Премини към съдържанието

Препоръчан отговор


Здравейте на всички! Ще гледам да съм максимално кратък и ще карам направо. Както виждате от заглавието на темата имам проблем с Хромиум. Като цяло проблемът ми е доста сходен с този : https://www.kaldata.com/forums/topic/270658-след-зареждане-на-windows-се-стартира-chromium/ . Същата работа е при мен. Преди около седмица си изтеглих BS Player, и от тогава се появи и този Chromium. BS Player-ът го изтеглих баш от сайта им, не от някакво измислено място, но явно и от там няма гаранция. Както и да е. Всеки път като се включи компютъра, било то след рестарт, или обикновено включване (това е само след пълно изключване на компютъра, когато го включа след "режим на готовност", този проблем го няма) веднага ми отваря Chromium и по-точно раздела history. На пръв поглед е все едно гледам Chrome, но не е. Отначало когато за пръв път се появи имаше историята от Chrome + каквито видео файлове съм пускал. Примерно влизал съм в еди си кой сайт, гледал съм еди си кой филм. Помъчих се да го деинсталирам обаче не става (ще приложа снимки какво точно ми излиза). blob.thumb.png.642792b19fa97cf0449fb0e65aef86c4.png

След като щракна върху Промени/премахни, пък ми излиза това: blob.thumb.png.7c608508e35f2593b8ced2850cdcfdaa.png

 И така до безкрайност. Писах "Chromium" в търсачката на компютъра (едно кученце). То търси, търси, чете някакви книжки, гледа с една лупа и накрая ми показа къде стоят файловете на този ми ти Chromium. Изтрих ги, нямаше никакъв ефект. После с Ctrl+alt+del влязох в "Процеси" и от там изтрих редовете на които пишеше chromium.exe. Тук беше и най-големият ми напредък, щото историята от Chrome + видео файловете отваряни откакто този компютър е станал компютър ги нямаше. Обаче остана това, че всеки път като включа компютъра и ми изкача нов прозорец в Chromium, ами освен това усещам как ми бави и самият Chrome - той е браузърът ми по подразбиране. Само да вметна, деинсталирах BS Player, Google Chrome, Mozilla Firefox, Avast също махнах за малко, барем се оправи, но не постигнах желаният от мен ефект. В темата която постнах по-горе от човека със същия проблем, пробвах да изтегля препоръчаният му fixlist, обаче ми дава грешка в страницата. Аз даже първо мислех, да си постна проблема там като коментар, ама викам айде да не спамя на човека темата, по-добре сякаш да отворя нова. Пък ако модераторите решат, че темата ми нещо е извън правилата, моля да бъда извинен за невежеството си. Та общо взето това е, бих се радвал на всякаква помощ. Лека вечер от мен!

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 11 часа, Stoyannnov написа:

 

Благодаря Серьожка! Изтеглих това от темата която ми даде, само че не разбрах дали 32 или 64 да изтегля и заложих на 32. Пък ако е трябвало 64 ще повторя процедурата. Сега ще постна txt. файловете.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by PC (administrator) on ACER-71A12AA9FA (06-02-2019 11:27:15)
Running from C:\Documents and Settings\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINXP\system32\smss.exe
(Microsoft Corporation) C:\WINXP\system32\csrss.exe
(Microsoft Corporation) C:\WINXP\system32\winlogon.exe
(Microsoft Corporation) C:\WINXP\system32\services.exe
(Microsoft Corporation) C:\WINXP\system32\lsass.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\explorer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINXP\system32\spoolsv.exe
(Intel Corporation) C:\WINXP\system32\igfxtray.exe
(Intel Corporation) C:\WINXP\system32\hkcmd.exe
(Intel Corporation) C:\WINXP\system32\igfxpers.exe
(Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINXP\system32\ctfmon.exe
(Intel Corporation) C:\WINXP\system32\igfxsrvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\WINXP\Datecs\Flex2K.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINXP\system32\igfxext.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\alg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [142104 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [162584 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [138008 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Alcmtr] => C:\WINXP\ALCMTR.EXE [69632 2005-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BroadcomWireless] => C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.)
HKLM\...\Run: [UnlockerAssistant] => "C:\Documents and Settings\PC\Desktop\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2007-06-05] (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\WgaLogon: 
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [GameXN GO] => "C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [Chromium] => c:\documents and settings\pc\local settings\application data\chromium\application\chrome.exe [666624 2015-07-30] (The Chromium Authors)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\MountPoints2: {8af1a440-cebe-11e8-a2a8-0017c42222d8} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\MountPoints2: {f7dcb9c5-cf36-11e6-9251-0017c42222d8} - G:\Lenovo_Suite.exe
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.trspch] => C:\WINXP\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.)
HKLM\...\Drivers32: [vidc.I420] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv32] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv41] => C:\WINXP\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.msg723] => C:\WINXP\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M263] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M261] => C:\WINXP\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINXP\system32\msaud32.acm [282654 2010-09-16] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINXP\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINXP\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINXP\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\WINXP\system32\l3codeca.acm [307260 2010-09-16] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINXP\system32\xvidvfw.dll [183808 2010-12-07] ()
HKLM\...\Drivers32: [VIDC.YV12] => C:\WINXP\system32\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINXP\system32\ac3acm.acm [151552 2010-01-17] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINXP\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINXP\system32\ff_vfw.dll [80896 2011-01-13] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINXP\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINXP\inf\unregmp2.exe [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINXP\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{99820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINXP\system32\themeui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\WINXP\system32\mscories.dll [2005-09-23] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-05] (Google Inc -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINXP\system32\fdeploy.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINXP\system32\dskquota.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINXP\system32\dot3gpclnt.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINXP\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\WINXP\system32\appmgmts.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
AppInit_DLLs: c:\progra~1\so_boo~1\assist~1.dll => No File
ShellServiceObjects: WebCheck -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => C:\WINXP\system32\webcheck.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2013-12-11]
ShortcutTarget: FlexType 2K.lnk -> C:\WINXP\Datecs\Flex2K.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 18 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 19 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 20 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 46.55.211.4 8.8.8.8
Tcpip\..\Interfaces\{40B9406E-1E5B-4324-B5FA-96068190B82F}: [DhcpNameServer] 46.55.211.4 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=FCD4B607-CBC3-4CA3-89CD-782690F568F0&ind=2014010416&n=780b5c30&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=FCD4B607-CBC3-4CA3-89CD-782690F568F0&ind=2014010416&n=780b5c30&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll => No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\idfqm4x1.default-1522524320687 [2019-02-05]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-02-05] [Legacy]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-02-05] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-10] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [No File]
FF Plugin HKU\S-1-5-21-1060284298-842925246-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Google Диск) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
StartMenuInternet: chrome.exe - C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-10] (Adobe Systems Incorporated) [File not signed]
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [29896 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 HidServ; C:\WINXP\System32\hidserv.dll [21504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Irmon; C:\WINXP\System32\irmon.dll [28160 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{E83227BB-4CA0-4898-8450-CEB1E92BAB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 AR5211; C:\WINXP\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [34008 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [92256 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswRdr; C:\WINXP\system32\drivers\aswRdr.sys [64272 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [60424 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [735488 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [433768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\WINXP\system32\drivers\aswStmXP.sys [184592 2019-02-05] (AVAST Software a.s. -> AVAST Software)
S3 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [66688 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [224752 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 b57w2k; C:\WINXP\System32\DRIVERS\b57xp32.sys [160256 2007-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 btaudio; C:\WINXP\System32\drivers\btaudio.sys [539072 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTDriver; C:\WINXP\System32\DRIVERS\btport.sys [37424 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTKRNL; C:\WINXP\System32\DRIVERS\btkrnl.sys [876384 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWDNDIS; C:\WINXP\System32\DRIVERS\btwdndis.sys [149123 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S3 btwhid; C:\WINXP\System32\DRIVERS\btwhid.sys [55352 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwmodem; C:\WINXP\System32\DRIVERS\btwmodem.sys [37280 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWUSB; C:\WINXP\System32\Drivers\btwusb.sys [67960 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CCDECODE; C:\WINXP\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 DKbFltr; C:\WINXP\System32\DRIVERS\DKbFltr.sys [17408 2006-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Dritek System Inc.)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 dtsoftbus01; C:\WINXP\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINXP\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5761728 2007-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [4424192 2007-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 irda; C:\WINXP\System32\DRIVERS\irda.sys [88192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12160 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457216 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSTEE; C:\WINXP\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NABTSFEC; C:\WINXP\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NdisIP; C:\WINXP\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2010-12-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NSCIRDA; C:\WINXP\System32\DRIVERS\nscirda.sys [28672 2008-04-14] (Microsoft Windows Component Publisher -> National Semiconductor Corporation)
R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 prodrv06; C:\WINXP\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINXP\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\WINXP\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R0 PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions -> Sonic Solutions)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasirda; C:\WINXP\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 sdbus; C:\WINXP\System32\DRIVERS\sdbus.sys [79232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sfhlp01; C:\WINXP\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SLIP; C:\WINXP\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [324096 2013-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357248 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 streamip; C:\WINXP\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SynTP; C:\WINXP\System32\DRIVERS\SynTP.sys [215904 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 tifm21; C:\WINXP\System32\drivers\tifm21.sys [290816 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbvideo; C:\WINXP\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WSTCODEC; C:\WINXP\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
U3 aydqetub; C:\WINXP\system32\Drivers\aydqetub.sys [0 ] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 IntelIde; no ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 11:27 - 2019-02-06 11:29 - 000061313 _____ C:\Documents and Settings\PC\Desktop\FRST.txt
2019-02-06 11:27 - 2019-02-06 11:27 - 000000000 ____D C:\FRST
2019-02-06 11:26 - 2019-02-06 11:26 - 001790976 _____ (Farbar) C:\Documents and Settings\PC\Desktop\FRST.exe
2019-02-05 22:17 - 2019-02-05 22:17 - 000000000 ____D C:\Documents and Settings\PC\Application Data\AVAST Software
2019-02-05 22:13 - 2019-02-05 22:13 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2019-02-05 22:13 - 2019-02-05 22:13 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2019-02-05 22:10 - 2019-02-06 10:30 - 000000364 ____H C:\WINXP\Tasks\Avast Emergency Update.job
2019-02-05 22:09 - 2019-02-05 22:11 - 000224752 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswvmm.sys
2019-02-05 22:09 - 2019-02-05 22:10 - 000735488 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswsnx.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000184592 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000092256 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000060424 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000034008 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys
2019-02-05 22:08 - 2019-02-05 22:07 - 000319760 ____N (AVAST Software) C:\WINXP\system32\aswBoot.exe
2019-02-05 22:07 - 2019-02-05 22:07 - 000053208 _____ (AVAST Software) C:\WINXP\avastSS.scr
2019-02-05 22:07 - 2019-02-05 22:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-05 21:50 - 2019-02-05 21:50 - 000001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2019-02-05 21:50 - 2019-02-05 21:50 - 000001811 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2019-02-05 21:48 - 2019-02-06 11:00 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job
2019-02-05 21:48 - 2019-02-06 10:29 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job
2019-02-05 21:48 - 2019-02-05 21:50 - 000000000 ____D C:\Program Files\Google
2019-02-05 17:11 - 2019-02-05 17:11 - 000036533 _____ C:\Documents and Settings\PC\Desktop\Vikings.s05e18.(subs.sab.bz).zip
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Start Menu\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Desktop\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BS.Player
2019-01-30 15:56 - 2019-01-30 15:56 - 000000000 ____D C:\Program Files\Webteh
2019-01-30 13:14 - 2019-02-05 22:10 - 000433768 ____N (AVAST Software) C:\WINXP\system32\Drivers\aswsp.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000066688 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000064272 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys
2019-01-30 13:13 - 2019-01-30 13:13 - 000000000 ____D C:\Program Files\Alwil Software
2019-01-29 11:45 - 2019-02-06 10:45 - 000000066 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2019-01-28 12:47 - 2019-01-28 12:47 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\chromium
2019-01-28 12:45 - 2019-02-06 10:45 - 000000396 _____ C:\WINXP\Tasks\At1.job
2019-01-28 12:45 - 2019-01-29 19:45 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}
2019-01-28 12:45 - 2019-01-28 12:48 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}
2019-01-28 12:45 - 2019-01-28 12:45 - 000000000 ____D C:\Documents and Settings\PC\Application Data\4289652d7c94fcc7ae174ec1919b8b78

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 11:29 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Temp
2019-02-06 10:48 - 2018-06-30 09:43 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job
2019-02-06 10:48 - 2018-06-30 09:43 - 000001012 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job
2019-02-06 10:32 - 2018-03-20 19:03 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job
2019-02-06 10:31 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\Temp
2019-02-06 10:29 - 2011-02-05 12:04 - 000032568 _____ C:\WINXP\SchedLgU.Txt
2019-02-06 10:29 - 2011-02-05 12:04 - 000000006 ____H C:\WINXP\Tasks\SA.DAT
2019-02-06 00:17 - 2011-02-05 12:11 - 000000278 ___SH C:\Documents and Settings\PC\ntuser.ini
2019-02-06 00:17 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC
2019-02-05 22:19 - 2011-02-05 11:59 - 000002577 _____ C:\WINXP\system32\CONFIG.NT
2019-02-05 22:18 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\system32
2019-02-05 22:15 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP
2019-02-05 22:14 - 2018-07-21 09:26 - 000065536 _____ C:\WINXP\system32\config\Antivirus.Evt
2019-02-05 22:12 - 2011-02-05 13:22 - 000000000 ___HD C:\WINXP\inf
2019-02-05 22:07 - 2017-05-29 23:50 - 000011295 _____ C:\Documents and Settings\PC\Desktop\Нов Текстов документ.txt
2019-02-05 22:07 - 2014-01-05 10:18 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2019-02-05 20:49 - 2011-02-05 17:51 - 000064512 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-05 17:39 - 2014-08-25 12:31 - 000321570 _____ C:\Documents and Settings\PC\My Documents\Нов Текстов документ.txt
2019-02-05 17:22 - 2015-11-04 18:59 - 000000000 ____D C:\Documents and Settings\PC\Application Data\vlc
2019-02-05 17:21 - 2011-02-05 14:28 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BitComet
2019-02-05 12:23 - 2018-12-27 23:12 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Изтегляния
2019-02-05 11:09 - 2008-04-14 13:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl
2019-02-02 21:11 - 2018-03-20 19:03 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job
2019-01-31 19:20 - 2016-01-04 15:01 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Bluetooth Exchange Folder
2019-01-30 13:20 - 2012-03-09 15:57 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google
2019-01-30 12:56 - 2015-11-03 23:44 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BSplayer
2019-01-30 12:45 - 2018-01-26 10:54 - 000000000 _____ C:\Documents and Settings\PC\last.dump
2019-01-19 22:05 - 2015-01-07 13:41 - 000018432 ____H C:\Documents and Settings\PC\Desktop\photothumb.db
2019-01-10 12:32 - 2018-03-20 19:03 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2019-01-10 12:32 - 2018-03-20 19:03 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl
2019-01-07 17:50 - 2018-09-08 16:20 - 000000000 ____D C:\Documents and Settings\PC\Desktop\cs

==================== Files in the root of some directories =======

2011-02-05 17:51 - 2019-02-05 20:49 - 000064512 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2016-12-18 20:08 - 2016-12-18 20:08 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\32141687lavfilters.exe
2017-06-13 20:00 - 2017-06-13 20:00 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\32587812lavfilters.exe
2017-06-15 21:33 - 2017-06-15 21:33 - 007475309 _____ () C:\Documents and Settings\PC\Local Settings\Temp\40411078lavfilters.exe
2019-01-28 12:53 - 2019-01-28 12:53 - 004189001 _____ () C:\Documents and Settings\PC\Local Settings\Temp\4863640ac3filter.exe
2019-01-28 12:55 - 2019-01-28 12:55 - 004189001 _____ () C:\Documents and Settings\PC\Local Settings\Temp\4943546ac3filter.exe
2017-01-20 00:13 - 2017-01-20 00:13 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\50002250lavfilters.exe
2015-12-10 01:12 - 2015-12-10 01:12 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\52257250lavfilters.exe
2015-12-10 01:12 - 2015-12-10 01:12 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\52296984lavfilters.exe
2012-02-09 13:59 - 2004-10-26 02:40 - 000684032 _____ (Electronic Arts Inc.) C:\Documents and Settings\PC\Local Settings\Temp\AutoRun.exe
2012-02-09 13:59 - 2004-10-15 06:59 - 000577536 _____ (Electronic Arts Inc.) C:\Documents and Settings\PC\Local Settings\Temp\AutoRunGUI.dll
2011-02-05 14:30 - 2011-02-05 14:30 - 007958360 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit11.tmp.exe
2017-04-05 14:37 - 2017-04-05 14:37 - 016312432 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit147.tmp.exe
2017-08-04 12:50 - 2017-08-04 12:50 - 016742904 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit18A.tmp.exe
2011-02-05 18:20 - 2011-02-05 18:20 - 021499328 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitAF.tmp.exe
2011-06-10 08:13 - 2011-06-10 08:13 - 015428488 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitB1.tmp.exe
2013-05-11 20:57 - 2013-05-11 20:57 - 009526184 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitCA.tmp.exe
2013-03-28 10:38 - 2013-03-28 10:38 - 000773104 _____ () C:\Documents and Settings\PC\Local Settings\Temp\DeltaTB.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx1d9b.exe
2015-03-14 13:18 - 2015-03-14 13:18 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx5f15.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx7cb8.exe
2015-03-14 13:20 - 2015-03-14 13:20 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divxd17d.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divxda5b.exe
2013-05-30 12:52 - 2013-09-27 16:42 - 000065536 _____ (Sony DADC Austria AG) C:\Documents and Settings\PC\Local Settings\Temp\drm_dialogs.dll
2013-05-30 12:52 - 2013-09-27 16:42 - 000208896 _____ (Sony DADC Austria AG) C:\Documents and Settings\PC\Local Settings\Temp\drm_dyndata_7360007.dll
2014-08-23 14:08 - 2014-08-23 14:08 - 000041984 _____ () C:\Documents and Settings\PC\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxgycjm.dll
2007-09-18 13:58 - 2007-09-18 13:58 - 000077160 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\DSETUP.dll
2007-09-18 13:58 - 2007-09-18 13:58 - 001673576 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\dsetup32.dll
2011-08-19 08:48 - 2011-08-19 08:48 - 011527296 _____ (DT Soft Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4413-0173.exe
2012-04-22 08:52 - 2012-04-22 08:53 - 014229744 _____ (DT Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4454-0315.exe
2013-03-28 10:34 - 2013-03-28 10:36 - 013901152 _____ (Disc Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4471-0333.exe
2013-11-18 20:48 - 2013-11-18 20:49 - 013485616 _____ (Disc Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4481-0347.exe
2007-09-18 13:58 - 2007-09-18 13:58 - 000503144 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\DXSETUP.exe
2016-09-20 15:40 - 2002-11-08 18:54 - 000270336 _____ (Electronic Arts, Inc.) C:\Documents and Settings\PC\Local Settings\Temp\eauninstall.exe
2011-06-09 16:23 - 2011-03-14 17:22 - 000158048 _____ () C:\Documents and Settings\PC\Local Settings\Temp\GLF24.tmp.ConduitEngineSetup.exe
2011-02-06 11:31 - 2010-11-13 21:58 - 003913000 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\GLFCE.tmp.tbBS_P.dll
2011-02-11 23:16 - 2011-02-11 23:16 - 000048280 _____ () C:\Documents and Settings\PC\Local Settings\Temp\gtbcheck.exe
2015-11-06 00:31 - 2016-12-30 00:11 - 001290968 _____ (                                                            ) C:\Documents and Settings\PC\Local Settings\Temp\ICReinstall_gom_player.exe
2011-09-23 10:25 - 2011-05-30 17:14 - 001399808 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Installhelper.dll
2011-09-23 10:26 - 2011-09-23 10:26 - 017127200 _____ (Sun Microsystems, Inc.) C:\Documents and Settings\PC\Local Settings\Temp\jre-6u22-windows-i586-s.exe
2011-03-07 11:27 - 2011-03-07 11:27 - 001855120 _____ (mIRC Co. Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\mirc719.exe
2016-09-20 15:40 - 2002-11-08 18:54 - 000086016 _____ (EA) C:\Documents and Settings\PC\Local Settings\Temp\NBA Live 2003_uninst.exe
2008-03-11 04:53 - 2008-03-11 04:53 - 000090112 _____ () C:\Documents and Settings\PC\Local Settings\Temp\NSISGSearchCheck.dll
2017-02-15 18:35 - 2017-02-15 18:35 - 000734416 _____ (Opera Software) C:\Documents and Settings\PC\Local Settings\Temp\OperaSetup xp.exe
2011-06-09 16:23 - 2011-01-17 15:54 - 000175912 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\prxGLF24.tmp.tb4sha.dll
2011-11-23 22:13 - 2011-11-23 22:12 - 002719616 _____ (EasyBits Software AS) C:\Documents and Settings\PC\Local Settings\Temp\Refresh.exe
2018-06-30 09:52 - 2018-06-30 09:38 - 002765192 _____ () C:\Documents and Settings\PC\Local Settings\Temp\removeSZB.exe
2011-02-05 13:05 - 2011-02-05 13:05 - 000208896 _____ (Realtek Semiconductor Corp.) C:\Documents and Settings\PC\Local Settings\Temp\RtkBtMnt.exe
2011-09-23 10:25 - 2011-06-01 22:35 - 003493832 _____ () C:\Documents and Settings\PC\Local Settings\Temp\SetupDataMngr_searchqu.exe
2012-03-09 15:55 - 2012-03-09 15:55 - 000185616 _____ (Adobe Systems Inc.) C:\Documents and Settings\PC\Local Settings\Temp\Shockwave_Installer_FF.exe
2016-04-03 13:56 - 2016-10-12 09:24 - 041430144 _____ (Skype Technologies S.A.) C:\Documents and Settings\PC\Local Settings\Temp\SkypeSetup.exe
2019-01-01 11:49 - 2019-01-01 11:49 - 000488960 _____ () C:\Documents and Settings\PC\Local Settings\Temp\sqlite3.exe
2011-09-23 10:25 - 2011-05-26 15:39 - 001085952 _____ () C:\Documents and Settings\PC\Local Settings\Temp\SRAssetsHelper.dll
2011-06-09 16:28 - 2011-03-14 17:17 - 004216104 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\tb4sha.dll
2013-09-08 19:22 - 2013-03-12 10:59 - 000275552 ___RS (Tarma Software Research Pty Ltd) C:\Documents and Settings\PC\Local Settings\Temp\Tsu13E3A740.dll
2011-03-05 11:18 - 2012-03-26 19:11 - 000064444 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\dnsapi.dll => File is digitally signed
C:\WINXP\system32\dllhost.exe => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Изтеглете файла fixlist и го запазете там където е и FRST.exe

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране на windows, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt, който се намира на десктопа Ви.

Забележка: Текущия фикс да не се използва на други системи!

 

Стъпка 2

  • Деинсталирайте от контролния панел, следния софтуер:
Chromium
SO_Sustainer 1.80

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Направих това което ми казахте, ето го и файла Fixlog.txt  Само, че за стъпка 2 като се помъча да деинсталирам от контролния панел Chromium ми излизат същите неща, които публикувах в първия си пост. Като се помъча да деинсталирам пък това SO_Sustainer 1.80 ми излиза това blob.thumb.png.6caad7a408ba322aaa7898639b8f3b33.png

След което давам ОК и то продължава да си стои в списъка с програми. Иначе след този рестарт, не ми се отвори Chromium след като се включи компютъра, така че все пак има някакъв напредък.


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Изтеглете Geek Unistaller Free.

  • Разархивирайте файла.
  • Стартирайте изпълнимия файл като администратор(десен бутон на изпълнимия файл=>Run As Administrator(Стартирай като Администратор)).
  • От списъка намерете следния софтуер:
Chromium
SO_Sustainer 1.80
  • Десен бутон върху избрания софтуер => Force Removal.

 

Стъпка 2

  • Създайте нови логове с FRST.

 

Стъпка 3

Изтеглете SystemLook.

  • Стартирайте изпълнимия файл като администартор(десен бутон на изпълнимия файл=>Run As Administrator(Стартирай като Администратор)).
  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look.
  • След проверката, ще се генерира текстов файл с име SystemLook.txt, копирайте съдържанието му и го поставете тук.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Като го отворя като администратор ми излиза това : 
blob.thumb.png.6b406c6fe4c7217179bdaa2f5d3ad53b.pngblob.thumb.png.5c9efb3172dd166ca57c7e140075ecd1.png

Гледам пита за парола, макар и незадължителна. Писах парола "1" (просто си измислих число) и ми излиза това : 
blob.thumb.png.63462394172c982765588d12d63b7b1f.png

Не знам за каква парола става въпрос, аз нямам парола на компютъра (ако изобщо има общо де). Като го включвам след пълно изключване или рестарт ми изписва "добре дошли" и това е. Иначе като го включвам след "режим на готовност" ми излиза едно квадратче на син фон, където съм аз юзъра, щраквам върху него и влизам. Не ми иска парола. Пък за тоя Geek Uninstaller като го отворя нормално сякаш по-става работата, виж : 
blob.thumb.png.e51f9740caf6bc5c5ddc40f1808780b7.png

А пък като дам с дясното копче на мишката върху Chromium излиза това : 
blob.thumb.png.08afcc74719f1e825c85aa46d2a11f82.png

Ама нищо не съм правил де, само показвам. Ако не е проблем и по този начин, ще ги премахна както са тук на скрийншота. Обаче нали каза да е като администратор и не смея да пипам, че да не объркам нещо.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пробвах, но ми излиза същото което ми излиза и когато се помъча да я махна от "добавяне или премахване на програми":
blob.thumb.png.fe0c1130ee86cc37e5012d30bf3c21da.png

Относно SO_Sustainer същата работа като преди: 
blob.thumb.png.2f4a2ce737841dab294baa056ce36752.png

Edit : 

Пробвам така : 
blob.thumb.png.9b96502ed93a5602b38dce7d8eb2e2b5.png

blob.thumb.png.5b82be2c6d5d20a405e08dec1d0fa836.png

А сега SO_Sustainer :
blob.thumb.png.cf3a7b5976f2346324e9b7240b673fb5.png

blob.thumb.png.5b964fe1c593edd634b2cae43749c549.png

Същото "Всички следи са премахнати" ми излезе като махнах и Chromium.

Малко скрийншотове от "добавяне или премахване на програми": 

blob.thumb.png.79167b4994035c38a2d5aafe662c7995.png

blob.thumb.png.946fd8502954382da43315b62a4e7f65.png

Няма и следа и от двете програми.  Надявам се и занапред да е така.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не бяхте инструктиран точно за тази операция. Аз така или иначе щях да ги премахна, затова бяха и стъпките след това. Както и да е. Направете проверка с Malwarebytes Anti-Malware:

 

Изтеглете: MKLLMRQ.png Malwarebytes Anti-Malware.

  • Стартирайте инсталационния файл и следвайте стъпките за инсталация.
  • След като инсталацията приключи програмата ще стартира автоматично.
  • Отидете до прозорец Settings => Protection => и под категорията Scan Options включете опцията Scan for rootkits.
  • Отидете до прозорец Scan и изберете Threat Scan и след това натиснете бутона Start Scan.
  • Ще започне проверка.
  • След като проверката приключи ще се появи списък с резултатите. Ако програмата е минимизирана докато сканира, ще се появи съобщение ако има открити заплахи. Натиснете бутона View Scan Results.
  • Натиснете бутона Quarantine Selected.
  • След няколко секунди ще се появи прозорец за рестартиране на Windows. Изберете Yes.
  • След като зареди Windows, стартирайте отново Malwarebytes Anti-Malware.
  • Отидете то прозорец Reports и отворете лог файла с името Scan Report.
  • Натиснете бутона Export и след това Copy to Clipboard.
  • Поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия Ви коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 11 часа, Stoyannnov написа:

Не бяхте инструктиран точно за тази операция.

Аз затова си викам да не пипам много ама... Повече няма да правя такива своеволия. Иначе изтеглих го това, тръгвам да го инсталирам, давам "Run", то ме пита на какъв език искам да ползвам инсталатора и то си е зададено "български", след което аз давам "OK" и ми излиза следното нещо : 
blob.thumb.png.cc2a25892fef5c7ce243ee45ce8a7afb.png
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes
www.malwarebytes.com

-Детайли за регистъра-
Дата на сканиране: 8.02.19 г.
Час на сканиране: 13:13
Файл на регистъра: a051326a-2b92-11e9-8b74-0017c42222d8.json
Администратор: Да

-Информация за софтуера-
Версия: 3.5.1.2522
Версия на компонентите: 1.0.365
Актуализирай версията на пакета: 1.0.9172
Лиценз: Пробен период

-Системна информация-
OS: Windows XP Service Pack 3
CPU: x86
Файлова система: NTFS
Потребител: ACER-71A12AA9FA\PC

-Резюме на сканирането-
Тип сканиране: Threat Scan
Сканирането е стартирано от: Ръчно
Резултат: Завършено
Сканирани обекти: 172386
Открити заплахи: 257
Заплахи под карантина: 257
Изтекло време: 21 мин, 59 сек

-Опции за сканиране-
Памет: Разрешено
Стартиране: Разрешено
Файлова система: Разрешено
Архиви: Разрешено
руткитове: Забранено
Евристика: Разрешено
PUP: Открий
PUM: Открий

-Детайли за сканирането-
Процес: 0
(Не бяха открити зловредни елементи)

Модул: 0
(Не бяха открити зловредни елементи)

Ключ на регистъра: 35
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\Datamngr, Под карантина, [59], [253612],1.0.9172
PUP.Optional.Ividi, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\iVIDI Plugin, Под карантина, [1865], [239628],1.0.9172
PUP.Optional.PriceGong, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PriceGong, Под карантина, [1367], [241948],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240671],1.0.9172
PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR, Под карантина, [1869], [243128],1.0.9172
PUP.Optional.Booster, HKLM\SOFTWARE\SO_Booster, Под карантина, [819], [235944],1.0.9172
PUP.Optional.MindSpark, HKLM\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240819],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, Под карантина, [1728], [443668],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E9469AF-E866-4476-B767-810630F1F6E7}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\CSASTATS\ic, Под карантина, [420], [586068],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP, Под карантина, [420], [481004],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr.1, Под карантина, [83], [238207],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr, Под карантина, [83], [238207],1.0.9172
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\CLASSES\Toolbar.CT2233703, Под карантина, [1559], [443525],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\APPID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}, Под карантина, [83], [392823],1.0.9172
PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172
PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Под карантина, [610], [168291],1.0.9172
PUP.Optional.MultiSP, HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}, Под карантина, [7566], [167447],1.0.9172
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, Под карантина, [610], [168261],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Под карантина, [33], [160141],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, Под карантина, [610], [168441],1.0.9172

Стойност на регистъра: 5
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Под карантина, [59], [-1],0.0.0
PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR|GLOBALUSERID, Под карантина, [1869], [243128],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}|APPPATH, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}|APPPATH, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP|TB, Под карантина, [420], [481004],1.0.9172

Данни на регистъра: 4
PUP.Optional.FaceMoods, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SEARCHASSISTANT, Сменен, [83], [293076],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Сменен, [13145], [293294],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Сменен, [13145], [293295],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Сменен, [13145], [293296],1.0.9172

Поток данни: 0
(Не бяха открити зловредни елементи)

Папка: 52
PUP.Optional.FaceMoods, C:\Documents and Settings\PC\Application Data\facemoods.com\facemoods, Под карантина, [83], [177074],1.0.9172
PUP.Optional.FaceMoods, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\FACEMOODS.COM, Под карантина, [83], [177074],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\PRICEGONG, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.SearchQu, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\SEARCHQUBAND, Под карантина, [1543], [179463],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z, Под карантина, [1728], [443674],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758, Под карантина, [816], [179939],1.0.9172
PUP.Optional.SWBooster, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SUPERSOFTWARE APP\SO_Booster, Под карантина, [816], [179939],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}, Под карантина, [758], [484243],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.DataMngr.AppFlsh, C:\DOCUMENTS AND SETTINGS\PC\APPDATA\LOCALLOW\DATAMNGR, Под карантина, [59], [181454],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Log, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CONDUIT, Под карантина, [213], [182116],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}, Под карантина, [758], [542290],1.0.9172

Файл: 161
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\1.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\a.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\b.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\c.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\d.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\e.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\f.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\g.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\h.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\i.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\J.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\k.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\l.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\m.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\mru.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\n.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\o.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\p.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\q.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\r.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\s.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\t.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\u.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\v.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\w.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\x.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\y.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\z.xml, Под карантина, [1367], [178994],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z\UrlFolderExtension.ufm, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.min.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.min.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayBttn.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\BlackBK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts_2.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_closed.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_open.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_ScrollHandle.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_handleAlt.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\favicon.ico, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Break.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Thumb.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Selection_Break.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\SettingsBreak.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\StationBreak.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\temp_blue.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Background.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Player.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Widget.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\App.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Background.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\lang-en.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\manifest.json, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Player.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin\background.min.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\anemone-1.2.7.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\background.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\manifest.json, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\widget-api-1.4.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\UrlFolderExtension.uf1, Под карантина, [1728], [443674],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758.ini, Под карантина, [816], [179939],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\fomo, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\aowLC, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat1, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat2, Под карантина, [758], [484243],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.DataMngr.AppFlsh, C:\Documents and Settings\PC\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, Под карантина, [59], [181454],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_631527_627389_BG.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_BG.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}\HOWTOREMOVE\HOWTOREMOVE.HTML, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\chromium-min.jpg, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\control panel-min-min.JPG, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\down.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff menu.JPG, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff search engine-min.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ff.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ie.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\search engine.gif, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\setup pages.gif, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\sp-min.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\start-min.jpg, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\up.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\medefomet, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\ratera, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninst.exe, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninstp.dat, Под карантина, [758], [542290],1.0.9172

Физически сектор: 0
(Не бяха открити зловредни елементи)

WMI: 0
(Не бяха открити зловредни елементи)


(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

  • Създайте нови логове с FRST.

 

Стъпка 2

Изтеглете SystemLook.

  • Стартирайте изпълнимия файл.
  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look.
  • След проверката, ще се генерира текстов файл с име SystemLook.txt, копирайте съдържанието му и го поставете тук.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1 я изпълних, създадох нови логове с FRST, обаче не ги копирах както направих първият път, понеже не си ми казал и да не объркам нещо пак... Иначе изтеглих SystemLook, след което давам "Run" и виж какво ми излиза
blob.thumb.png.b5e221cbdbc7c0c6a4f9b7e0fee4680b.png

Предполагам след това трябва да щракна върху "Look" и ми излиза това
blob.thumb.png.6610e408ea14460ad4255e54b6a9ecdf.png

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Копирайте и поставете лога FRST.txt  тук, а Additional.txt го прикачете.

 

Стъпка 2

  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look, след като сте поставили кода в бялото каре.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 8-02-2019
Ran by PC (administrator) on ACER-71A12AA9FA (09-02-2019 01:30:12)
Running from C:\Documents and Settings\PC\Desktop\Нова папка (2)
Loaded Profiles: PC (Available Profiles: PC)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINXP\system32\smss.exe
(Microsoft Corporation) C:\WINXP\system32\csrss.exe
(Microsoft Corporation) C:\WINXP\system32\winlogon.exe
(Microsoft Corporation) C:\WINXP\system32\services.exe
(Microsoft Corporation) C:\WINXP\system32\lsass.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\explorer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINXP\system32\spoolsv.exe
(Intel Corporation) C:\WINXP\system32\igfxtray.exe
(Intel Corporation) C:\WINXP\system32\hkcmd.exe
(Intel Corporation) C:\WINXP\system32\igfxsrvc.exe
(Intel Corporation) C:\WINXP\system32\igfxpers.exe
(Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINXP\system32\ctfmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\WINXP\Datecs\Flex2K.exe
(Intel Corporation) C:\WINXP\system32\igfxext.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\WINXP\system32\alg.exe
(Microsoft Corporation) C:\WINXP\system32\wscntfy.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [142104 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [162584 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [138008 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Alcmtr] => C:\WINXP\ALCMTR.EXE [69632 2005-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BroadcomWireless] => C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.)
HKLM\...\Run: [UnlockerAssistant] => "C:\Documents and Settings\PC\Desktop\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2007-06-05] (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\WgaLogon: 
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [GameXN GO] => "C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.trspch] => C:\WINXP\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.)
HKLM\...\Drivers32: [vidc.I420] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv32] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv41] => C:\WINXP\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.msg723] => C:\WINXP\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M263] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M261] => C:\WINXP\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINXP\system32\msaud32.acm [282654 2010-09-16] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINXP\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINXP\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINXP\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\WINXP\system32\l3codeca.acm [307260 2010-09-16] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINXP\system32\xvidvfw.dll [183808 2010-12-07] ()
HKLM\...\Drivers32: [VIDC.YV12] => C:\WINXP\system32\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINXP\system32\ac3acm.acm [151552 2010-01-17] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINXP\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINXP\system32\ff_vfw.dll [80896 2011-01-13] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINXP\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINXP\inf\unregmp2.exe [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINXP\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{99820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINXP\system32\themeui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\WINXP\system32\mscories.dll [2005-09-23] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-05] (Google Inc -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINXP\system32\fdeploy.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINXP\system32\dskquota.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINXP\system32\dot3gpclnt.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINXP\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\WINXP\system32\appmgmts.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
ShellServiceObjects: WebCheck -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => C:\WINXP\system32\webcheck.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2013-12-11]
ShortcutTarget: FlexType 2K.lnk -> C:\WINXP\Datecs\Flex2K.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 18 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 19 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 20 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 46.55.211.4 8.8.8.8
Tcpip\..\Interfaces\{40B9406E-1E5B-4324-B5FA-96068190B82F}: [DhcpNameServer] 46.55.211.4 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\q63851us.default-1549495426250 [2019-02-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-02-05] [Legacy]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-02-05] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-10] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1060284298-842925246-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-02-09]
CHR Extension: (Google Диск) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
StartMenuInternet: chrome.exe - C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-10] (Adobe Systems Incorporated) [File not signed]
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [29896 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 HidServ; C:\WINXP\System32\hidserv.dll [21504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Irmon; C:\WINXP\System32\irmon.dll [28160 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{E83227BB-4CA0-4898-8450-CEB1E92BAB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 AR5211; C:\WINXP\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [34008 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [92256 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswRdr; C:\WINXP\system32\drivers\aswRdr.sys [64272 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [60424 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [735488 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [433768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\WINXP\system32\drivers\aswStmXP.sys [184592 2019-02-05] (AVAST Software a.s. -> AVAST Software)
S3 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [66688 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [224752 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 b57w2k; C:\WINXP\System32\DRIVERS\b57xp32.sys [160256 2007-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 btaudio; C:\WINXP\System32\drivers\btaudio.sys [539072 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTDriver; C:\WINXP\System32\DRIVERS\btport.sys [37424 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTKRNL; C:\WINXP\System32\DRIVERS\btkrnl.sys [876384 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWDNDIS; C:\WINXP\System32\DRIVERS\btwdndis.sys [149123 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S3 btwhid; C:\WINXP\System32\DRIVERS\btwhid.sys [55352 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwmodem; C:\WINXP\System32\DRIVERS\btwmodem.sys [37280 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWUSB; C:\WINXP\System32\Drivers\btwusb.sys [67960 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CCDECODE; C:\WINXP\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 DKbFltr; C:\WINXP\System32\DRIVERS\DKbFltr.sys [17408 2006-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Dritek System Inc.)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 dtsoftbus01; C:\WINXP\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINXP\system32\drivers\mbae.sys [128736 2018-04-26] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINXP\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5761728 2007-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [4424192 2007-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 irda; C:\WINXP\System32\DRIVERS\irda.sys [88192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 mbamchameleon; C:\WINXP\system32\drivers\mbamchameleon.sys [148600 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINXP\system32\drivers\mbam.sys [40160 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINXP\system32\drivers\MBAMSwissArmy.sys [220896 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12160 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457216 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSTEE; C:\WINXP\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NABTSFEC; C:\WINXP\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NdisIP; C:\WINXP\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2010-12-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NSCIRDA; C:\WINXP\System32\DRIVERS\nscirda.sys [28672 2008-04-14] (Microsoft Windows Component Publisher -> National Semiconductor Corporation)
R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 prodrv06; C:\WINXP\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINXP\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\WINXP\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R0 PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions -> Sonic Solutions)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasirda; C:\WINXP\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 sdbus; C:\WINXP\System32\DRIVERS\sdbus.sys [79232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sfhlp01; C:\WINXP\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SLIP; C:\WINXP\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [324096 2013-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357248 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 streamip; C:\WINXP\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SynTP; C:\WINXP\System32\DRIVERS\SynTP.sys [215904 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 tifm21; C:\WINXP\System32\drivers\tifm21.sys [290816 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbvideo; C:\WINXP\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WSTCODEC; C:\WINXP\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
U3 acqz17sd; C:\WINXP\system32\Drivers\acqz17sd.sys [0 ] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 IntelIde; no ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-08 13:11 - 2019-02-08 13:52 - 000040160 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbam.sys
2019-02-08 13:11 - 2019-02-08 13:51 - 000220896 _____ (Malwarebytes) C:\WINXP\system32\Drivers\MBAMSwissArmy.sys
2019-02-08 13:11 - 2019-02-08 13:11 - 000148600 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbamchameleon.sys
2019-02-08 13:10 - 2019-02-08 13:10 - 000001715 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes.lnk
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2019-02-08 13:10 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbae.sys
2019-02-08 13:08 - 2019-02-09 01:30 - 000000000 ____D C:\Documents and Settings\PC\Desktop\Нова папка (2)
2019-02-07 17:04 - 2019-02-07 17:04 - 000000000 ____D C:\Documents and Settings\PC\Application Data\Geek Uninstaller
2019-02-07 01:19 - 2019-02-07 01:19 - 000000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-06 23:33 - 2019-02-09 01:32 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Temp
2019-02-06 11:27 - 2019-02-09 01:30 - 000000000 ____D C:\FRST
2019-02-05 22:17 - 2019-02-05 22:17 - 000000000 ____D C:\Documents and Settings\PC\Application Data\AVAST Software
2019-02-05 22:13 - 2019-02-05 22:13 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2019-02-05 22:13 - 2019-02-05 22:13 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2019-02-05 22:10 - 2019-02-08 13:51 - 000000364 ____H C:\WINXP\Tasks\Avast Emergency Update.job
2019-02-05 22:09 - 2019-02-05 22:11 - 000224752 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswvmm.sys
2019-02-05 22:09 - 2019-02-05 22:10 - 000735488 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswsnx.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000184592 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000092256 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000060424 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000034008 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys
2019-02-05 22:08 - 2019-02-05 22:07 - 000319760 ____N (AVAST Software) C:\WINXP\system32\aswBoot.exe
2019-02-05 22:07 - 2019-02-05 22:07 - 000053208 _____ (AVAST Software) C:\WINXP\avastSS.scr
2019-02-05 22:07 - 2019-02-05 22:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-05 21:50 - 2019-02-05 21:50 - 000001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2019-02-05 21:50 - 2019-02-05 21:50 - 000001811 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2019-02-05 21:48 - 2019-02-08 15:59 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job
2019-02-05 21:48 - 2019-02-08 13:50 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job
2019-02-05 21:48 - 2019-02-05 21:50 - 000000000 ____D C:\Program Files\Google
2019-02-05 17:11 - 2019-02-05 17:11 - 000036533 _____ C:\Documents and Settings\PC\Desktop\Vikings.s05e18.(subs.sab.bz).zip
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Start Menu\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Desktop\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BS.Player
2019-01-30 15:56 - 2019-01-30 15:56 - 000000000 ____D C:\Program Files\Webteh
2019-01-30 13:14 - 2019-02-05 22:10 - 000433768 ____N (AVAST Software) C:\WINXP\system32\Drivers\aswsp.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000066688 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000064272 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys
2019-01-30 13:13 - 2019-01-30 13:13 - 000000000 ____D C:\Program Files\Alwil Software
2019-01-29 11:45 - 2019-02-06 10:45 - 000000066 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2019-01-28 12:47 - 2019-01-28 12:47 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\chromium
2019-01-28 12:45 - 2019-01-28 12:45 - 000000000 ____D C:\Documents and Settings\PC\Application Data\4289652d7c94fcc7ae174ec1919b8b78

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-09 01:32 - 2018-03-20 19:03 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job
2019-02-09 01:11 - 2018-03-20 19:03 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job
2019-02-08 16:31 - 2014-08-25 12:31 - 000322336 _____ C:\Documents and Settings\PC\My Documents\Нов Текстов документ.txt
2019-02-08 15:48 - 2018-06-30 09:43 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job
2019-02-08 13:53 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\Temp
2019-02-08 13:50 - 2018-06-30 09:43 - 000001012 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job
2019-02-08 13:50 - 2011-02-05 12:04 - 000000006 ____H C:\WINXP\Tasks\SA.DAT
2019-02-08 13:48 - 2011-02-05 12:11 - 000000278 ___SH C:\Documents and Settings\PC\ntuser.ini
2019-02-08 13:48 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC
2019-02-08 13:48 - 2011-02-05 12:04 - 000032546 _____ C:\WINXP\SchedLgU.Txt
2019-02-08 13:47 - 2014-06-10 13:20 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Supersoftware App
2019-02-08 13:10 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP
2019-02-08 01:36 - 2017-09-08 10:48 - 000000000 _____ C:\WINXP\system32\last.dump
2019-02-07 01:40 - 2011-02-05 14:28 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BitComet
2019-02-06 23:29 - 2011-02-05 12:04 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2019-02-06 23:27 - 2015-11-05 23:52 - 000000000 ___HD C:\WINXP\system32\GroupPolicy
2019-02-05 22:19 - 2011-02-05 11:59 - 000002577 _____ C:\WINXP\system32\CONFIG.NT
2019-02-05 22:18 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\system32
2019-02-05 22:14 - 2018-07-21 09:26 - 000065536 _____ C:\WINXP\system32\config\Antivirus.Evt
2019-02-05 22:12 - 2011-02-05 13:22 - 000000000 ___HD C:\WINXP\inf
2019-02-05 22:07 - 2017-05-29 23:50 - 000011295 _____ C:\Documents and Settings\PC\Desktop\Нов Текстов документ.txt
2019-02-05 22:07 - 2014-01-05 10:18 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2019-02-05 20:49 - 2011-02-05 17:51 - 000064512 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-05 17:22 - 2015-11-04 18:59 - 000000000 ____D C:\Documents and Settings\PC\Application Data\vlc
2019-02-05 12:23 - 2018-12-27 23:12 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Изтегляния
2019-02-05 11:09 - 2008-04-14 13:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl
2019-01-31 19:20 - 2016-01-04 15:01 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Bluetooth Exchange Folder
2019-01-30 13:20 - 2012-03-09 15:57 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google
2019-01-30 12:56 - 2015-11-03 23:44 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BSplayer
2019-01-30 12:45 - 2018-01-26 10:54 - 000000000 _____ C:\Documents and Settings\PC\last.dump
2019-01-19 22:05 - 2015-01-07 13:41 - 000018432 ____H C:\Documents and Settings\PC\Desktop\photothumb.db
2019-01-10 12:32 - 2018-03-20 19:03 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2019-01-10 12:32 - 2018-03-20 19:03 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2011-02-05 17:51 - 2019-02-05 20:49 - 000064512 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\dnsapi.dll => File is digitally signed
C:\WINXP\system32\dllhost.exe => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Addition.txt


 

преди 6 часа, Stoyannnov написа:

Стъпка 2

  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!

:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look, след като сте поставили кода в бялото каре.

Ти хубаво си казал, ама мен хич ме няма.
 

SystemLook 30.07.11 by jpshortstuff
Log created at 20:34 on 09/02/2019 by PC
Administrator - Elevation successful

========== filefind ==========

Searching for "Decehifo"
No files found.

Searching for "chromium"
No files found.

========== folderfind ==========

Searching for "Decehifo"
No folders found.

Searching for "chromium"
C:\Documents and Settings\PC\Local Settings\Application Data\chromium    d------    [10:47 28/01/2019]

========== regfind ==========

Searching for "Decehifo"
No data found.

Searching for "chromium"
[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"001"="chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM]
@="Chromium HTML Document"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon]
@="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" -- "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe]
"LocalizedString"="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM]
@="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationDescription"="Chromium е уеб браузър, който зарежда уеб страници и изпълнява приложения със светкавична скорост. Той е бърз, стабилен и лесен за употреба. Сърфирайте в мрежата по-безопасно с вградената защита на Chromium срещу злонамерен софтуер и фишинг."
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationIcon"="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationName"="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".htm"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".html"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".shtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".xht"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".xhtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".webp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\Startmenu]
"StartMenuInternet"="Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"ftp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"http"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"https"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"irc"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"mailto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"mms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"news"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"nntp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"sms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"smsto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"tel"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"urn"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"webcal"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon]
@="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"ReinstallCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --make-default-browser"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"HideIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --hide-icons"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"ShowIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --show-icons"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM"="Software\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities"
[HKEY_USERS\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Search Assistant\ACMru\5603]
"001"="chromium"

-= EOF =-

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете файла fixlist и го запазете там където е и FRST.exe

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране на windows, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt.

Забележка: Текущия фикс да не се използва на други системи!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Предполагам, че вече всичко е наред, но все пак ще попитам, как е системата сега?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявай за бавният отговор, но просто не мога да намеря време да седна на компютъра. Иначе дa, наред е. Много ти благодаря, че ми помогна. Само, че имам питане. Tука отскоро мисля, че след като изтеглих този Malware всеки път като включа компютъра ми излиза това blob.thumb.png.e6a976a7645711b4ee9f627c03481089.png

И не знам как да го махна.Като го отворя пък ми излиза това : 
blob.thumb.png.d346d002a4c7da51be735966fb229dea.png

Не знам дали има общо с Malware, просто го свързвам с него понеже след като го инсталирах взе да ми излиза това нещо.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това балонче го игнорирайте, едно време показваше дупки в сигурността на XP. Сега Цялото XP си е дупка. Ако Ви пречи, има вариант, в който можете да го спрете:

Windows key + R => services.msc => намирате сървис с име Security Center => десен бутон на него => Properties => от startup type: падащото меню изберете Disabled. И отдолу на Service Status: изберете STOP.

 

От използваните програми, можете да си оставите Malwarebytes Anti-Malware, за да правите проверки на windows периодично.

Останалите ще ги премахнем:

За FRST:

  • Преименувайте файла от FRST.exe на Uninstall.exe  9502769v.png
  • Стартирайте Uninstall.exe
  • Ще излезе прозорче, което Ви казва, че след натискането на бутона OK windows ще бъде рестартиран.

 

Останалите програми:

Изтеглете: P6YS34D.png Delfix.

  • Стартирайте Delfix.exе.
  • По подразбиране трябва да има 2 отметки на "Remove disinfection tools" и "Purge system restore ". Ако липсват, ги сложете.
  • Натиснете бутона "Run". 
  • Инструмента ще се самоизтрие след като приключи работата си.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Удължаване на поддръжката на Windows XP


Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не сте ми казвали, ама аз да кача : 
 

# DelFix v1.013 - Logfile created 12/02/2019 at 16:29:22
# Updated 17/04/2016 by Xplode
# Username : PC - ACER-71A12AA9FA
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...


~ Cleaning system restore ...

Deleted : RP #1752 [Контролна точка на системата | 02/10/2019 17:39:52]
Deleted : RP #1753 [Restore Point Created by FRST | 02/10/2019 18:50:16]
Deleted : RP #1754 [Контролна точка на системата | 02/11/2019 19:11:59]

New restore point created !

########## - EOF - ##########

Иначе Security Center като го спирах както ми каза чрез комбинацията Windows key + R, освен него ви
дях папки на програми и игри, които нямам отдавна и ги махнах и тях и сега в disc C ми се освободиха близо 3gb. 


 

преди 20 часа, DarkEdge написа:

Удължаване на поддръжката на Windows XP

  Затвори скритото съдържание


Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

 


Извинявай, ама не те разбрах. Трябва да си го изтегля този Windwos Registry Editor ли? Или това се въвежда някъде? Или нито едното.







 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Цитат

Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

копирай текста и го постави в notepad. Сега кликни File> Save as от падащото меню File type избери All files type, в полето за писане напиши pos.reg и запиши на десктопа примерно. Кликни сега двукратно на файла pos и потвърди добавянето.
Рестартирай машината.
Разреши актуализирането.

blob.thumb.png.d346d002a4c7da51be735966fb229dea.png

Редактирано от DarkEdge (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от aivanov1
      Здравейте! Днес ми направи впечатление един проблем с телефона ми Samsung J7 2017. Когато прозвучи нещо от говорителя (независимо дали е тон на звънене, мултимедия, уведомления и прочие), звукът отначало си тръгва нормално (в случая на max), а след няколко секунди започва драстично да намалява докато не стане много тих. Гледах настройките – всичко е наред. Моля за помощ!
    • от n.mihaylov1996
      Здравейте! Имам следния проблем реших да си поръчам ново PC, след като му инсталирах Windows 10, пуснах Benchmark valley и винаги когато стигне до теста на GPU-то и компютъра се изключва и немога да го включа веднага. Съмнява ме захранването, но искам да чуя и вашето мнение. 
      Motherboard:ASROCK B450M-HDV AM4
      CPU:AMD Ryzen 5 1600 (3,2GHz)
      GPU:Gigabyte RX-580 4GB
      RAM:2X4G DDR4 2666 KINGSTON HYPEX
      PSU:Makki PSU ATX-500W MAKKI-ATX-500-B-PCIE
       
    • от мирослав24
      Здравейте,изникна ми проблем с браузърите-основно ползвам комодо и по-рядко опера.От няколко дни обаче комодо-то се затваря самостоятелно докато съм в нета.Спря да отваря адрес ,който ползвам за работа(vpn тунел с CISCO софтуер).Реших да направя ъпдейт,свързва се,но излиза надпис че ъпдета не може да се направи.Деинсталирах старата версия и инсталирах чисто ново комодо от страницата им.Сега пък е адски бавен и отново не ми отваря тунела.Опера-та ми работи с адреса,но също се крашва изведнъж.Друг проблем е с офис пакета-опциите на падащите менюта спряха да се поддават на команди.Незнам дали е хардуерен проблем или наличие на гадинка,затова реших да пиша първо в този форум.Изпращам логовете след сканинг:
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
      Ran by m (administrator) on M-PC (15-03-2019 12:53:55)
      Running from C:\Users\m\Downloads
      Loaded Profiles: m & UpdatusUser (Available Profiles: m & user & UpdatusUser)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1")
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe
      (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
      (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareTray.exe [4749784 2018-10-11] (Adaware Software -> )
      HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe
      HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
      HKLM-x32\...\Run: [] => [X]
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.)
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\MountPoints2: {53615ed9-b5c5-11e8-9221-001966873225} - F:\SETUP.EXE
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-09-13]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-09-15]
      ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () [File not signed]
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{EF05353F-1AB4-4F63-852E-FDF507B7D414}: [DhcpNameServer] 192.168.0.1
      Internet Explorer:
      ==================
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3677490310-1812953499-2719145278-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10419__180911&q={searchTerms}
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Company -> Hewlett-Packard Co.)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FireFox:
      ========
      FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-09-13] [Legacy] [not signed]
      FF HKU\S-1-5-21-3677490310-1812953499-2719145278-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.5.961.11619\AdAwareService.exe [587832 2018-10-11] (Adaware Software -> )
      R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2307768 2016-05-05] (Comodo Security Solutions -> Comodo)
      R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
      S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
      R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-08-16] (Microsoft Windows -> Microsoft Corporation)
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 atc; C:\Windows\System32\DRIVERS\atc.sys [1283464 2018-06-08] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
      R1 bdfwfpf; C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [127312 2016-06-16] (Bitdefender SRL -> BitDefender LLC)
      R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> )
      S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2018-09-11] (Disc Soft Ltd -> Disc Soft Ltd)
      R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [187688 2018-05-02] (Bitdefender SRL -> BitDefender LLC)
      R0 Ignis; C:\Windows\System32\drivers\ignis.sys [304448 2017-08-29] (Bitdefender SRL -> Bitdefender)
      R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Microsoft Corporation)
      R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One month (created) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-15 12:53 - 2019-03-15 12:55 - 000012581 _____ C:\Users\m\Downloads\FRST.txt
      2019-03-15 12:53 - 2019-03-15 12:53 - 002433536 _____ (Farbar) C:\Users\m\Downloads\FRST64.exe
      2019-03-15 12:53 - 2019-03-15 12:53 - 000000000 ____D C:\FRST
      2019-03-13 10:33 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
      2019-03-13 10:33 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
      2019-03-13 10:33 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
      2019-03-13 10:33 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
      2019-03-13 10:33 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2019-03-13 10:33 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
      2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
      2019-03-13 10:33 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
      2019-03-13 10:33 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2019-03-13 10:33 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2019-03-13 10:33 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
      2019-03-13 10:33 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
      2019-03-13 10:33 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
      2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
      2019-03-13 10:33 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
      2019-03-13 10:33 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
      2019-03-13 10:33 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
      2019-03-13 10:33 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
      2019-03-13 10:33 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2019-03-13 10:33 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
      2019-03-13 10:33 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2019-03-13 10:33 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
      2019-03-13 10:33 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
      2019-03-13 10:32 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2019-03-13 10:32 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2019-03-13 10:32 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2019-03-13 10:32 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2019-03-13 10:32 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2019-03-13 10:32 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2019-03-13 10:32 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2019-03-13 10:32 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2019-03-13 10:32 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2019-03-13 10:32 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2019-03-13 10:32 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2019-03-13 10:32 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2019-03-13 10:32 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
      2019-03-13 10:32 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2019-03-13 10:32 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2019-03-13 10:32 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2019-03-13 10:32 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2019-03-13 10:32 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2019-03-13 10:32 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2019-03-13 10:32 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2019-03-13 10:32 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2019-03-13 10:32 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2019-03-13 10:32 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2019-03-13 10:32 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2019-03-13 10:32 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2019-03-13 10:32 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2019-03-13 10:32 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2019-03-13 10:32 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2019-03-13 10:32 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2019-03-13 10:32 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2019-03-13 10:32 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2019-03-13 10:32 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2019-03-13 10:32 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2019-03-13 10:32 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2019-03-13 10:32 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2019-03-13 10:32 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2019-03-13 10:32 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2019-03-13 10:32 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2019-03-13 10:32 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2019-03-13 10:32 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2019-03-13 10:32 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2019-03-13 10:32 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2019-03-13 10:32 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2019-03-13 10:32 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2019-03-13 10:32 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2019-03-13 10:32 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2019-03-13 10:32 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2019-03-13 10:32 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2019-03-13 10:32 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2019-03-13 10:32 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2019-03-13 10:32 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2019-03-13 10:32 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2019-03-13 10:32 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2019-03-13 10:32 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2019-03-13 10:32 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2019-03-13 10:32 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2019-03-13 10:32 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2019-03-13 10:32 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2019-03-13 10:32 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2019-03-13 10:32 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2019-03-13 10:32 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2019-03-13 10:32 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2019-03-13 10:32 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2019-03-13 10:32 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2019-03-13 10:32 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2019-03-13 10:32 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2019-03-13 10:32 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2019-03-13 10:32 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2019-03-13 10:32 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2019-03-13 10:32 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2019-03-13 10:32 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2019-03-13 10:32 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2019-03-13 10:32 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
      2019-03-13 10:32 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2019-03-13 10:32 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
      2019-03-13 10:32 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2019-03-13 10:32 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
      2019-03-13 10:32 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2019-03-13 10:32 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
      2019-03-13 10:32 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
      2019-03-13 10:32 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
      2019-03-13 10:32 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
      2019-03-13 10:32 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
      2019-03-13 10:32 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2019-03-13 10:32 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
      2019-03-13 10:32 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
      2019-03-13 10:32 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2019-03-13 10:32 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
      2019-03-13 10:32 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2019-03-13 10:32 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
      2019-03-13 10:32 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
      2019-03-13 10:32 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
      2019-03-13 10:32 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2019-03-13 10:32 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2019-03-13 10:32 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2019-03-13 10:32 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2019-03-13 10:31 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2019-03-13 10:31 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2019-03-13 10:31 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2019-03-13 10:31 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2019-03-13 10:31 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2019-03-13 10:31 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2019-03-13 10:31 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2019-03-13 10:31 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2019-03-13 10:31 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2019-03-13 10:31 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2019-03-13 10:31 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2019-03-13 10:31 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2019-03-13 10:31 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
      2019-03-13 10:31 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
      2019-03-13 10:31 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2019-03-13 10:31 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2019-03-13 10:31 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
      2019-03-13 10:31 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2019-03-13 10:31 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2019-03-13 10:31 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2019-03-13 10:31 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2019-03-13 10:31 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
      2019-03-13 10:31 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
      2019-03-13 10:31 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
      2019-03-13 10:31 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
      2019-03-13 10:31 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
      2019-03-13 10:31 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
      2019-03-13 10:31 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2019-03-13 10:31 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
      2019-03-13 10:31 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
      2019-03-13 10:31 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2019-03-13 10:31 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
      2019-03-13 10:31 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
      2019-03-13 10:31 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
      2019-03-13 10:31 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2019-03-13 10:31 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2019-03-13 10:31 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
      2019-03-13 10:31 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
      2019-03-13 10:31 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
      2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
      2019-03-13 10:31 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
      2019-03-13 10:31 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
      2019-03-13 10:31 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
      2019-03-13 10:31 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
      2019-03-13 10:31 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
      2019-03-13 10:31 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
      2019-03-13 10:31 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2019-03-13 10:31 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2019-03-08 12:37 - 2019-03-08 12:37 - 000000000 ____H C:\Users\user\Documents\Default.rdp
      2019-03-08 12:29 - 2019-03-08 12:29 - 000001230 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
      2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
      2019-03-08 12:29 - 2019-03-08 12:29 - 000000000 ____D C:\Program Files (x86)\Comodo
      2019-03-08 12:25 - 2019-03-08 12:25 - 054376048 _____ (Comodo) C:\Users\m\Downloads\dragonsetup.exe
      2019-03-01 08:33 - 2019-03-02 13:15 - 000043520 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xls
      2019-02-28 12:42 - 2019-03-02 13:14 - 000023796 _____ C:\Users\user\Desktop\Животни родени 2018 ВАЛТА.xlsx
      2019-02-26 12:42 - 2019-02-26 12:42 - 352749717 _____ C:\Windows\MEMORY.DMP
      2019-02-26 12:42 - 2019-02-26 12:42 - 001097368 _____ C:\Windows\Minidump\022619-15984-01.dmp
      2019-02-26 12:42 - 2019-02-26 12:42 - 000000000 ____D C:\Windows\Minidump
      2019-02-25 14:15 - 2019-02-25 14:15 - 000065024 _____ C:\Users\user\Desktop\кИРО.xls
      2019-02-25 14:11 - 2019-02-25 14:11 - 000025088 _____ C:\Users\user\Desktop\ГОШО КИРОВ.xls
      2019-02-14 08:54 - 2019-01-12 04:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2019-02-14 08:54 - 2019-01-12 04:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2019-02-14 08:54 - 2019-01-01 18:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
      2019-02-14 08:54 - 2019-01-01 18:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2019-02-14 08:54 - 2019-01-01 18:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
      2019-02-14 08:54 - 2019-01-01 18:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2019-02-14 08:54 - 2019-01-01 18:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
      2019-02-14 08:54 - 2019-01-01 18:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
      2019-02-14 08:54 - 2019-01-01 17:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
      2019-02-14 08:54 - 2019-01-01 17:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
      2019-02-14 08:54 - 2019-01-01 17:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
      2019-02-14 08:54 - 2019-01-01 17:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
      2019-02-14 08:54 - 2018-12-04 18:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
      2019-02-14 08:54 - 2018-12-04 18:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
      2019-02-14 08:54 - 2018-12-04 17:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
      2019-02-14 08:54 - 2018-12-04 17:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
      2019-02-14 08:54 - 2018-12-02 18:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
      2019-02-14 08:54 - 2018-10-12 15:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
      ==================== One month (modified) ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2019-03-15 12:31 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
      2019-03-15 12:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2019-03-15 12:26 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
      2019-03-14 09:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
      2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2019-03-14 08:29 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2019-03-14 08:06 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2019-03-14 08:06 - 2009-07-14 06:45 - 000433672 _____ C:\Windows\system32\FNTCACHE.DAT
      2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ___SD C:\Windows\system32\CompatTel
      2019-03-14 08:03 - 2018-09-13 06:44 - 000000000 ____D C:\Windows\system32\appraiser
      2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
      2019-03-14 08:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
      2019-03-13 15:08 - 2018-09-17 10:26 - 000000000 ____D C:\Windows\system32\MRT
      2019-03-13 15:03 - 2018-09-11 14:54 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2019-03-13 13:08 - 2018-12-20 13:23 - 000034304 _____ C:\Users\user\Desktop\ГОВЕДА КРУШАРЕ СЕЛЯНИ.xls
      2019-03-13 12:00 - 2018-11-28 11:25 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2019-03-13 12:00 - 2018-09-13 07:33 - 000004464 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2019-03-13 12:00 - 2018-09-13 07:32 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2019-03-13 12:00 - 2018-09-13 07:32 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2019-03-13 12:00 - 2018-09-13 07:32 - 000000000 ____D C:\Windows\system32\Macromed
      2019-03-13 11:00 - 2018-09-13 14:16 - 000004452 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
      2019-03-12 12:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
      2019-03-08 12:29 - 2018-09-11 15:25 - 000000000 ____D C:\Users\m\AppData\Local\Comodo
      2019-03-08 12:20 - 2018-09-14 14:25 - 000003998 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1536927954
      2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-58d5-1
      2019-02-27 12:50 - 2018-09-11 15:40 - 000000000 ____D C:\ProgramData\c95c652a-3521-0
      2019-02-22 11:23 - 2018-09-13 13:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2019-02-15 08:29 - 2018-09-13 13:44 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2019-02-14 12:57 - 2018-09-11 15:57 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      ==================== Files in the root of some directories =======
      2018-09-13 07:27 - 2018-09-13 07:27 - 000007613 _____ () C:\Users\m\AppData\Local\Resmon.ResmonCfg
      Some files in TEMP:
      ====================
      2010-09-27 10:56 - 2010-09-27 10:56 - 000016505 _____ () C:\Users\m\AppData\Local\Temp\DelayInst.exe
      2019-03-08 12:31 - 2016-02-05 11:34 - 002043440 _____ (Comodo Security Solutions, Inc.) C:\Users\m\AppData\Local\Temp\dragon_restart_helper.exe
      2009-07-17 19:12 - 2009-07-17 19:12 - 001957206 _____ (Adobe Systems Incorporated) C:\Users\m\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
      2010-09-27 10:56 - 2010-09-27 10:56 - 000221315 _____ () C:\Users\m\AppData\Local\Temp\installservice.exe
      1999-12-20 14:04 - 1999-12-20 14:04 - 000056832 ____R () C:\Users\m\AppData\Local\Temp\mpegc.dll
      2012-10-02 02:44 - 2012-10-02 02:44 - 000178824 ____R (Microsoft Corporation) C:\Users\m\AppData\Local\Temp\ose00000.exe
      2011-03-04 11:52 - 2011-03-04 11:52 - 000056832 _____ () C:\Users\m\AppData\Local\Temp\vpnclient_setup.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\dllhost.exe => File is digitally signed
      C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2019-03-14 08:58
      ==================== End of FRST.txt ============================
      Addition.txt
    • от Devinbg
      Привет.
      Моля за съвет - Лаптопа ми е Lenovog50 с 4гб рам и се прецаках  като закупих още 4 гб рам с идеята да го подсиля с 8гб  но проблема е ,че на втория слот има прорезчета за рамта но онези "телчета" така да се изразя чрез които щраква ги няма.Не е носен никога в сервиз така е закупен.Как мога да оправя това освен да закупя цяла 8гб, имали вариант някак да се слага или аз не мога да ги сложа?
      Благодаря предварително!
       
    • от Spinder Whoey
      Здравейте, някъде Октомври месец миналата година си прецаках монитора и не искаше да показва картина (само надпис - Out of range)
      (докато играх лига сменях настройки за резолюцията, hertz-овете и стана така, че да бъгна играта и windows-a и да трябва да преинсталирам машината...
      Това го оправих.) След преинсталацията с чисто новия 1809 (първият който M$ пуснаха, този, при които се изтриваха файлове на потребители) 
      си пуснах csgo на резолюцията на която играх преди злополуката - т.е. 1280 на 800, като преди си играх на нея нормално, а сега е бъгната, 
      общо взето не scale-ва добре. Ще пратя и снимки. По принцип на самия монитор резолюцията си му е 1440x900, но в cs не играя на нея. 
      В момента съм на 1280x768, но си искам моето 1280x800, тъй като сегашната резолюция не е лоша, но картината беше по-добра с 
      допълнителните 32 пиксела, всичко изглеждаше по-добре, макар и малко...
      По принцип монитора си работи на 60 Hz, но в упътването си пише, че може да работи и на 75 Hz.
      Е, преди инцидента с лигата / смяната на настройките имах възможност да го пусна да си работи и на 75 и на 60 - сега не мога на 60. Тоест, избирам си от intel hd control панела да работи на 60 Hz, не се показва картина и след около 15 секунди си се връща на 75 Hz.
      Монитора е VA1903wb ; model - vs11654 .
      Видеокартата е вградената intel hd 630.
      Общо взето желая да оправим scaling-а и да си играя 1280x800. Моля, помогнете за решението на нелепия казус




  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване