долу съм прикачил файловете от сканирането с Farbar.
       
      FRST.txt Addition.txt
    • от Mohito
      Здравейте,
      от известно време се появи следния проблем - малко след зареждането на Windows 8.1, започва самоволно стартиране на браузъра по подразбиране, като се отварят по 4-5 прозореца, а понякога и по повече. Прегледах някои теми за сходни проблеми във форума и трябва да отбележа една съществена разлика - при мен браузера се стартира с началния си екран и НЕ тръгва да зарежда някаква страница в интернет... просто си стои на началната страница и стартира още прозорци.
      След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис: "How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store.
      Други неща, които се случват: отваряне на десния панел на десктопа на секцията "Search", превключване м/у различни отворени прозорци, отваряне на нови табове при работещ браузър, обхождане на менютата на отворени прозорци, и всичко това придружено със звуков сигнал (бибкане).
      До момента сканирано с:
      - Windows defender;
       - Kasperski Free;
      - Dr. Web;
      - Malwarebytes... и всички казват, че системата е чиста...
      Това е в общи линии. Прилагам резултатите от FRST, благодаря предварително
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
      Ran by Kire (administrator) on KIRE-PC (04-03-2019 11:39:00)
      Running from C:\Users\Kire\Desktop
      Loaded Profiles: Kire (Available Profiles: Kire)
      Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)
      Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1"
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
      (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
      (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
      (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
      (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
      (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
      (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera_crashreporter.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
      (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
      HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed]
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
      Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21]
      ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94
      Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94
      Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4
      Internet Explorer:
      ==================
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
      HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
      BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
      FireFox:
      ========
      FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21]
      FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
      Chrome: 
      =======
      CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
      CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD)
      R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
      S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
      S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
      R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
      R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
      R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd)
      R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
      R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
      R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
      R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
      S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
      R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
      S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
      S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
      R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
      S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
      S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
      S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
      S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
      S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One month (created) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-04 11:39 - 2019-03-04 11:39 - 000016906 _____ C:\Users\Kire\Desktop\FRST.txt
      2019-03-04 11:38 - 2019-03-04 11:39 - 000000000 ____D C:\FRST
      2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe
      2019-02-24 16:56 - 2019-02-24 16:56 - 000072864 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2019-02-24 16:55 - 2019-02-24 16:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2019-02-24 16:55 - 2019-02-24 16:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2019-02-24 16:55 - 2019-02-24 16:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner
      2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt
      2019-02-24 16:32 - 2019-02-24 16:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2019-02-24 16:32 - 2019-02-24 16:32 - 000001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray
      2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam
      2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2019-02-24 16:32 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
      2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\ProgramData\Malwarebytes
      2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
      2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt
      2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss
      2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg
      2019-02-21 23:44 - 2019-02-22 00:56 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
      2019-02-21 23:44 - 2019-02-21 23:44 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2019-02-21 23:44 - 2019-02-21 23:44 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2019-02-21 23:44 - 2019-02-21 23:44 - 000000000 ____D C:\Program Files\CCleaner
      2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe
      2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk
      2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt
      2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET
      2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe
      2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure
      2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART
      2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe
      2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure
      2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
      2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
      2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
      2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV
      2019-02-21 20:26 - 2019-03-04 11:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab
      2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
      2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
      2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
      2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
      2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
      2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
      2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
      2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
      2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
      2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe
      2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web
      2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web
      2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe
      2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
      2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
      2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
      2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
      2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
      2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
      2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
      2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
      2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
      2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls
      2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
      2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
      2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls
      ==================== One month (modified) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-04 11:38 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC
      2019-03-03 19:04 - 2016-04-14 13:11 - 000003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1460632245
      2019-03-03 19:04 - 2016-04-14 13:10 - 000000000 ____D C:\Program Files (x86)\Opera
      2019-02-26 21:35 - 2016-04-11 17:51 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001
      2019-02-26 20:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
      2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe
      2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
      2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
      2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
      2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC
      2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer
      2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite
      2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent
      2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump
      2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther
      2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent
      2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
      2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
      2019-02-20 02:39 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire
      2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
      2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
      2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT
      2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages
      ==================== Files in the root of some directories =======
      2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\dllhost.exe => File is digitally signed
      C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-03-03 19:14
      ==================== End of FRST.txt ============================
       
      Addition.txt
    • от Toli Neli Ani
      All processes killed
      Error: Unable to interpret <:filesc:usersArdorAppDataRoamingOBSwnms.exe:reg[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]"System Driver"=-:commands[emptytemp]> in the current context!
       
      OTL by OldTimer - Version 3.2.69.0 log created on 02152019_120135
      Files\Folders moved on Reboot...
      PendingFileRenameOperations files...
      Registry entries deleted on Reboot...
       
    • от helloooovarna
      компютъра ми пише сам 100 процента е вирус , преинсталирах го проблема си остава, ако някой знае решение на проблема благодаря     ето това  прави ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ до като не натисна някой клавиш и след малко пак. аз нямам такова "И" в клавиатурата "Ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ"Ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ'ѝ''ѝ'''''ѝ' сега забелязах че когато сложа кавички започва "ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ благодаря
    • от porata
      Добър ден, искам да попитам дали не съм се заразил с някоя гадинка тъй като от около седмица пц-то работи доста бавно,като дори когато в момента пиша това и натисна дясно копче върху самият сайт то отворения прозорец остава така замазан на екрана както и ако отворя някоя друга програма върху сайта или друг няма значение.
      Дали случайно не съм се напълнил с гадинки или просто лин-а е просто за преинсталация и е доста намазан ?



       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019
      Ran by GAMEPC (administrator) on GAMEPC-PC (10-02-2019 12:37:44)
      Running from C:\Users\GAMEPC\Downloads
      Loaded Profiles: GAMEPC (Available Profiles: GAMEPC)
      Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [2362248 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [37073480 2019-01-30] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-03] (Spotify AB -> Spotify Ltd)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc -> Google Inc.)
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 94.72.140.1
      Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)
      FireFox:
      ========
      FF DefaultProfile: mrpwyf7s.default
      FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2019-01-31]
      FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02]
      FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg
      FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\uBlock0@raymondhill.net.xpi [2019-01-31]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
      FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
      FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
      Chrome: 
      =======
      CHR StartupUrls: Default -> "hxxp://google.bg/"
      CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2019-02-10]
      CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
      CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08]
      CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
      CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-01-23]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08]
      CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
      Opera: 
      =======
      OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-12-20]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-01-31] (BattlEye Innovations e.K. -> )
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd)
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
      S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru)
      S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation)
      R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed]
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
      S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
      R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
      R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
      R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
      R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd)
      R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd)
      R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [13287800 2019-02-01] (FACE IT LIMITED -> )
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm))
      S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
      S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
      R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
      R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
      S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One month (created) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-02-10 12:37 - 2019-02-10 12:38 - 000016274 _____ C:\Users\GAMEPC\Downloads\FRST.txt
      2019-02-10 12:37 - 2019-02-10 12:37 - 002434048 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe
      2019-02-10 12:37 - 2019-02-10 12:37 - 000000000 ____D C:\FRST
      2019-02-09 10:46 - 2019-02-09 10:46 - 008736903 _____ C:\Users\GAMEPC\Downloads\5. Курве.mp4
      2019-02-08 23:47 - 2019-02-08 23:47 - 000004811 _____ C:\Users\GAMEPC\Downloads\niko.zip
      2019-02-08 03:03 - 2019-02-08 03:03 - 067321320 _____ (Electronic Arts) C:\Users\GAMEPC\Downloads\ApexLegendsInstaller.exe
      2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS.torrent
      2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS (1).torrent
      2019-02-06 13:10 - 2019-02-06 13:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber
      2019-02-05 14:41 - 2019-02-05 14:41 - 014648464 _____ (Microsoft Corporation) C:\Users\GAMEPC\Downloads\vc_redist.x86.exe
      2019-02-04 20:49 - 2019-01-30 22:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
      2019-02-04 20:47 - 2019-02-04 20:49 - 000000000 ____D C:\Windows\LastGood
      2019-02-04 20:45 - 2019-02-01 23:36 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
      2019-02-04 20:45 - 2019-02-01 23:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 000551920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
      2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
      2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo.exe
      2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
      2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo.exe
      2019-02-04 20:45 - 2019-02-01 03:41 - 071470016 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 040344024 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 030021616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 020887352 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 020409840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
      2019-02-04 20:45 - 2019-02-01 03:41 - 001463952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 001129368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 000631440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 000419832 _____ C:\Windows\system32\nvofapi64.dll
      2019-02-04 20:45 - 2019-02-01 03:41 - 000368808 _____ C:\Windows\SysWOW64\nvofapi.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 040235096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 004868080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 004339616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 002030736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 001533936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll
      2019-02-04 20:45 - 2019-02-01 03:40 - 000497056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 035477392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 031989600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 029985200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 021206192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 020096416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 017616432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 009254488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 001168936 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000914912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000524248 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000450648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000419776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000182040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000163184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000159480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
      2019-02-04 20:45 - 2019-02-01 03:39 - 000141568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
      2019-02-04 20:45 - 2019-02-01 03:38 - 017424680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2019-02-04 20:45 - 2019-02-01 03:38 - 004311968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
      2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\system32\nv-vk64.json
      2019-02-04 00:33 - 2019-02-04 00:33 - 000016205 _____ C:\Users\GAMEPC\Downloads\Beautiful.Creature.2013.BRRip.XviD.AC3.BGAUDiO-SiSO&QT.torrent
      2019-02-02 19:10 - 2019-02-02 19:10 - 000032425 _____ C:\Users\GAMEPC\Downloads\Speed.2.1997.DVDRip.XviD.BGAUDiO-ZmN.torrent
      2019-02-02 19:09 - 2019-02-02 19:09 - 000056272 _____ C:\Users\GAMEPC\Downloads\Speed 2 (1997)[DVDRip].torrent
      2019-01-31 21:58 - 2019-01-31 21:58 - 000061719 _____ C:\Users\GAMEPC\Downloads\ggirl_din.(subs.sab.bz).rar
      2019-01-31 21:58 - 2019-01-31 21:58 - 000012712 _____ C:\Users\GAMEPC\Downloads\Gone.Girl.2014.576p.BRRip.x265-DiN.torrent
      2019-01-30 22:43 - 2019-01-30 22:43 - 000023223 _____ C:\Users\GAMEPC\Downloads\The.Call.2013.720p.BluRay.x264_SPARKS.(subs.sab.bz).zip
      2019-01-30 22:43 - 2019-01-30 22:43 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR (1).torrent
      2019-01-30 22:41 - 2019-01-30 22:41 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR.torrent
      2019-01-30 22:22 - 2019-01-30 22:22 - 000028835 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.DC.2004.720p.HDDVD.x264_ESiR.(subs.sab.bz).zip
      2019-01-30 22:22 - 2019-01-30 22:22 - 000019710 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.2004.DC.BRRip.x264.AAC-WAR.torrent
      2019-01-29 20:26 - 2019-01-29 20:26 - 000029511 _____ C:\Users\GAMEPC\Downloads\The_Cloverfield_Paradox.2018.HDRip.XViD_ETRG.(subs.sab.bz).zip
      2019-01-29 20:26 - 2019-01-29 20:26 - 000008066 _____ C:\Users\GAMEPC\Downloads\The.Cloverfield.Paradox.2018.HDRip.XviD.AC3-EVO.torrent
      2019-01-29 20:22 - 2019-01-29 20:22 - 000029721 _____ C:\Users\GAMEPC\Downloads\tucker.and.dale.vs.evil.2010.bluray.720p.dts.x264-chd(subsunacs.net).rar
      2019-01-29 20:21 - 2019-01-29 20:21 - 000014671 _____ C:\Users\GAMEPC\Downloads\Tucker.And.Dale.vs.Evil.2010.BRRip.XviD-DiN.torrent
      2019-01-29 20:11 - 2019-01-29 20:11 - 000014405 _____ C:\Users\GAMEPC\Downloads\Predators.2010.DVDRip.XviD.BG.AUDIO-BDB.torrent
      2019-01-29 20:03 - 2019-01-29 20:03 - 000011568 _____ C:\Users\GAMEPC\Downloads\Pandorum.2008.1080p.BluRay.H264.AAC.Dual Audio-ASA.torrent
      2019-01-29 19:56 - 2019-01-29 19:56 - 000015401 _____ C:\Users\GAMEPC\Downloads\Abraham.Lincoln.Vampire.Hunter.2012.480p.BDRip.x264.DUAL-SLSS.torrent
      2019-01-29 19:55 - 2019-01-29 19:55 - 000027007 _____ C:\Users\GAMEPC\Downloads\cocaine.godmother.2017.720p.webrip.x264-yts.am(subsunacs.net).rar
      2019-01-29 19:55 - 2019-01-29 19:55 - 000013125 _____ C:\Users\GAMEPC\Downloads\Cocaine.Godmother.2017.WEBRip.x265-DiN.torrent
      2019-01-29 17:26 - 2019-01-29 17:26 - 000014876 _____ C:\Users\GAMEPC\Downloads\api-ms-win-crt-runtime-l1-1-0.dll_85.rar
      2019-01-28 17:46 - 2019-01-28 17:46 - 000017617 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.720p.BluRay.x264_DON.(subs.sab.bz).rar
      2019-01-28 17:46 - 2019-01-28 17:46 - 000014588 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.BDRp.XviD.AC3-WAR.torrent
      2019-01-28 00:46 - 2019-01-28 00:46 - 000014403 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi (1).torrent
      2019-01-28 00:02 - 2019-01-28 00:02 - 000033323 _____ C:\Users\GAMEPC\Downloads\top.gear.at.the.movies.2011.bdrip.xvid-taste(subsunacs.net).rar
      2019-01-28 00:02 - 2019-01-28 00:02 - 000014764 _____ C:\Users\GAMEPC\Downloads\Top.Gear.At.The.Movies.2011.BDRip.XviD-TASTE.torrent
      2019-01-28 00:02 - 2019-01-28 00:02 - 000014423 _____ C:\Users\GAMEPC\Downloads\Top.Gear.S14E06.DVBRip.XviD.BGAudio.torrent
      2019-01-28 00:02 - 2019-01-28 00:02 - 000011585 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Great.African.Adventure.2013.720p.BluRay.x264.torrent
      2019-01-28 00:00 - 2019-01-28 00:00 - 000036810 _____ C:\Users\GAMEPC\Downloads\Top_Gear_India_Special.(subs.sab.bz).rar
      2019-01-27 23:59 - 2019-01-27 23:59 - 000014401 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi.torrent
      2019-01-26 04:50 - 2019-01-26 04:50 - 000011416 _____ C:\Users\GAMEPC\Downloads\Top Gear - Burma Special.torrent
      2019-01-26 04:47 - 2019-01-26 04:47 - 000020539 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Worst.Car.In.The.History.Of.The.World.2012.720p.BluRay.x264.torrent
      2019-01-25 04:45 - 2019-01-25 04:45 - 000016631 _____ C:\Users\GAMEPC\Downloads\Top Gear - Season 16.torrent
      2019-01-23 23:26 - 2019-01-23 23:26 - 000000219 _____ C:\Users\GAMEPC\Desktop\Counter-Strike Global Offensive.url
      2019-01-20 15:34 - 2019-01-20 15:34 - 000094134 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x08.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000092379 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x07.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000086708 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x06.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000067819 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x10.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000063437 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x09.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000055727 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x05.(subs.sab.bz).zip
      2019-01-20 15:34 - 2019-01-20 15:34 - 000051267 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x11.(subs.sab.bz).zip
      2019-01-19 22:51 - 2019-01-19 22:51 - 000000222 _____ C:\Users\GAMEPC\Desktop\DiRT 3 Complete Edition.url
      2019-01-19 17:40 - 2019-01-19 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      2019-01-18 18:47 - 2019-01-18 18:47 - 000091478 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x04.(subs.sab.bz).zip
      2019-01-18 18:46 - 2019-01-18 18:47 - 000104011 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E02.(subs.sab.bz).zip
      2019-01-18 18:46 - 2019-01-18 18:47 - 000086312 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x03.(subs.sab.bz).zip
      2019-01-18 18:46 - 2019-01-18 18:46 - 000101264 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E01.(subs.sab.bz).zip
      2019-01-18 18:45 - 2019-01-18 18:45 - 000038914 _____ C:\Users\GAMEPC\Downloads\The.Grand.Tour.S02.WEBRip.X264-Mixed.torrent
      2019-01-18 18:43 - 2019-01-18 18:43 - 000028976 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_Goosebumps.2.Haunted.Halloween.2018.720p.BluRay.H264.AAC-RARBG.rar
      2019-01-18 18:42 - 2019-01-18 18:42 - 000014612 _____ C:\Users\GAMEPC\Downloads\Goosebumps.2.Haunted.Halloween.2018.BRRip.XViD-ETRG.torrent
      2019-01-18 17:30 - 2019-01-18 17:36 - 032841688 _____ C:\Users\GAMEPC\Downloads\masturbira pred kamera.flv
      2019-01-18 17:30 - 2019-01-18 17:32 - 011506791 _____ C:\Users\GAMEPC\Downloads\Bulgarian teen girl selfshot her orgasm - xHamster.com.flv
      2019-01-18 17:29 - 2019-01-18 17:50 - 196627499 _____ C:\Users\GAMEPC\Downloads\Тийнейджърка.mkv
      2019-01-18 17:27 - 2019-01-18 17:28 - 021624320 _____ C:\Users\GAMEPC\Downloads\Maria Bratoeva - Ruse.avi
      2019-01-18 17:27 - 2019-01-18 17:27 - 003177723 _____ C:\Users\GAMEPC\Downloads\Cumming on my girlfriend's tits and face - xHamster.com.flv
      2019-01-18 17:27 - 2019-01-18 17:27 - 001862496 _____ C:\Users\GAMEPC\Downloads\SEX Denica Stoqnova .3gp
      2019-01-18 17:27 - 2019-01-18 17:27 - 000215130 _____ C:\Users\GAMEPC\Downloads\Seks v kenefa.3gp
      2019-01-18 17:13 - 2019-01-18 17:23 - 096802616 _____ C:\Users\GAMEPC\Downloads\PUTIBG_9-2. от Асеновград пред камератаvideo (1).flv
      2019-01-18 14:31 - 2019-01-18 14:31 - 000003476 _____ C:\Users\GAMEPC\Downloads\d2c4a999-a7cb-4247-957e-b682f76cd2ea-profile_image-70x70.jpeg
      2019-01-18 00:46 - 2019-01-18 00:46 - 000000218 _____ C:\Users\GAMEPC\Desktop\Counter-Strike.url
      2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina.avi
      2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina (1).avi
      2019-01-17 16:57 - 2019-01-17 16:57 - 007733248 _____ C:\Users\GAMEPC\Downloads\Mimi Kavarna.3gp
      2019-01-16 15:51 - 2019-01-16 15:51 - 002824729 _____ C:\Users\GAMEPC\Downloads\IMG_2378.MOV
      2019-01-15 17:01 - 2019-01-12 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll
      2019-01-15 17:00 - 2019-01-12 06:01 - 002018184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll
      2019-01-15 17:00 - 2019-01-12 06:01 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll
      2019-01-13 21:23 - 2019-01-13 21:23 - 000016563 _____ C:\Users\GAMEPC\Downloads\The.Hangover.Part.II.2011.BDRip.XviD.AC3.DUAL-REFLUX.torrent
      2019-01-13 21:17 - 2019-01-13 21:17 - 000014673 _____ C:\Users\GAMEPC\Downloads\Accepted[2006]DvDrip[Eng]-aXXo.torrent
      2019-01-13 21:09 - 2019-01-13 21:09 - 000014129 _____ C:\Users\GAMEPC\Downloads\The.Social.Network.2010.BDRip.XviD.AC3.BGAUDiO-SiSO.torrent
      2019-01-11 01:57 - 2019-01-11 21:58 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PokerStars.BG
      2019-01-11 01:57 - 2019-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG
      2019-01-11 01:57 - 2019-01-11 01:57 - 000002008 _____ C:\Users\GAMEPC\Desktop\PokerStars.bg.lnk
      2019-01-11 01:57 - 2019-01-11 01:57 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.BG
      2019-01-11 01:56 - 2019-01-11 01:56 - 002174984 _____ (Rational Intellectual Holdings Ltd.) C:\Users\GAMEPC\Downloads\PokerStarsInstallBG.exe
      ==================== One month (modified) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-02-10 12:25 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
      2019-02-10 12:25 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA
      2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-02-10 01:24 - 2017-09-19 22:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client
      2019-02-09 17:55 - 2019-01-09 00:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify
      2019-02-09 17:37 - 2019-01-09 00:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify
      2019-02-09 10:55 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC
      2019-02-07 15:31 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera
      2019-02-07 01:05 - 2018-04-14 10:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Ubisoft Game Launcher
      2019-02-07 00:01 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent
      2019-02-05 14:13 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA
      2019-02-04 20:50 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2019-02-04 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2019-02-04 20:49 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2019-02-04 20:46 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2019-02-03 18:42 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps
      2019-02-01 23:36 - 2017-09-08 12:19 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
      2019-02-01 21:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-02-01 21:19 - 2018-12-29 22:14 - 013287800 _____ C:\Windows\system32\Drivers\FACEIT.sys
      2019-02-01 03:40 - 2017-09-08 12:22 - 037286456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
      2019-02-01 03:39 - 2017-09-08 13:02 - 000506208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
      2019-02-01 03:38 - 2017-09-08 13:02 - 004868928 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2019-01-31 22:19 - 2018-12-29 22:14 - 000000000 ____D C:\Program Files\FACEIT AC
      2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2019-01-31 15:01 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla
      2019-01-31 08:26 - 2017-09-08 12:21 - 000046936 _____ C:\Windows\system32\nvinfo.pb
      2019-01-31 08:26 - 2017-09-08 12:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
      2019-01-30 22:09 - 2017-09-08 13:03 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2019-01-30 22:09 - 2017-09-08 13:03 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2019-01-30 15:15 - 2017-09-08 13:03 - 008488852 _____ C:\Windows\system32\nvcoproc.bin
      2019-01-29 17:21 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads
      2019-01-26 16:03 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2019-01-25 16:58 - 2018-08-04 01:57 - 000000000 ____D C:\ProgramData\TruckersMP
      2019-01-21 14:28 - 2017-09-26 23:48 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ElevatedDiagnostics
      2019-01-19 23:47 - 2018-07-27 17:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
      2019-01-19 23:47 - 2018-07-27 17:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
      2019-01-19 23:47 - 2018-07-27 17:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
      2019-01-19 23:47 - 2018-07-27 17:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
      2019-01-19 17:40 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype
      2019-01-19 17:40 - 2017-09-08 12:39 - 000001318 _____ C:\Users\Public\Desktop\Skype.lnk
      2019-01-19 17:40 - 2017-09-08 12:39 - 000000000 ____D C:\ProgramData\Skype
      2019-01-19 17:39 - 2017-09-08 12:39 - 000000000 ___RD C:\Program Files (x86)\Skype
      2019-01-12 02:01 - 2017-09-08 13:02 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\SET3358.tmp
      2019-01-12 02:01 - 2017-09-08 12:22 - 036884408 _____ (NVIDIA Corporation) C:\Windows\system32\SET39DF.tmp
      2019-01-12 01:59 - 2017-09-08 13:02 - 004850072 _____ (NVIDIA Corporation) C:\Windows\system32\SETE88.tmp
      ==================== Files in the root of some directories =======
      2018-12-17 20:42 - 2018-12-23 18:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2019-01-29 04:11 - 2019-01-29 04:11 - 000000196 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
      2019-01-02 23:12 - 2019-01-06 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\25bac1013fc49581f9f82c556d27f9bb.dll
      2019-01-29 04:11 - 2019-02-09 21:58 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\d92b9ce5f9f41a6d518fdcbc62bd3532.dll
      2019-01-15 17:01 - 2019-01-11 11:31 - 000397520 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe
      2019-01-19 17:38 - 2019-01-19 17:39 - 062928040 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\dllhost.exe => File is digitally signed
      C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-02-02 06:31
      ==================== End of FRST.txt ============================











       
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019
      Ran by GAMEPC (10-02-2019 12:38:44)
      Running from C:\Users\GAMEPC\Downloads
      Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01)
      Boot Mode: Normal
      ==========================================================

      ==================== Accounts: =============================
      Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled)
      GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC
      Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled)
      ==================== Security Center ========================
      (If an entry is included in the fixlist, it will be removed.)
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      ==================== Installed Programs ======================
      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
      Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
      Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
      ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.)
      CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
      CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking)
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
      DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden
      Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
      Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
      FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
      FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
      GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation)
      Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 71.0.3578.98 - Google, Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
      Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
      Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
      Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
      Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
      Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
      Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
      Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
      Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
      Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
      Mozilla Firefox 64.0.2 (x64 bg) (HKLM\...\Mozilla Firefox 64.0.2 (x64 bg)) (Version: 64.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
      NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
      NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
      NVIDIA 3D Vision Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
      NVIDIA Graphics Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation)
      NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
      NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
      OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
      Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
      PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version:  - PokerStars.bg)
      PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.)
      PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.)
      qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
      Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
      Skype, версия 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
      Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB)
      StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
      TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
      Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
      Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden
      Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.)
      Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
      WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
      ==================== Custom CLSID (Whitelisted): ==========================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
      ==================== Scheduled Tasks (Whitelisted) =============
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      Task: {1EC5AF9E-5A52-4FE5-A2E8-539165748CC5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
      Task: {3216E845-2829-4DBE-AA88-3252ACB814DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0
      Task: {47FB829C-5030-4A81-8AE1-E19E047EF8CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {593E836D-18E7-4C3A-A10E-E739556F42F1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.)
      Task: {82C47114-5EDD-46D5-95B9-AA03FCB16F9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {94F3AB4C-229D-4981-8100-F63CF93E0D45} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
      Task: {96F1B500-22FF-4448-9D51-718DA940360E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {9D60B4F8-D682-4540-9CBB-BBA043460DF1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
      Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
      Task: {A95A63BB-59FF-4E60-A4BC-C4AF14655608} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {B7BAE40D-B03C-4ABB-BBB5-9C26431B4B11} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
      Task: {CB523FAF-057C-440F-B17F-8A36BBB5394E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
      Task: {F77C5DF3-2A9F-4C58-909F-C3F4DFDE4752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
      Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.)
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      ==================== Shortcuts & WMI ========================
      (The entries could be listed to be restored or removed.)

      Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic
      Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic
      ==================== Loaded Modules (Whitelisted) ==============
      2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
      2018-05-24 21:15 - 2018-12-06 12:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2018-08-29 01:53 - 2018-12-06 01:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
      2018-08-29 01:53 - 2018-11-20 02:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
      2018-08-29 01:53 - 2018-11-20 02:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
      2018-08-29 01:53 - 2018-11-20 02:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
      2018-12-12 21:53 - 2018-12-12 07:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll
      2018-12-12 21:53 - 2018-12-12 07:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll
      2017-09-08 13:04 - 2018-12-06 12:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-09-23 17:44 - 2018-12-06 01:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
      2017-09-23 17:44 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
      2017-09-23 17:44 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
      2017-09-23 17:44 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
      2017-09-23 17:44 - 2019-02-02 19:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
      2017-12-14 10:20 - 2018-11-05 20:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
      2017-12-14 10:20 - 2018-11-05 20:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
      2017-12-14 10:20 - 2018-11-05 20:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
      2017-12-14 10:20 - 2018-11-05 20:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
      2017-12-14 10:20 - 2018-11-05 20:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
      2017-09-23 17:44 - 2019-02-02 19:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
      2017-09-23 17:43 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
      ==================== Alternate Data Streams (Whitelisted) =========
      (If an entry is included in the fixlist, only the ADS will be removed.)
      AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
      AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
      ==================== Safe Mode (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      ==================== Association (Whitelisted) ===============
      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      ==================== Internet Explorer trusted/restricted ===============
      (If an entry is included in the fixlist, it will be removed from the registry.)
      IE trusted site: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\hola.org -> hxxp://hola.org
      ==================== Hosts content: ===============================
      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
      2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

      ==================== Other Areas ============================
      (Currently there is no automatic fix for this section.)
      HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 94.72.140.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.
      ==================== MSCONFIG/TASK MANAGER disabled items ==
      If an entry is included in the fixlist, it will be removed.
      MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe"
      MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
      MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      ==================== FirewallRules (Whitelisted) ===============
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
      FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
      FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
      FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
      FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
      FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
      FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
      FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
      FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File
      FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File
      FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
      FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
      FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
      FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
      FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe ()
      FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe ()
      FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe ()
      FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe ()
      FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited)
      FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited)
      FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe ()
      FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe ()
      FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts)
      FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts)
      FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
      FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
      FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
      FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
      FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation)
      FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation)
      FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
      FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
      FirewallRules: [{0E47D0AA-C664-4226-B706-39D5D9E15552}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
      FirewallRules: [{0FE9DEBC-25B9-4A7D-A2B1-D61EE33E7F27}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
      FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File
      FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File
      FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File
      FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File
      FirewallRules: [{CE4CC83D-33DB-4941-B63E-839395BEF26D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
      FirewallRules: [{62B0C736-3662-4965-ABCF-C095480B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
      FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
      FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
      FirewallRules: [{12A4A27A-BB67-48E9-9C50-3BFF7FAFB778}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
      FirewallRules: [{AEEB531B-9796-4704-ACF2-4D21152475BF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
      FirewallRules: [{7F3749E0-59C1-4422-B6F5-FB6E3727295D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
      FirewallRules: [{60F8D80B-FA92-4B64-93F5-05A4F7DADF00}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
      FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
      FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
      FirewallRules: [{3AE125A7-E2F2-4264-9007-75C3A531B173}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
      FirewallRules: [{9CB2E9CF-4CF5-4270-90C8-708DF5C9EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{5DDB721B-805F-4405-9439-CF48D05CD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{FBCDCF18-DF9A-480D-8245-D45ACCBABE9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{38AC95F2-BD01-4E8B-9093-31663D8E317A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
      FirewallRules: [{458841A3-2771-481D-884C-B7930C379C97}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
      FirewallRules: [{235BAD27-D13D-420B-8B97-7A919F070DAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
      FirewallRules: [{13789DD3-E1EC-4822-B391-E7109AE3CC48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
      FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
      FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
      FirewallRules: [{BC1B52E7-C2B8-4017-8791-69B710F1CCBB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
      FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
      FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
      FirewallRules: [{EF08AF4C-3154-4DAB-BCE6-F39115FD1EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
      FirewallRules: [{DFBF8C13-3341-468F-9043-C61EE1DF2608}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
      FirewallRules: [{64832D58-8D2F-49F2-9821-FC19B1E90DA6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
      FirewallRules: [{26B327D5-AC62-4B35-9E8A-241677C45E6B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
      FirewallRules: [{17F7F489-79F0-4B1E-8C40-2AE2479A4164}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited)
      FirewallRules: [{12452DC3-0184-4D50-9874-AFEDEF2EFAA9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited)
      FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
      FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
      FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
      FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
      FirewallRules: [{6E404A41-222B-4F61-937B-39B8D0A5BE40}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{394ABFE5-D758-4C24-B451-12FE329ECF53}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{CAB0B3BC-BD97-4B9F-AD34-4EA3FD6A653B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      FirewallRules: [{D1AE7604-9B6C-4322-8475-D1AC1B29A431}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
      ==================== Restore Points =========================
      01-02-2019 16:11:32 Планирана контролна точка
      09-02-2019 15:07:59 Планирана контролна точка
      ==================== Faulty Device Manager Devices =============
      Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
      Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Qualcomm Atheros
      Service: L1C
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

      ==================== Event log errors: =========================
      Application errors:
      ==================
      Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/08/2019 04:45:30 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/08/2019 04:45:29 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.
      Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe".
      Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
      Please use sxstrace.exe for detailed diagnosis.

      System errors:
      =============
      Error: (02/09/2019 11:34:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: The following fatal alert was received: 20.
      Error: (02/09/2019 02:59:26 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: The following fatal alert was received: 20.
      Error: (02/06/2019 08:56:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
      Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга eventlog.
      Error: (02/05/2019 07:09:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: The following fatal alert was received: 20.
      Error: (02/04/2019 09:08:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: 
      Изпълним файл за обща команда върна резултат, показващ грешка.
      Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
      Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: Услуга NVIDIA LocalSystem Container прекъсна със следната грешка: 
      Изпълним файл за обща команда върна резултат, показващ грешка.
      Error: (02/03/2019 01:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: 
      Услугата не отговори навреме на искане за стартиране или управление.

      ==================== Memory info =========================== 
      Processor: AMD FX-8320E Eight-Core Processor 
      Percentage of memory in use: 41%
      Total physical RAM: 8189.54 MB
      Available physical RAM: 4811.05 MB
      Total Virtual: 16377.26 MB
      Available Virtual: 11050.03 MB
      ==================== Drives ================================
      Drive c: () (Fixed) (Total:150 GB) (Free:70.97 GB) NTFS
      Drive d: () (Fixed) (Total:781.41 GB) (Free:323.18 GB) NTFS
      \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
      ==================== MBR & Partition Table ==================
      ========================================================
      Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05)
      ==================== End of Addition.txt ============================
  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване